Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          HfKtN1n0mV9ZI5a9VhKKVuJr3ulaHmybdz5lO6qqkFE=
Subject key identifier:   B2:3F:2F:9B:86:B2:EC:99:05:16:6B:13:D4:A5:46:A9:3F:71:27:D5
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       019D9EC03BD3B8E6EAD20B34EBF9286DC983
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0D1B
Signing time:             Sat 18 Apr 2026 04:01:31 +0000
Manifest this update:     Sat 18 Apr 2026 04:01:31 +0000
Manifest next update:     Sun 19 Apr 2026 04:01:31 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: mwNmysqR44jNO+3oNluIL+6yOj73KXB7+MHUG06ILVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 21:23:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9e:c0:3b:d3:b8:e6:ea:d2:0b:34:eb:f9:28:6d:c9:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Apr 18 04:01:31 2026 GMT
            Not After : Apr 19 04:01:31 2026 GMT
        Subject: CN=b23f2f9b86b2ec9905166b13d4a546a93f7127d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5c:0e:5c:74:5c:ab:fc:bc:d7:eb:75:78:6f:
                    9c:25:06:8d:0c:66:43:c9:cf:1c:01:29:bb:73:d4:
                    c0:f0:37:16:ae:ba:a8:5a:05:89:1c:a7:c3:05:92:
                    72:da:5d:91:72:87:2c:54:9f:07:21:b4:d2:2f:81:
                    d3:2e:df:34:11:d1:6c:01:4b:50:76:40:f0:31:9e:
                    9b:40:42:71:82:d9:7b:52:93:1b:94:ca:fb:4d:85:
                    06:2d:f7:de:6d:15:32:67:f0:35:7b:2b:07:78:2f:
                    bc:ee:8d:66:ff:cd:7e:10:cc:2a:af:fb:3f:0d:d4:
                    73:27:b3:29:22:9c:4a:37:57:90:84:e9:40:b2:2f:
                    22:ae:ab:c6:3f:57:07:5f:36:68:da:04:b1:6a:96:
                    a3:cf:3c:d6:e8:44:06:a5:35:6c:8f:44:35:39:9c:
                    8d:be:e7:c2:29:ee:0c:c4:97:b2:c9:29:2e:b1:51:
                    62:b4:fc:c6:b2:49:55:fb:1b:33:d1:ee:4a:37:32:
                    4b:33:d1:39:33:3d:77:fc:b7:49:81:57:ae:c8:b1:
                    d0:7d:44:37:34:65:e2:c7:91:c0:56:3d:13:cd:93:
                    6f:0f:85:19:70:9e:13:10:3e:58:c9:c9:cf:f8:0e:
                    00:03:05:01:15:a0:0b:eb:ff:fe:78:f6:b6:24:c3:
                    0f:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:3F:2F:9B:86:B2:EC:99:05:16:6B:13:D4:A5:46:A9:3F:71:27:D5
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:0e:26:be:5c:a5:a7:24:f1:8d:10:8f:d0:68:d6:cb:71:75:
         19:84:82:28:42:72:60:84:96:32:de:17:37:08:07:4b:b6:0b:
         85:f1:ec:8f:bd:36:7c:a9:e7:48:43:69:32:16:6e:ef:d7:30:
         32:64:66:f2:4b:eb:34:d2:da:c1:77:7c:f4:6f:66:9b:57:9b:
         84:dc:2e:1c:19:74:55:2e:bb:7a:39:33:12:f2:1d:c4:d0:b3:
         2d:70:96:70:ae:8b:fe:58:da:cf:d0:2d:e7:77:00:cd:c5:b6:
         70:78:c3:bc:fa:a1:4a:ce:89:05:9e:e1:24:38:a6:eb:a5:cc:
         a8:ca:c9:64:0b:4d:09:3f:00:85:b1:02:e8:ea:ba:ab:2e:ad:
         c9:b2:15:54:b5:ab:96:db:78:e5:a9:aa:ef:ff:42:5d:2f:03:
         df:03:24:03:3f:e8:f1:4e:c6:b6:df:0f:d7:77:f0:f8:60:3a:
         85:c6:29:df:70:f0:5f:ae:83:b3:2a:8d:ab:e9:40:86:2b:b4:
         f7:af:fb:3d:c3:04:c1:4b:fa:e7:ed:8f:29:1b:5e:32:d6:4c:
         ae:b6:37:d4:04:0b:bb:45:5b:bd:8e:4b:8d:f5:06:9e:d5:db:
         e9:bc:82:02:f0:37:dc:6c:dc:03:f4:dc:7a:d1:54:89:e1:8e:
         ee:b3:f9:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ewDvTuObq0gs06/kobcmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjYwNDE4MDQwMTMxWhcNMjYwNDE5MDQwMTMxWjAzMTEwLwYDVQQD
EyhiMjNmMmY5Yjg2YjJlYzk5MDUxNjZiMTNkNGE1NDZhOTNmNzEyN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FwOXHRcq/y81+t1eG+cJQaNDGZD
yc8cASm7c9TA8DcWrrqoWgWJHKfDBZJy2l2RcocsVJ8HIbTSL4HTLt80EdFsAUtQ
dkDwMZ6bQEJxgtl7UpMblMr7TYUGLffebRUyZ/A1eysHeC+87o1m/81+EMwqr/s/
DdRzJ7MpIpxKN1eQhOlAsi8irqvGP1cHXzZo2gSxapajzzzW6EQGpTVsj0Q1OZyN
vufCKe4MxJeyySkusVFitPzGsklV+xsz0e5KNzJLM9E5Mz13/LdJgVeuyLHQfUQ3
NGXix5HAVj0TzZNvD4UZcJ4TED5YycnP+A4AAwUBFaAL6//+ePa2JMMPuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLI/L5uGsuyZBRZrE9SlRqk/cSfVMB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuQ4mvlyl
pyTxjRCP0GjWy3F1GYSCKEJyYISWMt4XNwgHS7YLhfHsj702fKnnSENpMhZu79cw
MmRm8kvrNNLawXd89G9mm1ebhNwuHBl0VS67ejkzEvIdxNCzLXCWcK6L/ljaz9At
53cAzcW2cHjDvPqhSs6JBZ7hJDim66XMqMrJZAtNCT8AhbEC6Oq6qy6tybIVVLWr
ltt45amq7/9CXS8D3wMkAz/o8U7Gtt8P13fw+GA6hcYp33DwX66DsyqNq+lAhiu0
96/7PcMEwUv65+2PKRteMtZMrrY31AQLu0VbvY5LjfUGntXb6byCAvA33GzcA/Tc
etFUieGO7rP5Vg==
-----END CERTIFICATE-----