Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          fhsN5vjdxFA/NhxX53/zgsVDBkYQ+wkVklfVbzBQHOw=
Subject key identifier:   2D:C7:E7:C3:86:3A:6A:A2:D5:5F:BA:87:46:19:E7:61:72:46:09:14
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019CABA1E8F6E84537DD04E5B02CCFA518B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1846
Signing time:             Sun 01 Mar 2026 23:00:40 +0000
Manifest this update:     Sun 01 Mar 2026 23:00:40 +0000
Manifest next update:     Mon 02 Mar 2026 23:00:40 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: Zy21PhmJeXe+DDp6i1WVxqvy0VQ1d+JS+m8PvcGfvwQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 23:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:a1:e8:f6:e8:45:37:dd:04:e5:b0:2c:cf:a5:18:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Mar  1 23:00:40 2026 GMT
            Not After : Mar  2 23:00:40 2026 GMT
        Subject: CN=2dc7e7c3863a6aa2d55fba874619e76172460914
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:8f:6c:c3:05:32:81:1c:12:00:e8:e2:2a:16:
                    c4:ff:56:e7:0a:14:5a:05:b8:1c:58:7c:93:f7:d4:
                    f6:97:c2:48:df:3d:79:2d:88:5d:7f:02:f3:9c:67:
                    5e:f2:f5:3c:2f:2b:9b:f7:0d:2d:07:05:06:20:df:
                    25:e9:9f:7a:e3:0a:55:d1:71:dd:2c:bd:e2:a1:91:
                    a0:d4:eb:23:79:bd:17:06:f6:fc:b3:0c:0c:1b:f6:
                    44:c9:62:ea:26:ae:5e:f8:8c:86:fe:f2:f9:63:1b:
                    fb:75:25:8e:f6:a6:86:19:84:65:12:2e:35:48:aa:
                    a1:73:34:6e:60:16:25:5b:41:ed:59:b3:95:d7:b9:
                    f2:d3:b9:cd:92:39:c5:78:07:15:5d:88:0b:98:94:
                    28:6f:f0:9e:b7:b2:dd:fa:fb:79:e5:de:72:0a:9a:
                    81:e5:a8:e0:c6:cd:f1:5e:40:d1:40:ed:9c:0f:0c:
                    6f:62:cb:e3:4b:62:13:1b:2a:b9:5c:6c:e8:29:4d:
                    ac:9b:17:37:26:9d:fb:a2:92:cf:28:cf:a0:52:5d:
                    41:f1:9c:05:f3:36:53:fb:0e:78:dc:ab:b4:fa:ef:
                    36:3f:75:ec:83:f1:a9:0c:c1:29:60:2e:78:9b:43:
                    14:47:9e:34:ae:48:94:7e:60:bb:20:2b:32:4f:ac:
                    8e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:C7:E7:C3:86:3A:6A:A2:D5:5F:BA:87:46:19:E7:61:72:46:09:14
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:89:70:c7:17:71:91:49:62:4a:51:50:da:88:67:02:be:ca:
         11:8b:74:13:65:43:80:b0:d1:fb:6a:1a:2e:94:e7:99:e1:20:
         25:f4:0f:62:cb:c3:6d:16:c9:e8:96:7b:9d:eb:56:67:62:97:
         ff:b1:6f:cc:f6:c9:f3:45:78:17:f3:12:ab:6a:f2:fc:21:58:
         d3:9d:79:26:47:67:6e:96:62:2b:d2:e4:b3:e9:fb:96:9a:f7:
         32:47:56:b5:05:fc:f3:f6:74:41:6e:cc:af:17:42:42:64:1c:
         1e:34:8b:ae:1c:81:e5:0d:db:36:83:3f:07:c8:3e:e3:13:74:
         20:7c:3c:4f:fc:a2:82:98:ed:36:f8:82:57:53:36:7b:67:09:
         18:45:17:9e:6f:6d:da:94:bf:cb:1f:82:ec:a3:96:dd:63:32:
         2d:95:7e:30:97:91:86:05:b3:57:72:49:42:88:52:f4:34:1b:
         7a:be:9f:12:71:23:b6:73:b5:49:28:7a:c1:b0:46:89:89:d4:
         2b:17:04:a3:38:33:ba:21:0a:1b:70:e2:d3:82:e1:ce:2a:c0:
         05:ec:1a:cb:60:fa:a9:00:4d:05:dc:bf:ea:16:61:36:22:68:
         1d:a0:0e:c3:25:50:84:ab:39:3e:a5:39:64:5b:5f:ee:b0:fe:
         d6:57:61:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyroej26EU33QTlsCzPpRiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjYwMzAxMjMwMDQwWhcNMjYwMzAyMjMwMDQwWjAzMTEwLwYDVQQD
EygyZGM3ZTdjMzg2M2E2YWEyZDU1ZmJhODc0NjE5ZTc2MTcyNDYwOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn49swwUygRwSAOjiKhbE/1bnChRa
BbgcWHyT99T2l8JI3z15LYhdfwLznGde8vU8Lyub9w0tBwUGIN8l6Z964wpV0XHd
LL3ioZGg1Osjeb0XBvb8swwMG/ZEyWLqJq5e+IyG/vL5Yxv7dSWO9qaGGYRlEi41
SKqhczRuYBYlW0HtWbOV17ny07nNkjnFeAcVXYgLmJQob/Cet7Ld+vt55d5yCpqB
5ajgxs3xXkDRQO2cDwxvYsvjS2ITGyq5XGzoKU2smxc3Jp37opLPKM+gUl1B8ZwF
8zZT+w543Ku0+u82P3Xsg/GpDMEpYC54m0MUR540rkiUfmC7ICsyT6yOAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3H58OGOmqi1V+6h0YZ52FyRgkUMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYlwxxdx
kUliSlFQ2ohnAr7KEYt0E2VDgLDR+2oaLpTnmeEgJfQPYsvDbRbJ6JZ7netWZ2KX
/7FvzPbJ80V4F/MSq2ry/CFY0515JkdnbpZiK9Lks+n7lpr3MkdWtQX88/Z0QW7M
rxdCQmQcHjSLrhyB5Q3bNoM/B8g+4xN0IHw8T/yigpjtNviCV1M2e2cJGEUXnm9t
2pS/yx+C7KOW3WMyLZV+MJeRhgWzV3JJQohS9DQber6fEnEjtnO1SSh6wbBGiYnU
KxcEozgzuiEKG3Di04LhzirABeway2D6qQBNBdy/6hZhNiJoHaAOwyVQhKs5PqU5
ZFtf7rD+1ldh6w==
-----END CERTIFICATE-----