Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File:                     ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier:          0C3HSAkeJNytsXY5D2jK2P0FP1ZE+G4r0qLxTXZUb/4=
Subject key identifier:   8E:0C:BD:FC:F2:CE:7F:4B:53:23:C0:6D:07:B1:54:7D:E1:04:11:2F
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer:       /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial:       019CAB6B719CC869BC5140A69BE6DB5DD185
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number:          185D
Signing time:             Sun 01 Mar 2026 22:01:11 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:11 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:11 +0000
Files and hashes:         1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: GbeEIzXv7jLDFI6IklCiB7cu6BiFUiX8wjJXQQaDcd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:71:9c:c8:69:bc:51:40:a6:9b:e6:db:5d:d1:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
        Validity
            Not Before: Mar  1 22:01:11 2026 GMT
            Not After : Mar  2 22:01:11 2026 GMT
        Subject: CN=8e0cbdfcf2ce7f4b5323c06d07b1547de104112f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:31:ac:4b:aa:c9:99:4f:b6:b6:8f:f5:ff:8a:
                    9a:58:c5:46:bf:7b:e6:98:e9:7e:48:ad:60:77:85:
                    67:f3:43:a9:db:85:01:d9:42:c6:b5:ec:63:c4:7d:
                    fe:ec:ae:bd:b6:56:9b:ee:99:e0:e6:ff:13:40:60:
                    42:7e:fd:c7:ad:44:2b:4d:ed:81:85:cf:de:d2:cb:
                    be:1a:c5:33:d4:bf:cd:94:63:3f:24:e6:04:1f:8a:
                    2c:77:4b:c5:49:1d:9f:06:6b:9a:57:27:4a:3e:ce:
                    28:0e:f0:50:71:3f:4f:40:a3:dd:6e:17:28:39:10:
                    d6:b8:2d:35:a0:74:02:a7:67:27:16:8c:24:3f:cb:
                    97:6b:52:2b:d4:81:d1:f6:4d:3a:67:b7:d9:d5:5e:
                    2a:9a:69:c5:12:8d:5d:49:cd:51:2a:6a:3f:ba:1d:
                    4b:89:ec:19:3a:61:3e:c0:55:3b:8c:95:45:3d:04:
                    3b:64:7c:ad:11:29:59:0c:2b:0e:51:62:c4:a7:41:
                    0a:59:6d:37:f4:9d:90:6f:62:56:0d:bf:eb:31:15:
                    4b:53:a7:3e:9b:9b:3d:c8:8d:0b:7f:f7:70:f0:e9:
                    a1:6d:4a:4a:c5:af:a1:42:6b:12:a3:ef:0b:d6:18:
                    a1:1b:f7:36:54:a1:7c:54:74:b5:2a:f3:7a:ab:1a:
                    af:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:0C:BD:FC:F2:CE:7F:4B:53:23:C0:6D:07:B1:54:7D:E1:04:11:2F
            X509v3 Authority Key Identifier:
                keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:b3:37:f9:6d:49:f7:07:ce:7d:0d:de:58:95:71:9f:3a:47:
         d6:e9:03:cf:60:ad:d6:e4:15:52:ca:d6:fa:55:d7:1e:43:94:
         9b:2d:8b:de:ed:29:32:3c:d5:df:0b:af:98:85:30:23:1c:43:
         4e:fa:8f:13:b7:6f:23:4f:8d:71:d2:03:d2:ad:25:45:0c:13:
         42:ee:38:63:e4:eb:12:c5:ef:1f:c7:88:e0:64:64:fd:0a:78:
         2f:a6:d5:43:3d:28:56:95:14:c7:1c:e1:68:b4:c8:df:cf:85:
         d6:88:d3:f7:4d:01:49:38:75:0b:05:d0:77:95:3d:c5:02:23:
         aa:fa:85:76:48:50:4f:cd:cf:bb:8f:c0:34:b0:ac:57:5a:d6:
         2b:fe:50:07:0e:d3:3e:c0:fb:ef:34:0f:3e:e8:24:6a:12:80:
         db:9b:ab:52:1b:93:e3:13:01:cd:4c:77:24:cb:d4:3a:73:c7:
         b7:de:34:1a:7a:83:76:61:9f:ec:b6:b8:79:66:c0:e4:fc:28:
         d8:e7:aa:c8:ab:76:2a:ba:88:fc:9a:65:3e:52:f4:99:a4:b7:
         e7:3f:1c:60:ef:a8:4e:bc:fe:35:a7:6f:5e:d0:04:35:f9:19:
         4d:a5:1b:46:2b:ee:d3:73:3a:3f:e0:30:b6:88:ae:5d:7b:3e:
         56:99:d3:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3GcyGm8UUCmm+bbXdGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjYwMzAxMjIwMTExWhcNMjYwMzAyMjIwMTExWjAzMTEwLwYDVQQD
Eyg4ZTBjYmRmY2YyY2U3ZjRiNTMyM2MwNmQwN2IxNTQ3ZGUxMDQxMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTGsS6rJmU+2to/1/4qaWMVGv3vm
mOl+SK1gd4Vn80Op24UB2ULGtexjxH3+7K69tlab7png5v8TQGBCfv3HrUQrTe2B
hc/e0su+GsUz1L/NlGM/JOYEH4osd0vFSR2fBmuaVydKPs4oDvBQcT9PQKPdbhco
ORDWuC01oHQCp2cnFowkP8uXa1Ir1IHR9k06Z7fZ1V4qmmnFEo1dSc1RKmo/uh1L
iewZOmE+wFU7jJVFPQQ7ZHytESlZDCsOUWLEp0EKWW039J2Qb2JWDb/rMRVLU6c+
m5s9yI0Lf/dw8OmhbUpKxa+hQmsSo+8L1hihG/c2VKF8VHS1KvN6qxqvrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4Mvfzyzn9LUyPAbQexVH3hBBEvMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsbM3+W1J
9wfOfQ3eWJVxnzpH1ukDz2Ct1uQVUsrW+lXXHkOUmy2L3u0pMjzV3wuvmIUwIxxD
TvqPE7dvI0+NcdID0q0lRQwTQu44Y+TrEsXvH8eI4GRk/Qp4L6bVQz0oVpUUxxzh
aLTI38+F1ojT900BSTh1CwXQd5U9xQIjqvqFdkhQT83Pu4/ANLCsV1rWK/5QBw7T
PsD77zQPPugkahKA25urUhuT4xMBzUx3JMvUOnPHt940GnqDdmGf7La4eWbA5Pwo
2OeqyKt2KrqI/JplPlL0maS35z8cYO+oTrz+NadvXtAENfkZTaUbRivu03M6P+Aw
toiuXXs+VpnTKA==
-----END CERTIFICATE-----