Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
File:                     U3YJ5EhhINufF7bT10v4VfJxV18.mft (raw, json)
Hash identifier:          pjlzEVTgmaKWfEf6U6aJm9V88dAVP+twHD4qdkw8L40=
Subject key identifier:   50:D8:09:81:4E:8F:A1:15:E4:9C:D2:B9:7F:B7:8B:9F:91:17:FE:6D
Authority key identifier: 53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F
Certificate issuer:       /CN=537609e4486120db9f17b6d3d74bf855f271575f
Certificate serial:       019CAB6B32CA206377E18C58AE5E896CBC28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
Manifest number:          0EC4
Signing time:             Sun 01 Mar 2026 22:00:55 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:55 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:55 +0000
Files and hashes:         1: U3YJ5EhhINufF7bT10v4VfJxV18.crl (hash: Fm5INqGOUiHDi3OhbwxX1mRgSVzEvVYaqhSm0Ayb/+k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:32:ca:20:63:77:e1:8c:58:ae:5e:89:6c:bc:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=537609e4486120db9f17b6d3d74bf855f271575f
        Validity
            Not Before: Mar  1 22:00:55 2026 GMT
            Not After : Mar  2 22:00:55 2026 GMT
        Subject: CN=50d809814e8fa115e49cd2b97fb78b9f9117fe6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:8d:c7:7f:8f:34:6b:a7:0f:40:79:3f:27:cd:
                    be:9d:ce:98:7b:0e:41:5d:a6:9d:7d:66:83:d0:fa:
                    ba:1a:b0:69:b6:65:56:f2:0f:61:3e:1b:d7:80:4e:
                    41:f8:a6:65:33:57:28:98:15:27:74:f3:33:60:9f:
                    2e:52:1e:6f:52:c3:25:d9:ea:f7:8b:d6:72:ef:9e:
                    32:9a:99:81:f5:d3:2c:93:97:7c:83:de:bb:b1:a4:
                    a7:c2:a7:2b:65:16:79:45:a9:f2:5e:1d:68:5c:1c:
                    77:f6:c0:13:e0:b1:f1:a4:ef:31:9e:31:1d:34:b9:
                    26:36:8a:4e:0f:7e:62:7b:36:4f:6f:5b:6d:08:26:
                    bd:a9:60:ca:7f:97:11:b9:c1:b8:5f:12:80:3e:ee:
                    b2:d7:81:a4:0b:48:0f:84:86:8a:03:ad:da:11:15:
                    16:ec:d5:64:06:9f:c0:81:42:cb:06:5c:e5:6a:0e:
                    e9:92:ba:81:31:ca:1b:12:25:58:47:ed:05:7c:54:
                    2e:08:d0:f7:8f:97:46:3c:df:7c:87:79:e0:2c:15:
                    61:c1:6b:2d:b1:82:33:10:36:4b:72:1e:fd:19:3b:
                    17:ed:1f:b2:36:50:3a:7a:45:52:a2:9d:a6:55:3d:
                    14:1e:80:5a:f7:f3:38:d6:fe:50:e9:72:c4:89:fa:
                    8f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:D8:09:81:4E:8F:A1:15:E4:9C:D2:B9:7F:B7:8B:9F:91:17:FE:6D
            X509v3 Authority Key Identifier:
                keyid:53:76:09:E4:48:61:20:DB:9F:17:B6:D3:D7:4B:F8:55:F2:71:57:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3YJ5EhhINufF7bT10v4VfJxV18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/05db80-1baf-437a-a48f-d4d44bd91afe/1/U3YJ5EhhINufF7bT10v4VfJxV18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:7c:da:2e:81:91:c0:ce:49:ba:e6:77:a2:8d:dd:2b:2f:10:
         31:68:f6:d4:30:4c:65:6c:de:51:78:fc:f9:e2:8e:d4:24:ee:
         87:6d:54:36:50:fd:cf:97:e1:dd:56:aa:cd:3f:6f:3d:d7:a3:
         4d:96:08:f8:3d:0d:27:d4:4f:74:ce:46:be:e8:a7:dd:c2:b7:
         32:f5:7f:96:f1:16:35:05:42:98:a0:2d:e7:fd:7f:de:0c:81:
         1e:92:04:94:13:fd:a9:0d:1b:04:d6:c2:b5:cf:04:25:b2:0b:
         a1:2f:9b:70:99:07:0d:ad:db:e9:79:9c:39:b0:21:b4:60:83:
         8f:83:71:c2:83:ae:e4:e9:15:22:c0:c3:12:71:db:08:48:7b:
         20:76:7a:a6:8a:65:f3:94:30:ee:94:a6:0c:0c:af:c3:c0:3d:
         38:10:51:c4:f9:db:1c:43:0c:14:b8:5f:28:f6:8e:e3:ee:97:
         cb:92:d7:53:f6:6e:ef:97:d4:9c:27:83:da:6a:21:05:79:eb:
         a2:ed:5c:65:82:b7:2a:8d:a1:91:88:f7:3b:3d:c6:4b:3b:2a:
         f5:1f:8b:ce:4b:f5:4f:ab:c5:35:fd:bd:60:b2:1d:20:59:ac:
         c5:4b:18:25:96:de:79:77:1a:99:75:c3:b9:95:60:c2:0b:36:
         bc:f9:d4:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrazLKIGN34YxYrl6JbLwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzYwOWU0NDg2MTIwZGI5ZjE3YjZkM2Q3NGJmODU1ZjI3
MTU3NWYwHhcNMjYwMzAxMjIwMDU1WhcNMjYwMzAyMjIwMDU1WjAzMTEwLwYDVQQD
Eyg1MGQ4MDk4MTRlOGZhMTE1ZTQ5Y2QyYjk3ZmI3OGI5ZjkxMTdmZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt43Hf480a6cPQHk/J82+nc6Yew5B
XaadfWaD0Pq6GrBptmVW8g9hPhvXgE5B+KZlM1comBUndPMzYJ8uUh5vUsMl2er3
i9Zy754ympmB9dMsk5d8g967saSnwqcrZRZ5RanyXh1oXBx39sAT4LHxpO8xnjEd
NLkmNopOD35iezZPb1ttCCa9qWDKf5cRucG4XxKAPu6y14GkC0gPhIaKA63aERUW
7NVkBp/AgULLBlzlag7pkrqBMcobEiVYR+0FfFQuCND3j5dGPN98h3ngLBVhwWst
sYIzEDZLch79GTsX7R+yNlA6ekVSop2mVT0UHoBa9/M41v5Q6XLEifqPWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDYCYFOj6EV5JzSuX+3i5+RF/5tMB8GA1UdIwQY
MBaAFFN2CeRIYSDbnxe209dL+FXycVdfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYt
ZDRkNDRiZDkxYWZlLzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wNWRiODAtMWJhZi00MzdhLWE0OGYtZDRkNDRiZDkxYWZl
LzEvVTNZSjVFaGhJTnVmRjdiVDEwdjRWZkp4VjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfnzaLoGR
wM5JuuZ3oo3dKy8QMWj21DBMZWzeUXj8+eKO1CTuh21UNlD9z5fh3VaqzT9vPdej
TZYI+D0NJ9RPdM5Gvuin3cK3MvV/lvEWNQVCmKAt5/1/3gyBHpIElBP9qQ0bBNbC
tc8EJbILoS+bcJkHDa3b6XmcObAhtGCDj4NxwoOu5OkVIsDDEnHbCEh7IHZ6popl
85Qw7pSmDAyvw8A9OBBRxPnbHEMMFLhfKPaO4+6Xy5LXU/Zu75fUnCeD2mohBXnr
ou1cZYK3Ko2hkYj3Oz3GSzsq9R+Lzkv1T6vFNf29YLIdIFmsxUsYJZbeeXcamXXD
uZVgwgs2vPnU5A==
-----END CERTIFICATE-----