Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
File:                     u-Sqx31jiC90NiBwTCTb7bGIDXo.mft (raw, json)
Hash identifier:          0jra2tbLF2NlnlbRK+dhnKgemygWRnJJcE3u2NcJYjU=
Subject key identifier:   C3:7C:C8:DA:DE:31:0C:4C:1F:1D:29:C3:09:14:79:57:A0:CC:B0:B3
Authority key identifier: BB:E4:AA:C7:7D:63:88:2F:74:36:20:70:4C:24:DB:ED:B1:88:0D:7A
Certificate issuer:       /CN=bbe4aac77d63882f743620704c24dbedb1880d7a
Certificate serial:       019D38657D4A61DA39D21C9CA48FB9989352
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
Manifest number:          07E9
Signing time:             Sun 29 Mar 2026 07:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:08 +0000
Files and hashes:         1: u-Sqx31jiC90NiBwTCTb7bGIDXo.crl (hash: WOeJLIbS63vk18C32GWdBGiWPqsjna/jfPzkjxPc9w4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:7d:4a:61:da:39:d2:1c:9c:a4:8f:b9:98:93:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbe4aac77d63882f743620704c24dbedb1880d7a
        Validity
            Not Before: Mar 29 07:01:08 2026 GMT
            Not After : Mar 30 07:01:08 2026 GMT
        Subject: CN=c37cc8dade310c4c1f1d29c309147957a0ccb0b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:98:dd:5e:19:76:69:e6:ee:a9:8c:77:93:04:
                    cd:b7:4a:7f:ab:b6:a0:b2:68:04:05:80:e8:33:2b:
                    f4:15:4b:ea:44:9b:ab:9b:d8:75:4c:8f:62:65:e9:
                    94:a4:90:e9:7f:fc:39:f1:a5:f0:e2:79:87:ce:b6:
                    12:d4:7e:92:1d:81:03:c1:ce:1b:26:7f:34:4b:0a:
                    b9:4c:b7:96:6c:0f:a5:d2:a3:ff:9a:d0:fd:25:92:
                    d6:11:d6:c8:28:ac:54:ab:4c:1c:88:3d:16:5d:4c:
                    f4:f1:3b:a7:95:a5:ba:f4:a2:e1:ce:46:ba:44:0c:
                    3d:c6:14:a9:41:73:e4:cb:b6:94:e8:13:a0:1f:6c:
                    89:4f:83:a6:ae:67:d1:7d:75:40:c9:59:db:31:43:
                    c2:e9:8d:43:b9:99:47:5d:b5:98:a1:57:0a:21:20:
                    2f:2b:aa:f5:19:ea:1a:4a:a4:45:1c:df:ec:e3:3c:
                    29:e0:5d:af:89:a2:39:78:17:f0:52:28:50:35:a3:
                    02:c3:5b:bd:c2:54:a0:00:07:9e:c9:0d:d5:e1:fd:
                    ed:f5:eb:02:6d:3b:70:33:c8:00:95:ac:f6:3f:d5:
                    96:2e:62:a2:bb:43:b0:85:c0:15:11:63:43:64:39:
                    54:af:36:da:d6:0c:49:69:d3:bb:34:68:7e:08:ff:
                    88:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:7C:C8:DA:DE:31:0C:4C:1F:1D:29:C3:09:14:79:57:A0:CC:B0:B3
            X509v3 Authority Key Identifier:
                keyid:BB:E4:AA:C7:7D:63:88:2F:74:36:20:70:4C:24:DB:ED:B1:88:0D:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u-Sqx31jiC90NiBwTCTb7bGIDXo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d4d7d2-9cb2-4ce0-8665-1ba21b0e2913/1/u-Sqx31jiC90NiBwTCTb7bGIDXo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:bb:be:7c:96:c1:9e:3a:c1:c9:03:b2:89:9f:9a:7a:20:5b:
         f6:30:7f:82:7b:97:9f:71:54:49:58:04:45:75:cc:84:79:a9:
         bd:f1:89:67:2d:d0:0f:fc:eb:c3:f0:e4:10:3e:56:31:d7:e3:
         be:d5:38:22:64:d1:f0:fd:38:6e:85:7f:71:3c:eb:70:3d:99:
         a1:29:d2:c9:25:80:f9:22:e6:bd:ca:c7:9a:25:b5:d8:b9:bb:
         38:ae:22:f0:0b:0a:67:28:9e:bd:a7:90:10:41:46:f7:1b:47:
         83:ab:37:3b:db:ba:63:60:69:cc:ee:c6:fd:af:12:a1:a6:86:
         82:b8:9b:09:3f:33:b7:9e:07:88:10:33:b2:be:c9:6a:a8:6e:
         71:f0:60:21:dd:a6:48:ed:17:38:6d:38:1f:68:ba:24:be:51:
         b3:2b:aa:75:17:5a:7f:f3:28:86:93:6a:00:93:64:10:86:d6:
         a2:a3:0c:dc:85:1a:e0:c9:bb:4e:b0:59:bc:f2:8e:f2:fd:59:
         8d:5d:d9:ff:f6:fd:5b:54:6b:3d:31:5c:58:d8:25:0d:1a:b0:
         87:2f:a1:bb:d5:7d:30:1f:04:e6:9b:3a:f3:51:cf:6f:2f:57:
         94:95:7c:4d:19:d4:47:ea:fb:a2:8a:da:8a:0f:0e:33:1d:13:
         9a:91:2f:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZX1KYdo50hycpI+5mJNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZTRhYWM3N2Q2Mzg4MmY3NDM2MjA3MDRjMjRkYmVkYjE4
ODBkN2EwHhcNMjYwMzI5MDcwMTA4WhcNMjYwMzMwMDcwMTA4WjAzMTEwLwYDVQQD
EyhjMzdjYzhkYWRlMzEwYzRjMWYxZDI5YzMwOTE0Nzk1N2EwY2NiMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJjdXhl2aebuqYx3kwTNt0p/q7ag
smgEBYDoMyv0FUvqRJurm9h1TI9iZemUpJDpf/w58aXw4nmHzrYS1H6SHYEDwc4b
Jn80Swq5TLeWbA+l0qP/mtD9JZLWEdbIKKxUq0wciD0WXUz08TunlaW69KLhzka6
RAw9xhSpQXPky7aU6BOgH2yJT4OmrmfRfXVAyVnbMUPC6Y1DuZlHXbWYoVcKISAv
K6r1GeoaSqRFHN/s4zwp4F2viaI5eBfwUihQNaMCw1u9wlSgAAeeyQ3V4f3t9esC
bTtwM8gAlaz2P9WWLmKiu0OwhcAVEWNDZDlUrzba1gxJadO7NGh+CP+I9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMN8yNreMQxMHx0pwwkUeVegzLCzMB8GA1UdIwQY
MBaAFLvkqsd9Y4gvdDYgcEwk2+2xiA16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kNGQ3ZDItOWNiMi00Y2UwLTg2NjUt
MWJhMjFiMGUyOTEzLzEvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kNGQ3ZDItOWNiMi00Y2UwLTg2NjUtMWJhMjFiMGUyOTEz
LzEvdS1TcXgzMWppQzkwTmlCd1RDVGI3YkdJRFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABbu+fJbB
njrByQOyiZ+aeiBb9jB/gnuXn3FUSVgERXXMhHmpvfGJZy3QD/zrw/DkED5WMdfj
vtU4ImTR8P04boV/cTzrcD2ZoSnSySWA+SLmvcrHmiW12Lm7OK4i8AsKZyievaeQ
EEFG9xtHg6s3O9u6Y2BpzO7G/a8SoaaGgribCT8zt54HiBAzsr7JaqhucfBgId2m
SO0XOG04H2i6JL5RsyuqdRdaf/MohpNqAJNkEIbWoqMM3IUa4Mm7TrBZvPKO8v1Z
jV3Z//b9W1RrPTFcWNglDRqwhy+hu9V9MB8E5ps681HPby9XlJV8TRnUR+r7oora
ig8OMx0TmpEvSQ==
-----END CERTIFICATE-----