Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          mzo+V6P0Y2XOQ6W+a2UzQcpwHzwG8fIu6lGZ+aYppyI=
Subject key identifier:   EA:B6:40:45:AB:BD:48:7A:D8:28:8D:51:2B:E8:FF:8C:CF:14:0D:B6
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       019D3940B829A8840A13C2CF158D5D6279CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          1591
Signing time:             Sun 29 Mar 2026 11:00:35 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:35 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:35 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: F2uL+ZUCumyFggy3+FNE4AahrsFWRtaPaLWxz3hXRDI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:b8:29:a8:84:0a:13:c2:cf:15:8d:5d:62:79:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Mar 29 11:00:35 2026 GMT
            Not After : Mar 30 11:00:35 2026 GMT
        Subject: CN=eab64045abbd487ad8288d512be8ff8ccf140db6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:27:3e:69:cb:46:f8:30:6d:e1:dd:fc:c2:cb:
                    7b:06:cd:1e:b8:d7:e3:7b:2b:0a:27:5b:9c:2b:b3:
                    58:34:e9:72:dc:d9:37:b6:96:1a:28:6a:4a:7b:ba:
                    ce:df:e7:04:f8:c3:b2:2f:b5:7c:5f:b0:bc:c0:e3:
                    b8:f4:91:a3:f5:29:34:be:ef:0f:2d:8e:d7:69:9c:
                    13:37:c5:4e:a8:04:0c:71:e8:21:ec:0b:63:56:34:
                    f5:22:0d:bf:96:38:41:26:3b:b9:c3:09:a6:bf:7a:
                    37:28:91:be:7c:f7:6e:34:dc:b2:08:91:1a:5d:9a:
                    2f:75:14:72:2f:7a:e1:27:60:0d:9d:6c:68:67:3f:
                    96:a9:c5:c3:6d:eb:79:b6:39:07:b5:43:26:2b:c5:
                    60:55:a0:3f:b2:73:0b:fb:2d:e8:99:bb:33:73:45:
                    29:1c:a1:85:b7:b1:53:a7:81:e1:23:23:39:b2:41:
                    dd:3c:90:0b:e9:c1:5f:1c:d8:08:fe:22:d0:59:b6:
                    2c:c5:a3:10:d2:81:e2:56:cf:45:22:b1:61:f8:8b:
                    ec:ab:0e:ff:74:f8:06:0d:1f:25:8b:b0:05:b4:c0:
                    bb:6c:5a:18:e6:64:31:10:5e:cc:22:11:46:bf:8f:
                    68:22:6b:58:a7:97:47:57:39:b2:66:10:21:f5:b1:
                    45:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:B6:40:45:AB:BD:48:7A:D8:28:8D:51:2B:E8:FF:8C:CF:14:0D:B6
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:9c:7d:10:72:61:97:4c:34:c7:8b:c8:8f:fe:b7:ff:59:26:
         31:f8:b9:c3:bc:3f:27:67:ab:d3:55:07:20:1a:ea:1f:61:d0:
         df:fa:8f:03:f5:a5:1e:4c:e8:1e:bc:5d:19:2b:7c:dd:15:36:
         8a:4f:10:d7:b8:36:7f:c8:4c:98:4b:53:89:11:91:5a:42:87:
         c0:36:13:04:cb:b4:e3:1a:8f:fb:19:8b:3d:66:32:98:ab:55:
         92:fd:eb:bd:e2:bf:5e:bf:e8:f3:69:0a:f2:4d:aa:36:f1:28:
         70:39:55:1d:1e:43:85:6b:19:52:c1:cf:02:51:a0:c1:05:27:
         68:cd:22:b7:38:2e:85:81:3c:02:23:6e:6c:3c:da:1f:10:97:
         04:f5:32:55:41:88:bb:6f:3e:6c:28:23:e0:c8:81:25:ec:fc:
         83:27:b8:7b:87:27:b0:ec:cc:31:4f:7e:8f:44:f4:bc:34:c5:
         25:5e:13:b6:9f:95:cd:70:ea:7b:47:a6:c1:ca:c5:3c:ba:a8:
         0d:ec:19:c6:e5:da:60:e3:1b:78:04:c7:72:f6:d2:de:cf:1c:
         18:bd:14:ca:4c:6e:af:9d:ea:5f:97:51:67:8a:d0:e4:8b:a8:
         05:69:6e:1f:22:41:ae:ef:5a:b2:d9:82:86:6f:1c:3f:f0:05:
         ac:f2:a5:38
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QLgpqIQKE8LPFY1dYnnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjYwMzI5MTEwMDM1WhcNMjYwMzMwMTEwMDM1WjAzMTEwLwYDVQQD
EyhlYWI2NDA0NWFiYmQ0ODdhZDgyODhkNTEyYmU4ZmY4Y2NmMTQwZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyc+actG+DBt4d38wst7Bs0euNfj
eysKJ1ucK7NYNOly3Nk3tpYaKGpKe7rO3+cE+MOyL7V8X7C8wOO49JGj9Sk0vu8P
LY7XaZwTN8VOqAQMcegh7AtjVjT1Ig2/ljhBJju5wwmmv3o3KJG+fPduNNyyCJEa
XZovdRRyL3rhJ2ANnWxoZz+WqcXDbet5tjkHtUMmK8VgVaA/snML+y3ombszc0Up
HKGFt7FTp4HhIyM5skHdPJAL6cFfHNgI/iLQWbYsxaMQ0oHiVs9FIrFh+Ivsqw7/
dPgGDR8li7AFtMC7bFoY5mQxEF7MIhFGv49oImtYp5dHVzmyZhAh9bFFKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOq2QEWrvUh62CiNUSvo/4zPFA22MB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFZx9EHJh
l0w0x4vIj/63/1kmMfi5w7w/J2er01UHIBrqH2HQ3/qPA/WlHkzoHrxdGSt83RU2
ik8Q17g2f8hMmEtTiRGRWkKHwDYTBMu04xqP+xmLPWYymKtVkv3rveK/Xr/o82kK
8k2qNvEocDlVHR5DhWsZUsHPAlGgwQUnaM0itzguhYE8AiNubDzaHxCXBPUyVUGI
u28+bCgj4MiBJez8gye4e4cnsOzMMU9+j0T0vDTFJV4Ttp+VzXDqe0emwcrFPLqo
DewZxuXaYOMbeATHcvbS3s8cGL0Uykxur53qX5dRZ4rQ5IuoBWluHyJBru9astmC
hm8cP/AFrPKlOA==
-----END CERTIFICATE-----