Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
File:                     tU0YlEyigIUFOR3pf6nWsrxhiZo.mft (raw, json)
Hash identifier:          4gWEC1qGij4VniCx8kj0qb7Yh1dOosJHjN5SJaukjfQ=
Subject key identifier:   DE:29:E8:E9:34:AA:A5:9F:3C:59:FE:54:73:A1:31:5F:0C:02:D1:67
Authority key identifier: B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A
Certificate issuer:       /CN=b54d18944ca2808505391de97fa9d6b2bc61899a
Certificate serial:       019CAB6B1AE23A26DF2806874856CFF87722
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
Manifest number:          12E3
Signing time:             Sun 01 Mar 2026 22:00:48 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:48 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:48 +0000
Files and hashes:         1: tU0YlEyigIUFOR3pf6nWsrxhiZo.crl (hash: NIKrN+mu0jXwDSdy5FnwuW8b6vA6Z5yXrVL/IlfHMjk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:1a:e2:3a:26:df:28:06:87:48:56:cf:f8:77:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b54d18944ca2808505391de97fa9d6b2bc61899a
        Validity
            Not Before: Mar  1 22:00:48 2026 GMT
            Not After : Mar  2 22:00:48 2026 GMT
        Subject: CN=de29e8e934aaa59f3c59fe5473a1315f0c02d167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5d:d8:7d:73:89:e8:4d:ca:56:cd:15:f3:8c:
                    8e:12:b2:c4:52:36:35:17:4c:d1:ea:b0:27:2f:68:
                    54:23:4a:76:d2:75:c6:41:e2:4d:13:8a:1c:8b:a0:
                    1c:85:2a:29:31:78:7e:9c:8b:2c:54:de:fc:6f:82:
                    e7:9f:c5:47:91:ea:ae:15:bd:2f:19:3d:c0:a4:29:
                    76:4b:8e:29:59:04:43:58:21:52:5c:23:1b:3f:3d:
                    33:02:e8:68:7b:bd:db:d1:8a:55:6d:37:38:17:5a:
                    77:8d:46:67:e9:70:af:97:a4:79:dc:a2:ae:5b:f8:
                    00:b5:58:19:c6:6d:4b:17:bd:66:46:98:8b:d8:26:
                    0e:03:26:70:77:c5:6e:a7:ea:f6:a2:b1:24:85:55:
                    d6:4a:0e:30:b3:44:ad:a0:61:80:48:33:8c:d2:b7:
                    dc:0a:b2:41:74:c5:86:cf:ef:bf:65:eb:c1:7c:45:
                    00:a7:9d:15:4d:53:58:d0:32:dd:ef:2e:08:ad:72:
                    5c:b9:27:ce:32:81:7c:db:4e:de:f0:dc:bd:20:40:
                    b3:18:fd:0f:33:a8:98:bf:9c:54:ea:38:f5:19:b3:
                    0f:0d:52:27:c1:46:ee:a1:39:b0:9c:53:ca:a4:c5:
                    aa:bb:ee:d0:c5:c2:20:1a:92:d5:91:53:00:6c:fe:
                    94:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:29:E8:E9:34:AA:A5:9F:3C:59:FE:54:73:A1:31:5F:0C:02:D1:67
            X509v3 Authority Key Identifier:
                keyid:B5:4D:18:94:4C:A2:80:85:05:39:1D:E9:7F:A9:D6:B2:BC:61:89:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU0YlEyigIUFOR3pf6nWsrxhiZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1c2984-fd83-41ba-b1dc-f683b9681d61/1/tU0YlEyigIUFOR3pf6nWsrxhiZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:48:ec:31:15:8f:15:a0:0c:e5:13:f9:0b:b0:1a:55:c5:c5:
         f3:f3:a6:a3:7a:b9:95:88:21:d7:34:1f:b8:7c:62:1a:ec:c6:
         af:b5:15:e3:2a:cc:ec:dd:03:90:b6:e6:1d:5a:29:95:b3:50:
         46:b6:12:59:5e:44:97:3c:9b:ba:fd:af:56:39:b7:c4:12:1b:
         36:ee:e5:d3:fa:ed:20:8b:89:8c:f7:19:fe:65:c0:46:31:a4:
         57:37:9a:25:f5:4d:3b:6f:ef:18:26:7a:1a:9e:0b:69:da:ec:
         b5:b2:e2:47:98:9f:90:8b:ce:51:67:4b:87:f7:9a:20:46:30:
         16:d5:6c:56:34:9f:e7:f6:f1:d3:97:63:5b:e7:ae:f4:32:02:
         30:fe:cf:61:03:cb:b4:cf:86:6e:a2:93:35:d4:81:7f:27:15:
         3a:ec:d3:1c:37:bb:df:d0:0a:9d:1f:9e:7e:81:39:ef:00:0a:
         d7:1b:95:86:17:86:a1:6c:08:f7:42:d0:cd:a9:33:4f:93:fd:
         b7:fe:2c:77:3f:63:6d:32:74:76:16:df:d9:60:af:21:69:2f:
         e4:63:4f:b0:7e:1b:eb:8f:e1:76:20:2a:0b:31:8b:88:48:18:
         7a:22:b1:3d:06:4a:2c:1c:d3:89:b6:41:09:82:da:6f:f0:04:
         82:3e:9d:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraxriOibfKAaHSFbP+HciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NGQxODk0NGNhMjgwODUwNTM5MWRlOTdmYTlkNmIyYmM2
MTg5OWEwHhcNMjYwMzAxMjIwMDQ4WhcNMjYwMzAyMjIwMDQ4WjAzMTEwLwYDVQQD
EyhkZTI5ZThlOTM0YWFhNTlmM2M1OWZlNTQ3M2ExMzE1ZjBjMDJkMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF3YfXOJ6E3KVs0V84yOErLEUjY1
F0zR6rAnL2hUI0p20nXGQeJNE4oci6AchSopMXh+nIssVN78b4Lnn8VHkequFb0v
GT3ApCl2S44pWQRDWCFSXCMbPz0zAuhoe73b0YpVbTc4F1p3jUZn6XCvl6R53KKu
W/gAtVgZxm1LF71mRpiL2CYOAyZwd8Vup+r2orEkhVXWSg4ws0StoGGASDOM0rfc
CrJBdMWGz++/ZevBfEUAp50VTVNY0DLd7y4IrXJcuSfOMoF8207e8Ny9IECzGP0P
M6iYv5xU6jj1GbMPDVInwUbuoTmwnFPKpMWqu+7QxcIgGpLVkVMAbP6U1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4p6Ok0qqWfPFn+VHOhMV8MAtFnMB8GA1UdIwQY
MBaAFLVNGJRMooCFBTkd6X+p1rK8YYmaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMt
ZjY4M2I5NjgxZDYxLzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xYzI5ODQtZmQ4My00MWJhLWIxZGMtZjY4M2I5NjgxZDYx
LzEvdFUwWWxFeWlnSVVGT1IzcGY2bldzcnhoaVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckjsMRWP
FaAM5RP5C7AaVcXF8/Omo3q5lYgh1zQfuHxiGuzGr7UV4yrM7N0DkLbmHVoplbNQ
RrYSWV5Elzybuv2vVjm3xBIbNu7l0/rtIIuJjPcZ/mXARjGkVzeaJfVNO2/vGCZ6
Gp4LadrstbLiR5ifkIvOUWdLh/eaIEYwFtVsVjSf5/bx05djW+eu9DICMP7PYQPL
tM+GbqKTNdSBfycVOuzTHDe739AKnR+efoE57wAK1xuVhheGoWwI90LQzakzT5P9
t/4sdz9jbTJ0dhbf2WCvIWkv5GNPsH4b64/hdiAqCzGLiEgYeiKxPQZKLBzTibZB
CYLab/AEgj6dkw==
-----END CERTIFICATE-----