Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
File:                     Us3j-fOkO7GGEIo8M9n2NVeh14w.mft (raw, json)
Hash identifier:          Vnk6ZMWczefO0E04LufeyJhgz1emOu6w+ciXLbMi5Lk=
Subject key identifier:   A7:E9:AA:5C:87:02:AD:2E:A4:7F:E5:3A:0B:D3:79:4A:66:65:CC:88
Authority key identifier: 52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C
Certificate issuer:       /CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
Certificate serial:       019D38662E3BA756C45D3ED23E3399CEF75B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:01:53 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:53 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:53 +0000
Files and hashes:         1: Us3j-fOkO7GGEIo8M9n2NVeh14w.crl (hash: KTm9Ib2wJD6Ekdbm1t9Wz1EnmZF0aTqwSAesfmd3XB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2e:3b:a7:56:c4:5d:3e:d2:3e:33:99:ce:f7:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cde3f9f3a43bb186108a3c33d9f63557a1d78c
        Validity
            Not Before: Mar 29 07:01:53 2026 GMT
            Not After : Mar 30 07:01:53 2026 GMT
        Subject: CN=a7e9aa5c8702ad2ea47fe53a0bd3794a6665cc88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:5d:ca:ae:2a:1e:1e:fc:68:f1:e4:c1:bc:cc:
                    b9:d2:36:95:2f:da:29:15:86:ea:d7:66:e3:d2:b9:
                    ce:6d:31:91:30:cd:68:be:b8:45:8c:79:c3:9a:d9:
                    04:ef:0a:aa:35:9f:b3:2c:57:cd:e3:f3:4c:ea:bd:
                    18:ad:d9:31:52:be:3b:2c:ae:35:48:a3:78:19:f5:
                    e5:70:c7:a2:4c:d6:e6:d7:df:79:28:ec:f4:6a:d6:
                    2f:e1:55:74:61:92:d7:19:bb:53:54:36:80:33:ad:
                    f3:77:db:ed:f8:a5:60:06:58:bd:4a:fd:8b:b4:02:
                    6b:56:0a:fd:94:f2:33:c6:6e:4f:d8:ce:65:dc:2c:
                    df:a0:7e:91:69:3b:d1:c8:6d:54:61:53:14:a3:e1:
                    f0:85:c8:8a:da:b9:f6:8f:28:86:c0:5c:e4:cb:2e:
                    4d:2e:44:af:e6:c5:0a:9c:3f:fc:58:f7:7d:ac:85:
                    0a:49:cd:7d:cb:49:76:19:3d:84:bf:10:79:f2:58:
                    d6:7c:f5:5c:d2:66:4a:44:c7:18:78:ce:8a:72:94:
                    7a:46:1c:93:36:5f:b7:84:30:90:46:02:08:0b:d8:
                    92:d6:5f:c1:18:24:ab:f4:e9:0b:93:3f:78:3b:81:
                    57:11:b9:d4:44:61:90:5f:36:a2:7d:41:b4:76:9f:
                    5f:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:E9:AA:5C:87:02:AD:2E:A4:7F:E5:3A:0B:D3:79:4A:66:65:CC:88
            X509v3 Authority Key Identifier:
                keyid:52:CD:E3:F9:F3:A4:3B:B1:86:10:8A:3C:33:D9:F6:35:57:A1:D7:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us3j-fOkO7GGEIo8M9n2NVeh14w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/6dffd8-e433-441b-bb37-6046c00496bc/1/Us3j-fOkO7GGEIo8M9n2NVeh14w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:a8:59:53:8a:a1:8e:82:86:92:85:81:bf:fb:0b:06:45:da:
         31:80:18:d2:eb:63:94:3f:04:83:9b:43:16:65:ef:9e:c6:10:
         a0:33:28:ab:65:43:4a:19:6d:27:a5:9e:0f:de:0f:0c:b4:46:
         55:96:e1:2f:63:38:d3:2d:35:83:72:0b:ef:79:35:81:8c:98:
         b1:11:38:ab:72:21:53:77:df:e1:72:6e:89:3f:48:b9:94:df:
         b6:91:8c:74:f2:e3:c7:1d:1b:86:79:4c:1c:31:ef:69:86:44:
         02:57:b1:6a:56:ec:17:07:13:cb:31:b3:99:7b:0b:13:c6:4f:
         1e:99:5d:a0:9b:c6:4c:90:4e:c1:58:ba:c7:81:c2:2d:a5:5a:
         13:21:9e:b6:72:a5:1c:3a:e2:8e:ca:c9:9f:bf:49:9c:a0:48:
         eb:98:1b:8b:6c:39:15:f2:be:8d:a7:8b:c7:b5:74:d9:dc:9d:
         27:cc:73:79:c0:5e:f5:4d:8b:f4:2b:7a:eb:6c:6f:1e:10:21:
         e8:00:14:29:18:75:60:13:28:a6:4e:83:f5:7d:74:20:c6:0d:
         17:df:40:a1:19:9f:a3:4f:b4:4c:d1:7d:bf:40:4b:9c:f8:a6:
         27:f4:5f:ab:06:e1:44:d6:87:9d:fd:94:c6:a8:a7:17:8b:d6:
         13:f5:f5:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zi47p1bEXT7SPjOZzvdbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2RlM2Y5ZjNhNDNiYjE4NjEwOGEzYzMzZDlmNjM1NTdh
MWQ3OGMwHhcNMjYwMzI5MDcwMTUzWhcNMjYwMzMwMDcwMTUzWjAzMTEwLwYDVQQD
EyhhN2U5YWE1Yzg3MDJhZDJlYTQ3ZmU1M2EwYmQzNzk0YTY2NjVjYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV3KrioeHvxo8eTBvMy50jaVL9op
FYbq12bj0rnObTGRMM1ovrhFjHnDmtkE7wqqNZ+zLFfN4/NM6r0YrdkxUr47LK41
SKN4GfXlcMeiTNbm1995KOz0atYv4VV0YZLXGbtTVDaAM63zd9vt+KVgBli9Sv2L
tAJrVgr9lPIzxm5P2M5l3CzfoH6RaTvRyG1UYVMUo+HwhciK2rn2jyiGwFzkyy5N
LkSv5sUKnD/8WPd9rIUKSc19y0l2GT2EvxB58ljWfPVc0mZKRMcYeM6KcpR6RhyT
Nl+3hDCQRgIIC9iS1l/BGCSr9OkLkz94O4FXEbnURGGQXzaifUG0dp9fxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKfpqlyHAq0upH/lOgvTeUpmZcyIMB8GA1UdIwQY
MBaAFFLN4/nzpDuxhhCKPDPZ9jVXodeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzct
NjA0NmMwMDQ5NmJjLzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy82ZGZmZDgtZTQzMy00NDFiLWJiMzctNjA0NmMwMDQ5NmJj
LzEvVXMzai1mT2tPN0dHRUlvOE05bjJOVmVoMTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMahZU4qh
joKGkoWBv/sLBkXaMYAY0utjlD8Eg5tDFmXvnsYQoDMoq2VDShltJ6WeD94PDLRG
VZbhL2M40y01g3IL73k1gYyYsRE4q3IhU3ff4XJuiT9IuZTftpGMdPLjxx0bhnlM
HDHvaYZEAlexalbsFwcTyzGzmXsLE8ZPHpldoJvGTJBOwVi6x4HCLaVaEyGetnKl
HDrijsrJn79JnKBI65gbi2w5FfK+jaeLx7V02dydJ8xzecBe9U2L9Ct662xvHhAh
6AAUKRh1YBMopk6D9X10IMYNF99AoRmfo0+0TNF9v0BLnPimJ/RfqwbhRNaHnf2U
xqinF4vWE/X1YA==
-----END CERTIFICATE-----