Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          vo45DwU1odkEp9D2dcxrIdD7CWwjqPBweb1AiyAG+YY=
Subject key identifier:   9B:FC:56:0A:85:1C:89:86:0F:13:CC:6F:7E:78:93:7F:C5:16:FC:B9
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       019CA97C66BE9061FA751B6731EE176A9E78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          0AF6
Signing time:             Sun 01 Mar 2026 13:00:28 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:28 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:28 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: +hjlgrlooSUKJ1pk4B1lNDQ0yFra/CWtFPslAOMqfn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:66:be:90:61:fa:75:1b:67:31:ee:17:6a:9e:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: Mar  1 13:00:28 2026 GMT
            Not After : Mar  2 13:00:28 2026 GMT
        Subject: CN=9bfc560a851c89860f13cc6f7e78937fc516fcb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8f:99:c0:83:97:d1:82:c3:e5:b2:c6:db:93:
                    f1:2e:27:9b:05:2f:8d:01:c6:ad:d3:96:4b:2d:7f:
                    c0:d8:6b:dd:c9:0e:22:cf:89:65:80:91:07:6d:c1:
                    4e:f6:1b:c5:8e:4b:97:ae:6f:13:e4:76:2e:3d:0a:
                    58:e9:be:c3:99:5f:ba:42:18:1b:e0:e3:59:3f:3b:
                    0b:f7:6a:f3:21:e1:81:c2:8c:c0:a3:ef:00:d2:be:
                    e7:18:9d:b7:3a:ea:86:9c:d5:2f:f2:47:b0:11:53:
                    ce:1e:74:e9:b9:41:0f:16:a6:b2:b6:b8:06:58:84:
                    aa:ec:37:8e:3a:f4:a8:da:ea:cd:77:c9:57:1c:20:
                    63:d1:79:f5:11:4a:80:8e:6f:8f:57:d8:c3:67:ad:
                    d9:7c:54:ba:26:f5:ba:ae:cd:25:30:09:92:1f:c6:
                    f2:b5:f4:d0:81:a3:f4:26:8b:4a:b3:3f:c5:ad:da:
                    ca:33:5c:f0:08:ad:4d:5d:d7:76:3f:7f:50:06:30:
                    9d:2f:0a:0b:61:d3:58:25:19:c8:3b:6f:10:5a:39:
                    76:97:a9:31:cf:0f:3d:be:45:27:ed:fc:90:23:05:
                    e5:0f:14:bb:3b:0e:00:d0:97:1e:48:b3:c6:ca:f4:
                    a8:7c:50:1e:03:43:5f:80:ad:7f:0d:3c:fe:c4:7e:
                    9a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:FC:56:0A:85:1C:89:86:0F:13:CC:6F:7E:78:93:7F:C5:16:FC:B9
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:69:f2:da:c6:49:25:74:b7:35:d8:6e:09:cf:84:39:86:45:
         43:8c:70:f5:80:c4:36:4d:60:70:05:16:28:35:42:cc:8f:8e:
         27:a7:ad:8b:2d:72:4d:c4:ea:de:6f:74:67:57:ce:db:31:85:
         fc:d1:c3:df:a4:ad:df:f4:40:9a:f1:97:53:fe:3a:e8:05:80:
         07:71:dc:91:50:d7:2f:ef:f7:86:29:aa:ea:b4:04:3d:04:60:
         af:72:20:62:dc:42:7d:79:0f:d4:4d:96:6a:7f:d4:9d:2f:8e:
         27:31:bb:c6:fa:55:d2:5f:05:f5:99:8f:85:53:61:fc:10:70:
         f1:a9:2d:86:6c:3b:e1:ea:38:01:6f:e4:b0:9a:4a:72:3e:b8:
         91:ea:e2:91:53:3c:34:53:71:37:5b:ad:cf:6f:58:5e:a2:7b:
         28:04:f4:ad:5c:c6:8c:43:52:bf:be:20:a9:2e:31:41:b2:29:
         95:f1:89:b2:cc:e8:ff:11:56:25:5c:c3:32:6e:5f:53:0c:d2:
         57:c5:36:a5:84:5d:10:38:f7:1c:0d:2e:a0:4f:10:78:bb:07:
         4d:ef:05:a7:a1:a4:53:08:ac:a5:ae:57:87:ab:f0:c3:06:88:
         a1:59:af:88:0e:0e:eb:72:45:45:dd:73:81:df:9f:32:73:e6:
         5f:ab:7c:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfGa+kGH6dRtnMe4Xap54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjYwMzAxMTMwMDI4WhcNMjYwMzAyMTMwMDI4WjAzMTEwLwYDVQQD
Eyg5YmZjNTYwYTg1MWM4OTg2MGYxM2NjNmY3ZTc4OTM3ZmM1MTZmY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI+ZwIOX0YLD5bLG25PxLiebBS+N
Acat05ZLLX/A2GvdyQ4iz4llgJEHbcFO9hvFjkuXrm8T5HYuPQpY6b7DmV+6Qhgb
4ONZPzsL92rzIeGBwozAo+8A0r7nGJ23OuqGnNUv8kewEVPOHnTpuUEPFqaytrgG
WISq7DeOOvSo2urNd8lXHCBj0Xn1EUqAjm+PV9jDZ63ZfFS6JvW6rs0lMAmSH8by
tfTQgaP0JotKsz/FrdrKM1zwCK1NXdd2P39QBjCdLwoLYdNYJRnIO28QWjl2l6kx
zw89vkUn7fyQIwXlDxS7Ow4A0JceSLPGyvSofFAeA0NfgK1/DTz+xH6aVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJv8VgqFHImGDxPMb354k3/FFvy5MB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABmny2sZJ
JXS3NdhuCc+EOYZFQ4xw9YDENk1gcAUWKDVCzI+OJ6etiy1yTcTq3m90Z1fO2zGF
/NHD36St3/RAmvGXU/466AWAB3HckVDXL+/3himq6rQEPQRgr3IgYtxCfXkP1E2W
an/UnS+OJzG7xvpV0l8F9ZmPhVNh/BBw8akthmw74eo4AW/ksJpKcj64kerikVM8
NFNxN1utz29YXqJ7KAT0rVzGjENSv74gqS4xQbIplfGJsszo/xFWJVzDMm5fUwzS
V8U2pYRdEDj3HA0uoE8QeLsHTe8Fp6GkUwispa5Xh6vwwwaIoVmviA4O63JFRd1z
gd+fMnPmX6t8Jg==
-----END CERTIFICATE-----