Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
File:                     RUH1XBZZBCT7NMZeDi6sIogkcNs.mft (raw, json)
Hash identifier:          4FUoLMHm9iX7GFCYwniTKMOwyMx0OG+jnLiqVXLuiXU=
Subject key identifier:   73:A6:44:90:72:AE:34:7B:5D:03:E8:79:66:1E:E3:FD:CC:CB:90:71
Authority key identifier: 45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB
Certificate issuer:       /CN=4541f55c16590424fb34c65e0e2eac22882470db
Certificate serial:       019CAB6BE693CA5C2F8FE94B1D58AE990672
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
Manifest number:          0886
Signing time:             Sun 01 Mar 2026 22:01:41 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:41 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:41 +0000
Files and hashes:         1: RUH1XBZZBCT7NMZeDi6sIogkcNs.crl (hash: Q1qa0TNSoWj0ODRqYsaoYkFNLsGmY4UxoTMSrFEosYg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:e6:93:ca:5c:2f:8f:e9:4b:1d:58:ae:99:06:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4541f55c16590424fb34c65e0e2eac22882470db
        Validity
            Not Before: Mar  1 22:01:41 2026 GMT
            Not After : Mar  2 22:01:41 2026 GMT
        Subject: CN=73a6449072ae347b5d03e879661ee3fdcccb9071
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8c:fd:b4:4b:f1:df:4d:ea:5c:40:40:97:b3:
                    c6:e8:ad:41:c1:97:84:65:01:37:86:28:6e:34:2a:
                    ae:16:05:9d:1c:25:d4:d8:1d:fd:04:21:8f:6f:84:
                    cd:67:6b:0f:ec:f0:1b:43:7f:6e:3c:1d:35:b6:04:
                    40:7d:1c:d0:0a:71:1b:ee:6f:3b:fa:b6:0b:90:3a:
                    0a:13:de:1f:85:e8:1f:ab:ee:8f:3c:cb:b7:d9:8b:
                    82:5e:3e:ac:52:89:64:dc:1e:bf:a5:06:2f:a4:ec:
                    18:45:9f:75:3e:b6:50:f0:9e:13:8c:c9:a5:c8:2d:
                    cb:77:05:0e:8e:4d:18:bc:31:1a:73:1f:53:61:04:
                    d3:78:91:f1:da:20:ee:45:16:bf:aa:fd:96:ba:ed:
                    67:fb:36:58:2a:f1:ee:f7:7b:a7:2a:06:7a:dc:52:
                    9b:fd:ed:5c:3d:d5:79:88:9d:c7:f3:1c:9d:34:8e:
                    e0:a2:57:db:ad:03:7b:c0:4d:0b:01:bc:4a:fc:4c:
                    d7:c6:ca:15:1f:60:a4:e9:68:4a:32:fc:94:c5:fb:
                    42:87:c1:ae:80:ea:cd:99:3f:c4:dc:3e:e0:2b:06:
                    1d:a3:48:a1:87:d6:a3:83:87:d0:2f:f6:18:45:b1:
                    06:1c:80:76:01:a7:33:bc:66:b0:9a:7e:17:cc:e1:
                    e4:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:A6:44:90:72:AE:34:7B:5D:03:E8:79:66:1E:E3:FD:CC:CB:90:71
            X509v3 Authority Key Identifier:
                keyid:45:41:F5:5C:16:59:04:24:FB:34:C6:5E:0E:2E:AC:22:88:24:70:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUH1XBZZBCT7NMZeDi6sIogkcNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d3885c-6b74-43c4-8fdd-789d07c19808/1/RUH1XBZZBCT7NMZeDi6sIogkcNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:14:92:a8:5e:c9:3f:7f:0a:3b:42:05:c7:69:ac:7e:d6:16:
         ff:e8:57:96:3d:7a:d8:fe:7b:19:47:b9:81:6a:b1:98:69:4c:
         9a:f8:4c:d2:99:4f:e2:2c:4a:13:0d:e2:26:b3:50:5a:07:c1:
         64:ef:be:04:b8:60:6a:02:aa:ee:8d:71:dd:32:d4:35:46:23:
         b5:04:0b:cd:7e:ad:96:07:19:6b:d8:fa:7d:96:63:27:a1:3c:
         68:b4:05:06:72:f5:af:9f:7b:1c:17:9d:2a:f2:e3:ce:1c:e4:
         75:3c:00:d6:37:5a:ce:ce:a2:01:84:34:3a:8e:9d:ce:3b:23:
         1f:28:64:dd:7b:e7:d6:aa:87:2c:51:8e:44:0a:98:47:94:57:
         94:8d:d6:93:7f:e8:71:c6:37:76:9d:c0:6f:4c:51:41:a7:eb:
         ce:9e:73:57:8b:36:56:62:79:e3:34:c0:3d:94:d8:f1:72:ee:
         3c:2a:17:eb:cb:d0:9a:90:59:53:b9:42:fc:49:45:69:2f:08:
         ee:a5:da:a7:cb:1d:d0:3f:4a:92:a1:c9:38:55:54:c1:f6:d5:
         79:c1:0d:d8:bf:6b:66:7e:1d:2b:51:69:38:5a:a5:15:56:59:
         57:a4:09:47:14:1a:fe:d3:13:97:a6:08:22:e0:d3:20:a2:52:
         1e:f1:11:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra+aTylwvj+lLHViumQZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDFmNTVjMTY1OTA0MjRmYjM0YzY1ZTBlMmVhYzIyODgy
NDcwZGIwHhcNMjYwMzAxMjIwMTQxWhcNMjYwMzAyMjIwMTQxWjAzMTEwLwYDVQQD
Eyg3M2E2NDQ5MDcyYWUzNDdiNWQwM2U4Nzk2NjFlZTNmZGNjY2I5MDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYz9tEvx303qXEBAl7PG6K1BwZeE
ZQE3hihuNCquFgWdHCXU2B39BCGPb4TNZ2sP7PAbQ39uPB01tgRAfRzQCnEb7m87
+rYLkDoKE94fhegfq+6PPMu32YuCXj6sUolk3B6/pQYvpOwYRZ91PrZQ8J4TjMml
yC3LdwUOjk0YvDEacx9TYQTTeJHx2iDuRRa/qv2Wuu1n+zZYKvHu93unKgZ63FKb
/e1cPdV5iJ3H8xydNI7golfbrQN7wE0LAbxK/EzXxsoVH2Ck6WhKMvyUxftCh8Gu
gOrNmT/E3D7gKwYdo0ihh9ajg4fQL/YYRbEGHIB2AaczvGawmn4XzOHkpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOmRJByrjR7XQPoeWYe4/3My5BxMB8GA1UdIwQY
MBaAFEVB9VwWWQQk+zTGXg4urCKIJHDbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQt
Nzg5ZDA3YzE5ODA4LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kMzg4NWMtNmI3NC00M2M0LThmZGQtNzg5ZDA3YzE5ODA4
LzEvUlVIMVhCWlpCQ1Q3Tk1aZURpNnNJb2drY05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlhSSqF7J
P38KO0IFx2msftYW/+hXlj162P57GUe5gWqxmGlMmvhM0plP4ixKEw3iJrNQWgfB
ZO++BLhgagKq7o1x3TLUNUYjtQQLzX6tlgcZa9j6fZZjJ6E8aLQFBnL1r597HBed
KvLjzhzkdTwA1jdazs6iAYQ0Oo6dzjsjHyhk3Xvn1qqHLFGORAqYR5RXlI3Wk3/o
ccY3dp3Ab0xRQafrzp5zV4s2VmJ54zTAPZTY8XLuPCoX68vQmpBZU7lC/ElFaS8I
7qXap8sd0D9KkqHJOFVUwfbVecEN2L9rZn4dK1FpOFqlFVZZV6QJRxQa/tMTl6YI
IuDTIKJSHvERew==
-----END CERTIFICATE-----