Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          6zBHUxsU9N8smH5Da3vbmpXH4RVow5980uWhx0cVP0U=
Subject key identifier:   AD:B1:DC:8C:8E:0A:FB:7D:FA:37:D4:2C:2D:81:78:18:02:8D:C9:BD
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       019CAB6ADE8DAF84285985562D21F46198A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 22:00:33 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:33 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:33 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: tA8KWgcLud7knxnYEGhAg2fvp4OMarnUvzxEznd5Pxk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:de:8d:af:84:28:59:85:56:2d:21:f4:61:98:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Mar  1 22:00:33 2026 GMT
            Not After : Mar  2 22:00:33 2026 GMT
        Subject: CN=adb1dc8c8e0afb7dfa37d42c2d817818028dc9bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:f1:fb:a9:8e:7f:a9:9a:bd:e0:b4:ee:4d:c7:
                    ea:5d:20:5f:8c:4a:b7:ef:d0:0f:69:31:b0:23:82:
                    e9:e1:8b:77:bd:cf:94:68:07:2c:f8:91:32:20:6c:
                    24:3e:14:9d:07:48:a7:b4:e9:a7:97:85:d3:00:77:
                    dd:fa:7e:61:5f:17:3a:ef:3f:dd:64:f8:3d:5f:08:
                    f1:6d:82:01:ef:4a:1f:83:4e:15:53:a9:09:bc:cf:
                    1a:98:58:20:48:13:95:f6:12:45:d3:0d:9c:95:27:
                    3c:71:f6:ac:fd:eb:d7:5d:ba:51:f6:13:7f:a1:0d:
                    80:62:64:65:fd:16:c3:45:b3:c6:5f:8e:46:56:37:
                    1d:76:48:1d:11:5f:90:9e:78:ef:a2:ec:38:07:bf:
                    3e:0d:aa:48:d9:73:1c:67:61:41:e6:c9:a4:d8:1f:
                    b4:a8:08:6e:a7:6e:b8:d8:8e:c4:c3:5a:1d:16:93:
                    18:7d:4c:bc:88:72:f2:5c:d0:fe:1d:b7:a9:5a:a9:
                    be:b4:0e:52:39:5a:e6:d4:94:77:7e:48:34:1f:a3:
                    f9:61:61:96:7e:05:d8:ad:a8:7a:c5:12:29:fb:bb:
                    44:b4:f3:09:e4:61:af:16:fe:cc:2c:7e:af:d9:67:
                    d0:49:bc:e9:02:d7:a9:07:e4:d4:fd:ac:e6:54:9e:
                    bd:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:B1:DC:8C:8E:0A:FB:7D:FA:37:D4:2C:2D:81:78:18:02:8D:C9:BD
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:90:2a:c8:d3:01:34:0f:02:99:7f:31:4c:27:ef:3b:f9:83:
         68:b7:ec:dd:0f:1d:d2:5c:8a:5e:76:65:48:30:41:cb:c5:4e:
         21:5d:66:59:b6:8d:23:5f:95:b6:4a:eb:57:c0:fd:92:27:82:
         97:68:03:59:8c:b4:d8:f6:f2:ed:88:7d:6e:06:54:ec:19:c6:
         fb:bc:5f:a4:0d:c5:ed:bb:28:8e:7b:9b:1f:d7:da:b0:0e:c9:
         85:31:de:8c:a3:e9:7e:9b:22:55:ff:2f:3e:78:46:09:97:13:
         c4:3f:45:43:75:94:27:bf:2f:18:43:5e:d6:67:48:34:a5:cb:
         13:8c:7b:69:92:d5:21:85:bb:ef:2d:ce:a1:9f:0a:47:35:97:
         a4:a8:d0:93:fb:30:12:4b:df:8f:f5:34:be:99:c2:51:64:44:
         77:dd:18:a4:33:2c:bb:4b:4d:15:fd:d4:94:ec:39:30:82:b1:
         19:df:3f:03:7e:71:94:1e:a5:92:be:62:a1:9e:93:0c:0b:60:
         b5:03:31:12:bd:3d:f2:3c:93:9e:d1:eb:93:a1:33:cb:53:2c:
         3f:aa:07:a9:d7:e6:74:d9:db:00:b6:7d:0b:da:6d:a5:e3:f0:
         8b:d1:65:5f:3b:91:64:8a:64:e3:f2:ab:6d:72:b1:cd:da:77:
         6a:ef:63:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrat6Nr4QoWYVWLSH0YZihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjYwMzAxMjIwMDMzWhcNMjYwMzAyMjIwMDMzWjAzMTEwLwYDVQQD
EyhhZGIxZGM4YzhlMGFmYjdkZmEzN2Q0MmMyZDgxNzgxODAyOGRjOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfH7qY5/qZq94LTuTcfqXSBfjEq3
79APaTGwI4Lp4Yt3vc+UaAcs+JEyIGwkPhSdB0intOmnl4XTAHfd+n5hXxc67z/d
ZPg9XwjxbYIB70ofg04VU6kJvM8amFggSBOV9hJF0w2clSc8cfas/evXXbpR9hN/
oQ2AYmRl/RbDRbPGX45GVjcddkgdEV+Qnnjvouw4B78+DapI2XMcZ2FB5smk2B+0
qAhup2642I7Ew1odFpMYfUy8iHLyXND+HbepWqm+tA5SOVrm1JR3fkg0H6P5YWGW
fgXYrah6xRIp+7tEtPMJ5GGvFv7MLH6v2WfQSbzpAtepB+TU/azmVJ698wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2x3IyOCvt9+jfULC2BeBgCjcm9MB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnJAqyNMB
NA8CmX8xTCfvO/mDaLfs3Q8d0lyKXnZlSDBBy8VOIV1mWbaNI1+VtkrrV8D9kieC
l2gDWYy02Pby7Yh9bgZU7BnG+7xfpA3F7bsojnubH9fasA7JhTHejKPpfpsiVf8v
PnhGCZcTxD9FQ3WUJ78vGENe1mdINKXLE4x7aZLVIYW77y3OoZ8KRzWXpKjQk/sw
Ekvfj/U0vpnCUWREd90YpDMsu0tNFf3UlOw5MIKxGd8/A35xlB6lkr5ioZ6TDAtg
tQMxEr098jyTntHrk6Ezy1MsP6oHqdfmdNnbALZ9C9ptpePwi9FlXzuRZIpk4/Kr
bXKxzdp3au9jow==
-----END CERTIFICATE-----