Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft
File:                     U-r4Oizdyf0L4onM-vMrMjMEz04.mft (raw, json)
Hash identifier:          nhWCCMO0uJfruxQpmKHXXpePqiycdw/EEkyQ1GGVD3c=
Subject key identifier:   DA:24:60:53:0A:4B:30:95:91:C8:95:A9:B4:16:75:8B:F9:FB:3B:80
Authority key identifier: 53:EA:F8:3A:2C:DD:C9:FD:0B:E2:89:CC:FA:F3:2B:32:33:04:CF:4E
Certificate issuer:       /CN=53eaf83a2cddc9fd0be289ccfaf32b323304cf4e
Certificate serial:       019CAA21B04785824EAC7EA59F431708E40B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U-r4Oizdyf0L4onM-vMrMjMEz04.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft
Manifest number:          0F13
Signing time:             Sun 01 Mar 2026 16:01:00 +0000
Manifest this update:     Sun 01 Mar 2026 16:01:00 +0000
Manifest next update:     Mon 02 Mar 2026 16:01:00 +0000
Files and hashes:         1: U-r4Oizdyf0L4onM-vMrMjMEz04.crl (hash: rWQo5XHPSJezT1pCfXIZNr9lo4VLSB4BVSaHZS5O15E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U-r4Oizdyf0L4onM-vMrMjMEz04.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:b0:47:85:82:4e:ac:7e:a5:9f:43:17:08:e4:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53eaf83a2cddc9fd0be289ccfaf32b323304cf4e
        Validity
            Not Before: Mar  1 16:01:00 2026 GMT
            Not After : Mar  2 16:01:00 2026 GMT
        Subject: CN=da2460530a4b309591c895a9b416758bf9fb3b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:a3:8f:ff:0e:43:cb:b9:7b:44:ab:22:f0:01:
                    22:c8:e1:88:55:50:cf:e0:9f:c8:56:9f:79:29:d1:
                    61:5b:34:41:56:86:d3:ad:15:37:c3:1a:d9:77:1f:
                    6f:19:fb:68:ad:f1:8f:b2:b1:1e:99:33:7b:7e:47:
                    55:07:e7:8b:99:eb:0d:bb:7c:db:21:3c:d5:ee:59:
                    17:10:ce:57:4d:75:b3:3e:51:28:a0:9d:61:44:ef:
                    ab:20:e8:e5:e4:10:84:86:f9:0d:73:0d:92:13:24:
                    c0:4b:de:e6:aa:b9:3b:f7:6d:c0:fc:97:e2:3a:18:
                    8f:14:a3:90:ae:66:f2:5f:f4:86:4c:61:4e:04:12:
                    79:e6:5f:5e:7f:5a:b1:b3:90:f1:b0:81:cf:24:69:
                    2a:4e:d0:f0:ca:0e:78:81:a2:ba:e1:a1:87:60:31:
                    f3:30:ac:92:e0:2b:ab:a3:c6:94:98:e1:bb:df:94:
                    19:dd:76:23:94:0f:05:1b:73:36:16:95:0d:ac:45:
                    8e:07:5f:73:a5:78:a4:cb:cf:c1:85:78:ac:f0:54:
                    28:ea:b6:2c:e4:f2:60:e2:70:3d:46:c8:6a:e5:0f:
                    63:25:c4:d5:70:50:0c:5d:74:a5:e2:e0:c9:e5:60:
                    dd:46:d6:3d:d3:17:44:94:02:44:d4:a8:bd:2f:b9:
                    65:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:24:60:53:0A:4B:30:95:91:C8:95:A9:B4:16:75:8B:F9:FB:3B:80
            X509v3 Authority Key Identifier:
                keyid:53:EA:F8:3A:2C:DD:C9:FD:0B:E2:89:CC:FA:F3:2B:32:33:04:CF:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U-r4Oizdyf0L4onM-vMrMjMEz04.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2c3038-9c45-43e8-b69f-b84cff188f55/1/U-r4Oizdyf0L4onM-vMrMjMEz04.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:ad:40:b1:df:c0:43:6a:ab:75:0f:7f:ba:5d:c4:32:86:ca:
         1e:3b:62:19:d4:bb:ce:21:33:55:36:59:4b:e1:f0:de:2a:d0:
         82:55:87:ba:66:24:50:e5:42:f8:b0:07:55:00:bf:9f:1a:4d:
         2c:98:e4:55:58:00:ee:82:dd:93:5e:db:0f:03:88:c8:e1:c7:
         53:c2:16:f8:73:6e:77:fe:d6:6b:ee:a6:ea:59:3c:f2:86:fc:
         4f:12:cf:d7:cf:bf:5a:d8:20:15:dc:db:f1:85:4d:81:46:cb:
         4d:08:d9:b7:7a:49:c9:9f:99:e3:70:cb:d8:cf:66:2b:a8:96:
         0e:a4:b4:c4:03:9c:f1:04:61:6c:f8:ff:16:af:2a:27:5a:d7:
         2b:ec:d9:a7:30:82:9b:ec:8c:75:28:30:c9:cb:1c:fe:88:12:
         a3:94:2e:d5:b5:36:24:83:52:d1:4a:80:be:12:11:20:bf:15:
         14:62:cd:33:1a:22:0e:22:b0:79:b2:4b:8a:aa:9f:46:c3:32:
         48:f9:48:52:4f:71:7d:b2:87:28:60:b7:3c:b6:0e:17:6b:7d:
         d1:bd:a9:f8:88:8b:f3:ca:71:35:63:bd:75:25:b4:f2:26:05:
         bb:98:6f:c7:14:d6:84:ac:09:6f:b2:6c:5e:59:0c:b1:e8:34:
         5c:58:94:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIbBHhYJOrH6ln0MXCOQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZWFmODNhMmNkZGM5ZmQwYmUyODljY2ZhZjMyYjMyMzMw
NGNmNGUwHhcNMjYwMzAxMTYwMTAwWhcNMjYwMzAyMTYwMTAwWjAzMTEwLwYDVQQD
EyhkYTI0NjA1MzBhNGIzMDk1OTFjODk1YTliNDE2NzU4YmY5ZmIzYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6OP/w5Dy7l7RKsi8AEiyOGIVVDP
4J/IVp95KdFhWzRBVobTrRU3wxrZdx9vGftorfGPsrEemTN7fkdVB+eLmesNu3zb
ITzV7lkXEM5XTXWzPlEooJ1hRO+rIOjl5BCEhvkNcw2SEyTAS97mqrk7923A/Jfi
OhiPFKOQrmbyX/SGTGFOBBJ55l9ef1qxs5DxsIHPJGkqTtDwyg54gaK64aGHYDHz
MKyS4Curo8aUmOG735QZ3XYjlA8FG3M2FpUNrEWOB19zpXiky8/BhXis8FQo6rYs
5PJg4nA9Rshq5Q9jJcTVcFAMXXSl4uDJ5WDdRtY90xdElAJE1Ki9L7llSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNokYFMKSzCVkciVqbQWdYv5+zuAMB8GA1UdIwQY
MBaAFFPq+Dos3cn9C+KJzPrzKzIzBM9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVS1yNE9pemR5ZjBMNG9uTS12TXJNak1FejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yYzMwMzgtOWM0NS00M2U4LWI2OWYt
Yjg0Y2ZmMTg4ZjU1LzEvVS1yNE9pemR5ZjBMNG9uTS12TXJNak1FejA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yYzMwMzgtOWM0NS00M2U4LWI2OWYtYjg0Y2ZmMTg4ZjU1
LzEvVS1yNE9pemR5ZjBMNG9uTS12TXJNak1FejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN61Asd/A
Q2qrdQ9/ul3EMobKHjtiGdS7ziEzVTZZS+Hw3irQglWHumYkUOVC+LAHVQC/nxpN
LJjkVVgA7oLdk17bDwOIyOHHU8IW+HNud/7Wa+6m6lk88ob8TxLP18+/WtggFdzb
8YVNgUbLTQjZt3pJyZ+Z43DL2M9mK6iWDqS0xAOc8QRhbPj/Fq8qJ1rXK+zZpzCC
m+yMdSgwycsc/ogSo5Qu1bU2JINS0UqAvhIRIL8VFGLNMxoiDiKwebJLiqqfRsMy
SPlIUk9xfbKHKGC3PLYOF2t90b2p+IiL88pxNWO9dSW08iYFu5hvxxTWhKwJb7Js
XlkMseg0XFiUxQ==
-----END CERTIFICATE-----