Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/dadf34-1f3f-4cea-8001-e3d5d7ef4232/1/sUgIa40dx_EOND_RZXGSOadVvTQ.mft
File:                     sUgIa40dx_EOND_RZXGSOadVvTQ.mft (raw, json)
Hash identifier:          j68B0mIn6GnDWvXm809cF7k4mekTuJoMin+FD/lbTRM=
Subject key identifier:   9F:12:82:53:1B:CE:A8:16:96:8E:4A:25:E2:1B:7D:C9:91:79:88:13
Authority key identifier: B1:48:08:6B:8D:1D:C7:F1:0E:34:3F:D1:65:71:92:39:A7:55:BD:34
Certificate issuer:       /CN=b148086b8d1dc7f10e343fd165719239a755bd34
Certificate serial:       019CABD9537769EF2C6000F0FD7302C9339A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sUgIa40dx_EOND_RZXGSOadVvTQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/dadf34-1f3f-4cea-8001-e3d5d7ef4232/1/sUgIa40dx_EOND_RZXGSOadVvTQ.mft
Manifest number:          11C2
Signing time:             Mon 02 Mar 2026 00:01:12 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:12 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:12 +0000
Files and hashes:         1: sUgIa40dx_EOND_RZXGSOadVvTQ.crl (hash: JNIXnxHjxKEvv1kJQ5qEQCY7qD1jX2lrHrDmWRLNWls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/dadf34-1f3f-4cea-8001-e3d5d7ef4232/1/sUgIa40dx_EOND_RZXGSOadVvTQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/dadf34-1f3f-4cea-8001-e3d5d7ef4232/1/sUgIa40dx_EOND_RZXGSOadVvTQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sUgIa40dx_EOND_RZXGSOadVvTQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:53:77:69:ef:2c:60:00:f0:fd:73:02:c9:33:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b148086b8d1dc7f10e343fd165719239a755bd34
        Validity
            Not Before: Mar  2 00:01:12 2026 GMT
            Not After : Mar  3 00:01:12 2026 GMT
        Subject: CN=9f1282531bcea816968e4a25e21b7dc991798813
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c8:ad:66:19:42:27:10:45:ed:00:d9:94:04:
                    e7:dc:34:b3:89:ae:7b:e1:46:a9:24:b3:16:47:3f:
                    b5:26:13:9e:d8:8b:37:57:d2:84:d5:32:58:66:86:
                    96:36:1b:92:9f:a7:d6:58:10:2e:a4:f9:8c:c7:eb:
                    c8:7d:0f:5c:9f:46:58:8e:4c:38:e1:f0:d0:c0:e6:
                    0c:0e:d9:a1:1f:76:ef:f8:37:57:6a:b5:c9:a3:2b:
                    43:cf:ad:ae:3c:35:4c:52:e3:50:34:b4:17:80:3c:
                    73:0b:b1:80:81:44:81:49:1c:35:93:64:ad:5f:57:
                    ec:00:3f:e7:ba:4c:bd:cc:c1:46:5b:eb:15:ec:2a:
                    4a:5f:f3:11:99:75:d3:85:10:51:07:23:1c:63:25:
                    8f:eb:29:fc:25:58:d9:7a:6c:25:ed:81:f0:5e:40:
                    c8:66:53:64:1d:3e:f1:f4:30:94:72:1c:8f:6c:df:
                    48:38:33:1e:6e:32:7b:3e:c9:f2:77:58:31:8f:a2:
                    4a:f5:98:1d:3a:f7:79:d4:5b:24:9c:21:dd:a9:bb:
                    d5:dd:83:99:5e:64:b1:96:75:c4:e5:52:94:4e:96:
                    f8:59:f1:61:a2:60:8c:49:7c:d1:62:40:68:98:f0:
                    eb:bc:25:e8:12:3e:ee:6b:ca:90:1a:e2:0c:4c:72:
                    cc:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:12:82:53:1B:CE:A8:16:96:8E:4A:25:E2:1B:7D:C9:91:79:88:13
            X509v3 Authority Key Identifier:
                keyid:B1:48:08:6B:8D:1D:C7:F1:0E:34:3F:D1:65:71:92:39:A7:55:BD:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUgIa40dx_EOND_RZXGSOadVvTQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/dadf34-1f3f-4cea-8001-e3d5d7ef4232/1/sUgIa40dx_EOND_RZXGSOadVvTQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/dadf34-1f3f-4cea-8001-e3d5d7ef4232/1/sUgIa40dx_EOND_RZXGSOadVvTQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:a3:06:de:de:87:10:a2:57:f7:27:54:51:f7:5d:6e:0a:2d:
         be:d4:e3:d5:91:cf:99:ac:a0:0e:87:2f:bb:82:21:32:5d:67:
         a0:70:f6:d7:6a:f5:e7:7d:ef:b0:5d:13:51:07:46:4c:9a:bb:
         08:40:7c:da:6e:45:33:14:34:e1:d1:df:b9:da:b4:7f:14:bd:
         0e:5d:60:6d:9b:7a:42:34:58:30:e4:10:9f:c0:a1:30:66:1f:
         c8:2a:f7:1a:0d:71:0e:b8:dc:4a:de:b2:93:65:d1:ee:a6:e4:
         9c:f1:03:26:da:13:c8:1a:e6:19:9b:9a:b3:b0:c6:8d:5c:53:
         d5:ea:0d:9a:23:3c:94:57:a6:25:d7:6b:85:c7:24:60:42:58:
         ad:75:34:e6:eb:15:42:1d:fe:a4:95:06:81:be:c0:71:a7:7e:
         5f:7a:ed:7f:a7:b3:8c:ff:0a:c8:90:c1:4a:46:3a:11:08:d6:
         46:74:78:ab:21:b8:97:9e:23:89:1d:8d:df:0a:f6:c9:68:41:
         d5:d4:d5:9f:a5:55:19:b9:77:c8:2e:ef:b3:a8:ed:a3:f3:53:
         a4:13:c2:35:0b:a5:b9:aa:55:37:1b:8a:99:3a:80:b4:a2:87:
         d6:73:c3:fb:95:33:f1:77:bf:f4:dc:db:87:be:77:7b:3c:4b:
         f1:f2:86:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2VN3ae8sYADw/XMCyTOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDgwODZiOGQxZGM3ZjEwZTM0M2ZkMTY1NzE5MjM5YTc1
NWJkMzQwHhcNMjYwMzAyMDAwMTEyWhcNMjYwMzAzMDAwMTEyWjAzMTEwLwYDVQQD
Eyg5ZjEyODI1MzFiY2VhODE2OTY4ZTRhMjVlMjFiN2RjOTkxNzk4ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcitZhlCJxBF7QDZlATn3DSzia57
4UapJLMWRz+1JhOe2Is3V9KE1TJYZoaWNhuSn6fWWBAupPmMx+vIfQ9cn0ZYjkw4
4fDQwOYMDtmhH3bv+DdXarXJoytDz62uPDVMUuNQNLQXgDxzC7GAgUSBSRw1k2St
X1fsAD/nuky9zMFGW+sV7CpKX/MRmXXThRBRByMcYyWP6yn8JVjZemwl7YHwXkDI
ZlNkHT7x9DCUchyPbN9IODMebjJ7Psnyd1gxj6JK9ZgdOvd51FsknCHdqbvV3YOZ
XmSxlnXE5VKUTpb4WfFhomCMSXzRYkBomPDrvCXoEj7ua8qQGuIMTHLMjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ8SglMbzqgWlo5KJeIbfcmReYgTMB8GA1UdIwQY
MBaAFLFICGuNHcfxDjQ/0WVxkjmnVb00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VnSWE0MGR4X0VPTkRfUlpYR1NPYWRWdlRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYWRmMzQtMWYzZi00Y2VhLTgwMDEt
ZTNkNWQ3ZWY0MjMyLzEvc1VnSWE0MGR4X0VPTkRfUlpYR1NPYWRWdlRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYWRmMzQtMWYzZi00Y2VhLTgwMDEtZTNkNWQ3ZWY0MjMy
LzEvc1VnSWE0MGR4X0VPTkRfUlpYR1NPYWRWdlRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf6MG3t6H
EKJX9ydUUfddbgotvtTj1ZHPmaygDocvu4IhMl1noHD212r1533vsF0TUQdGTJq7
CEB82m5FMxQ04dHfudq0fxS9Dl1gbZt6QjRYMOQQn8ChMGYfyCr3Gg1xDrjcSt6y
k2XR7qbknPEDJtoTyBrmGZuas7DGjVxT1eoNmiM8lFemJddrhcckYEJYrXU05usV
Qh3+pJUGgb7Acad+X3rtf6ezjP8KyJDBSkY6EQjWRnR4qyG4l54jiR2N3wr2yWhB
1dTVn6VVGbl3yC7vs6jto/NTpBPCNQuluapVNxuKmTqAtKKH1nPD+5Uz8Xe/9Nzb
h753ezxL8fKGdg==
-----END CERTIFICATE-----