Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
File:                     uVZnsVy6fKp0FSdIRHOE--A7iTo.mft (raw, json)
Hash identifier:          lxrW+qURUxyK4MEyNUUYymyfWcG3l7+ZS9nXmO8J698=
Subject key identifier:   5F:D8:8D:F0:13:88:FD:21:B1:D5:9C:AA:34:E3:F0:6F:1B:0E:07:3D
Authority key identifier: B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A
Certificate issuer:       /CN=b95667b15cba7caa74152748447384fbe03b893a
Certificate serial:       019DA29C87E4DA5DCADD607CC3311C07865E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
Manifest number:          0B77
Signing time:             Sat 18 Apr 2026 22:01:00 +0000
Manifest this update:     Sat 18 Apr 2026 22:01:00 +0000
Manifest next update:     Sun 19 Apr 2026 22:01:00 +0000
Files and hashes:         1: uVZnsVy6fKp0FSdIRHOE--A7iTo.crl (hash: cqkjYzV0iIVvGYZYX/u+mbq+pEauzFEqVWcB1ieMe0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 Apr 2026 22:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a2:9c:87:e4:da:5d:ca:dd:60:7c:c3:31:1c:07:86:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b95667b15cba7caa74152748447384fbe03b893a
        Validity
            Not Before: Apr 18 22:01:00 2026 GMT
            Not After : Apr 19 22:01:00 2026 GMT
        Subject: CN=5fd88df01388fd21b1d59caa34e3f06f1b0e073d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:34:55:cd:ac:98:8b:6a:ee:ae:8f:10:13:b5:
                    69:4f:54:a5:41:50:da:61:d0:04:31:10:aa:5b:39:
                    ab:1f:40:0a:84:f5:a3:88:95:37:5f:3e:3e:cd:48:
                    c7:e1:eb:8b:43:e4:88:b4:5e:cb:59:54:18:fe:b5:
                    f1:59:df:0f:d0:78:89:df:94:91:d8:c6:9d:b9:4d:
                    0f:09:54:c2:67:6e:68:df:ec:5e:c5:6f:b4:03:9b:
                    9e:53:46:63:e1:ea:2e:da:48:cb:82:b8:fd:ae:57:
                    7b:ee:e9:c3:a7:3e:51:c1:41:dd:54:13:41:7e:d0:
                    58:b1:20:44:86:e4:72:4c:ab:78:79:51:91:24:2f:
                    84:b3:14:fd:ac:ac:76:72:5b:bb:9a:70:89:be:99:
                    9e:ec:cf:6a:57:53:9e:69:ce:1b:d0:9a:e5:a3:fb:
                    4a:d9:5a:f3:79:b2:1f:6b:22:e0:3d:18:e7:db:f0:
                    fb:25:2d:e3:1b:ad:50:02:ac:4c:c6:74:d2:d7:5f:
                    fa:a5:66:8d:66:f7:62:ed:bf:2e:c7:eb:2c:f2:f3:
                    63:f7:ac:36:a2:da:79:a5:1b:1e:f2:99:58:7b:40:
                    0f:a6:23:6d:ff:12:7d:d1:02:3e:61:c7:91:6b:69:
                    0b:d5:30:aa:e6:a1:23:7e:1d:3b:f3:6d:43:36:b2:
                    4f:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:D8:8D:F0:13:88:FD:21:B1:D5:9C:AA:34:E3:F0:6F:1B:0E:07:3D
            X509v3 Authority Key Identifier:
                keyid:B9:56:67:B1:5C:BA:7C:AA:74:15:27:48:44:73:84:FB:E0:3B:89:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uVZnsVy6fKp0FSdIRHOE--A7iTo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/540c03-ba83-4971-8981-744dcd014fa4/1/uVZnsVy6fKp0FSdIRHOE--A7iTo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fa:31:67:f4:80:02:06:d5:b2:5e:cc:01:e9:3d:77:9e:39:
         03:d2:56:6a:26:ac:d4:5e:71:83:b1:bd:79:6f:a5:c2:f0:4d:
         32:ee:8e:d7:f8:57:fd:dc:b4:d1:a8:75:22:51:e7:8a:70:1e:
         63:2c:ef:76:c4:58:59:bc:33:f6:09:2f:15:c1:36:83:4c:60:
         6a:c4:3e:5f:dd:e1:65:3a:42:e3:28:27:07:fe:65:7a:80:6e:
         ac:c1:75:ef:a0:dd:56:ff:5e:ec:d8:3a:15:66:6f:cc:6d:0a:
         37:82:5c:fd:7e:5d:cd:19:9d:b4:43:7c:01:ea:75:2e:e0:28:
         a1:0e:cc:5a:e5:da:ef:15:0f:6e:50:55:62:f8:99:c7:b6:60:
         7e:70:1e:b2:e9:e1:68:6f:70:4d:89:0f:fa:16:2c:eb:f9:6e:
         49:78:9e:a8:fd:2b:f2:9b:90:66:be:4c:81:93:4f:db:03:50:
         7a:6f:f2:3b:57:29:ec:ba:82:ca:41:3f:f7:a0:09:2e:5e:d3:
         8f:73:9d:aa:78:b3:d8:94:35:87:06:a5:0b:eb:05:5f:b8:e3:
         c4:b2:cf:4d:f0:94:b8:c8:23:40:84:9a:79:30:74:3f:79:95:
         ef:49:0f:33:56:85:e8:db:15:d1:e6:1c:41:7b:2d:df:2a:a1:
         67:f2:4c:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2inIfk2l3K3WB8wzEcB4ZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NTY2N2IxNWNiYTdjYWE3NDE1Mjc0ODQ0NzM4NGZiZTAz
Yjg5M2EwHhcNMjYwNDE4MjIwMTAwWhcNMjYwNDE5MjIwMTAwWjAzMTEwLwYDVQQD
Eyg1ZmQ4OGRmMDEzODhmZDIxYjFkNTljYWEzNGUzZjA2ZjFiMGUwNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TRVzayYi2ruro8QE7VpT1SlQVDa
YdAEMRCqWzmrH0AKhPWjiJU3Xz4+zUjH4euLQ+SItF7LWVQY/rXxWd8P0HiJ35SR
2MaduU0PCVTCZ25o3+xexW+0A5ueU0Zj4eou2kjLgrj9rld77unDpz5RwUHdVBNB
ftBYsSBEhuRyTKt4eVGRJC+EsxT9rKx2clu7mnCJvpme7M9qV1Oeac4b0Jrlo/tK
2VrzebIfayLgPRjn2/D7JS3jG61QAqxMxnTS11/6pWaNZvdi7b8ux+ss8vNj96w2
otp5pRse8plYe0APpiNt/xJ90QI+YceRa2kL1TCq5qEjfh07821DNrJPPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/YjfATiP0hsdWcqjTj8G8bDgc9MB8GA1UdIwQY
MBaAFLlWZ7FcunyqdBUnSERzhPvgO4k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEt
NzQ0ZGNkMDE0ZmE0LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC81NDBjMDMtYmE4My00OTcxLTg5ODEtNzQ0ZGNkMDE0ZmE0
LzEvdVZabnNWeTZmS3AwRlNkSVJIT0UtLUE3aVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivoxZ/SA
AgbVsl7MAek9d545A9JWaias1F5xg7G9eW+lwvBNMu6O1/hX/dy00ah1IlHninAe
YyzvdsRYWbwz9gkvFcE2g0xgasQ+X93hZTpC4ygnB/5leoBurMF176DdVv9e7Ng6
FWZvzG0KN4Jc/X5dzRmdtEN8Aep1LuAooQ7MWuXa7xUPblBVYviZx7ZgfnAesunh
aG9wTYkP+hYs6/luSXieqP0r8puQZr5MgZNP2wNQem/yO1cp7LqCykE/96AJLl7T
j3Odqniz2JQ1hwalC+sFX7jjxLLPTfCUuMgjQISaeTB0P3mV70kPM1aF6NsV0eYc
QXst3yqhZ/JM5g==
-----END CERTIFICATE-----