Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
File:                     uU8woHaUohE5ZIclom6zTOSha6s.mft (raw, json)
Hash identifier:          9VBOS2N+ttqXfqn3qdSEgfTqLh1V4ZlIaeP4JbyyTU4=
Subject key identifier:   D0:FD:E7:68:A2:64:81:75:BB:CB:23:5D:30:4F:1E:69:8F:D2:A2:80
Authority key identifier: B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB
Certificate issuer:       /CN=b94f30a07694a21139648725a26eb34ce4a16bab
Certificate serial:       019D3909E2E2CBB699A88A6224F06370E37C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
Manifest number:          0523
Signing time:             Sun 29 Mar 2026 10:00:42 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:42 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:42 +0000
Files and hashes:         1: uU8woHaUohE5ZIclom6zTOSha6s.crl (hash: COCoZJA8N4iZo45CnPBiaQ6M8gP3qKlt65s63XVY3zM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:e2:e2:cb:b6:99:a8:8a:62:24:f0:63:70:e3:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b94f30a07694a21139648725a26eb34ce4a16bab
        Validity
            Not Before: Mar 29 10:00:42 2026 GMT
            Not After : Mar 30 10:00:42 2026 GMT
        Subject: CN=d0fde768a2648175bbcb235d304f1e698fd2a280
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3c:9c:1d:36:ea:3e:82:f5:e7:e8:d0:b6:4c:
                    5b:a8:f3:4e:82:32:54:cc:19:5b:9f:c3:1d:d1:2d:
                    dc:67:fd:a7:42:e2:eb:22:e3:60:6e:32:5f:1b:f1:
                    3e:d1:92:10:2a:84:8e:c9:f5:06:64:e0:07:51:c3:
                    e7:22:f8:01:1a:d4:8d:1a:c8:5e:af:ff:7d:a1:a6:
                    d7:9b:83:56:94:c8:9b:79:bc:d8:2e:4e:9d:ce:b2:
                    a0:9d:9e:0a:8f:7e:ab:c4:41:d0:f2:a8:4a:55:c9:
                    62:71:8b:2f:62:d0:0b:22:90:82:7d:62:f8:ae:f9:
                    f7:cc:24:32:69:1d:63:f7:25:12:4d:2c:bc:6d:39:
                    5a:8c:9c:03:ad:1e:b7:6e:2d:07:d8:96:a1:92:19:
                    04:c0:af:86:39:4c:40:db:24:f3:6f:b7:37:e3:6a:
                    77:7b:73:2a:3c:44:4f:af:88:ec:5f:e8:1b:93:72:
                    e4:a2:d4:49:0d:24:ad:65:be:ed:c6:c9:f9:43:d1:
                    54:54:f7:d3:45:ff:b2:6c:f9:68:e8:ef:72:a0:f2:
                    74:7d:42:80:5b:7f:92:3a:2f:9e:64:f3:6d:d2:b6:
                    ab:1e:64:e5:5a:44:da:b6:b3:de:54:a1:2f:0e:c8:
                    0c:28:1c:8b:58:c6:f4:41:17:7b:92:c1:db:39:b2:
                    72:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:FD:E7:68:A2:64:81:75:BB:CB:23:5D:30:4F:1E:69:8F:D2:A2:80
            X509v3 Authority Key Identifier:
                keyid:B9:4F:30:A0:76:94:A2:11:39:64:87:25:A2:6E:B3:4C:E4:A1:6B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uU8woHaUohE5ZIclom6zTOSha6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/f76c21-99c3-4f9a-8b42-77a3835d4fbb/1/uU8woHaUohE5ZIclom6zTOSha6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:ae:88:65:a1:9d:b7:d7:a8:71:82:1f:d7:5a:1a:91:96:7c:
         8a:2d:a1:f2:3f:23:87:31:9c:2a:a0:cf:c4:95:05:7c:59:e2:
         75:a3:5d:32:30:e7:ee:86:0a:63:1f:07:3f:8d:4c:19:5f:9d:
         92:52:aa:81:27:77:1d:53:bc:ff:22:57:93:f5:ad:c1:cb:69:
         06:6d:1e:bc:49:78:d0:56:21:4d:04:1e:98:1e:a1:67:ee:d6:
         6f:18:d3:1e:a2:cd:ea:d3:65:be:ca:ba:a7:31:b7:c7:81:a9:
         8a:e3:0f:58:e4:35:1a:b7:a7:eb:25:15:38:97:2f:b4:96:9e:
         05:8b:b1:a5:13:81:ae:99:32:7c:69:55:2b:b0:e9:df:ae:ce:
         9e:3c:c5:01:26:84:e4:28:82:0c:24:95:7c:5f:24:a2:91:69:
         34:30:80:a8:96:a6:3d:f9:7f:1b:a8:ec:5d:13:4d:a8:6d:1e:
         29:4f:41:bf:30:fe:87:f8:00:5a:aa:24:3a:66:dd:86:dd:0a:
         19:9d:a9:a1:e9:bc:53:78:27:c6:84:e3:58:a1:7a:94:d2:cb:
         c9:0c:37:c0:1c:62:7e:23:8d:e7:4e:b3:b6:4e:23:c0:bc:47:
         55:3a:25:1e:90:f8:04:0f:25:eb:16:b9:7f:17:36:03:93:c4:
         17:e7:6d:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CeLiy7aZqIpiJPBjcON8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NGYzMGEwNzY5NGEyMTEzOTY0ODcyNWEyNmViMzRjZTRh
MTZiYWIwHhcNMjYwMzI5MTAwMDQyWhcNMjYwMzMwMTAwMDQyWjAzMTEwLwYDVQQD
EyhkMGZkZTc2OGEyNjQ4MTc1YmJjYjIzNWQzMDRmMWU2OThmZDJhMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzycHTbqPoL15+jQtkxbqPNOgjJU
zBlbn8Md0S3cZ/2nQuLrIuNgbjJfG/E+0ZIQKoSOyfUGZOAHUcPnIvgBGtSNGshe
r/99oabXm4NWlMibebzYLk6dzrKgnZ4Kj36rxEHQ8qhKVclicYsvYtALIpCCfWL4
rvn3zCQyaR1j9yUSTSy8bTlajJwDrR63bi0H2JahkhkEwK+GOUxA2yTzb7c342p3
e3MqPERPr4jsX+gbk3LkotRJDSStZb7txsn5Q9FUVPfTRf+ybPlo6O9yoPJ0fUKA
W3+SOi+eZPNt0rarHmTlWkTatrPeVKEvDsgMKByLWMb0QRd7ksHbObJyfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFND952iiZIF1u8sjXTBPHmmP0qKAMB8GA1UdIwQY
MBaAFLlPMKB2lKIROWSHJaJus0zkoWurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDIt
NzdhMzgzNWQ0ZmJiLzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mNzZjMjEtOTljMy00ZjlhLThiNDItNzdhMzgzNWQ0ZmJi
LzEvdVU4d29IYVVvaEU1WkljbG9tNnpUT1NoYTZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD66IZaGd
t9eocYIf11oakZZ8ii2h8j8jhzGcKqDPxJUFfFnidaNdMjDn7oYKYx8HP41MGV+d
klKqgSd3HVO8/yJXk/WtwctpBm0evEl40FYhTQQemB6hZ+7WbxjTHqLN6tNlvsq6
pzG3x4GpiuMPWOQ1Gren6yUVOJcvtJaeBYuxpROBrpkyfGlVK7Dp367OnjzFASaE
5CiCDCSVfF8kopFpNDCAqJamPfl/G6jsXRNNqG0eKU9BvzD+h/gAWqokOmbdht0K
GZ2poem8U3gnxoTjWKF6lNLLyQw3wBxifiON506ztk4jwLxHVTolHpD4BA8l6xa5
fxc2A5PEF+dtmA==
-----END CERTIFICATE-----