Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
File:                     U53I-Drwei_XEh53wBzCg8ZRoIc.mft (raw, json)
Hash identifier:          Pl+pZgxVo0p0NSTyEWinp+dvPdyc4jnSEhEYecqlOKg=
Subject key identifier:   91:8C:D7:AB:6C:36:B9:28:DE:4B:0A:8F:F3:2E:49:02:10:10:AE:D5
Authority key identifier: 53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87
Certificate issuer:       /CN=539dc8f83af07a2fd7121e77c01cc283c651a087
Certificate serial:       019D3A8A7DDA3C8ADF091E244232BFCD75AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
Manifest number:          1890
Signing time:             Sun 29 Mar 2026 17:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 17:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 17:00:47 +0000
Files and hashes:         1: U53I-Drwei_XEh53wBzCg8ZRoIc.crl (hash: 62jmU9NehDbdHrFMRT4XOGqoMIvLjZMr5slzB7REgak=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:7d:da:3c:8a:df:09:1e:24:42:32:bf:cd:75:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539dc8f83af07a2fd7121e77c01cc283c651a087
        Validity
            Not Before: Mar 29 17:00:47 2026 GMT
            Not After : Mar 30 17:00:47 2026 GMT
        Subject: CN=918cd7ab6c36b928de4b0a8ff32e49021010aed5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f3:7d:21:63:f5:8f:cc:34:8f:ca:23:e9:68:
                    c7:4f:ed:4a:a0:89:f4:ad:82:3d:91:2e:69:b8:bf:
                    86:e4:f2:86:04:10:48:e0:87:02:0c:73:97:a6:45:
                    b8:84:4e:3f:32:5c:0a:75:78:c3:04:c4:68:9c:f8:
                    ca:4e:b5:f1:6b:cb:d5:70:59:97:19:8a:65:3b:36:
                    01:38:05:da:52:ea:d3:2c:9b:ab:7f:1a:4d:a3:f5:
                    9c:78:50:4d:7a:b5:6d:ad:bd:0b:84:aa:7d:5f:ee:
                    c8:da:f2:78:e4:6c:9b:1c:a4:98:ed:d7:8e:45:2c:
                    90:9d:94:f0:0c:4a:eb:80:54:7b:9e:2e:df:b2:7b:
                    43:7f:76:22:08:bb:5b:62:d2:3c:57:a8:5e:d8:cd:
                    a2:3c:53:b8:59:da:3b:e5:6d:c8:a2:48:d1:f8:aa:
                    1d:3c:34:30:b3:6e:24:7e:0d:c7:63:3f:72:b4:6b:
                    98:a1:5c:4c:b8:2f:99:d3:af:3e:24:82:9c:2d:d3:
                    25:06:33:2c:57:a9:d5:64:56:5b:68:7f:a5:11:65:
                    47:34:b8:cd:16:51:2e:a5:11:d2:ec:66:a1:98:e4:
                    72:d0:df:07:c3:b9:ce:10:b6:a7:a1:06:76:b4:51:
                    d7:ea:58:57:53:8f:e6:2f:f0:4a:98:da:5c:bd:81:
                    ec:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:8C:D7:AB:6C:36:B9:28:DE:4B:0A:8F:F3:2E:49:02:10:10:AE:D5
            X509v3 Authority Key Identifier:
                keyid:53:9D:C8:F8:3A:F0:7A:2F:D7:12:1E:77:C0:1C:C2:83:C6:51:A0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U53I-Drwei_XEh53wBzCg8ZRoIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/732ea2-9a5c-4eda-b9b4-6276b178efdf/1/U53I-Drwei_XEh53wBzCg8ZRoIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:99:d5:e2:f2:80:3f:9c:bc:ff:8d:7b:b3:a2:22:a2:c5:87:
         5c:60:a1:c8:86:ba:e4:df:c8:14:cb:de:e1:ed:b6:18:88:e5:
         38:5c:af:51:f7:67:18:6f:6a:f3:83:f2:f6:0c:d1:e0:a9:25:
         cd:0d:52:bc:45:97:3f:ad:97:32:fb:63:f2:33:1b:f1:a3:4f:
         1a:90:f3:72:96:6a:74:77:5f:c1:2c:0f:55:57:95:23:60:fb:
         29:76:95:86:18:62:71:ba:5a:0c:6b:2c:07:71:b3:e0:60:07:
         9d:ef:6e:0c:c0:7c:02:94:df:dc:d8:7c:46:08:e3:79:93:61:
         6a:57:39:c0:05:5e:e1:28:a5:e3:bd:68:6a:1e:71:98:ce:b6:
         5b:7d:35:48:73:19:ca:1c:40:d2:7e:2c:54:9c:59:dc:03:d3:
         4a:35:85:15:b6:6e:a5:6b:3a:01:b2:51:72:08:97:d9:5e:73:
         5c:d2:8d:7d:b4:e6:bf:7b:06:4d:eb:f6:72:9e:8e:80:6b:5d:
         61:f2:b1:96:d6:25:3f:40:ca:f3:46:af:53:10:64:ea:5d:ea:
         43:5a:10:80:01:3a:b3:20:3f:7e:f2:5c:22:54:42:dc:a6:14:
         45:2a:45:fa:66:dc:e1:e6:bb:81:c1:8c:7a:b5:50:bc:60:20:
         80:07:00:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06in3aPIrfCR4kQjK/zXWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOWRjOGY4M2FmMDdhMmZkNzEyMWU3N2MwMWNjMjgzYzY1
MWEwODcwHhcNMjYwMzI5MTcwMDQ3WhcNMjYwMzMwMTcwMDQ3WjAzMTEwLwYDVQQD
Eyg5MThjZDdhYjZjMzZiOTI4ZGU0YjBhOGZmMzJlNDkwMjEwMTBhZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/N9IWP1j8w0j8oj6WjHT+1KoIn0
rYI9kS5puL+G5PKGBBBI4IcCDHOXpkW4hE4/MlwKdXjDBMRonPjKTrXxa8vVcFmX
GYplOzYBOAXaUurTLJurfxpNo/WceFBNerVtrb0LhKp9X+7I2vJ45GybHKSY7deO
RSyQnZTwDErrgFR7ni7fsntDf3YiCLtbYtI8V6he2M2iPFO4Wdo75W3IokjR+Kod
PDQws24kfg3HYz9ytGuYoVxMuC+Z068+JIKcLdMlBjMsV6nVZFZbaH+lEWVHNLjN
FlEupRHS7GahmORy0N8Hw7nOELanoQZ2tFHX6lhXU4/mL/BKmNpcvYHsPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGM16tsNrko3ksKj/MuSQIQEK7VMB8GA1UdIwQY
MBaAFFOdyPg68Hov1xIed8AcwoPGUaCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQt
NjI3NmIxNzhlZmRmLzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MzJlYTItOWE1Yy00ZWRhLWI5YjQtNjI3NmIxNzhlZmRm
LzEvVTUzSS1EcndlaV9YRWg1M3dCekNnOFpSb0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapnV4vKA
P5y8/417s6IiosWHXGChyIa65N/IFMve4e22GIjlOFyvUfdnGG9q84Py9gzR4Kkl
zQ1SvEWXP62XMvtj8jMb8aNPGpDzcpZqdHdfwSwPVVeVI2D7KXaVhhhicbpaDGss
B3Gz4GAHne9uDMB8ApTf3Nh8RgjjeZNhalc5wAVe4Sil471oah5xmM62W301SHMZ
yhxA0n4sVJxZ3APTSjWFFbZupWs6AbJRcgiX2V5zXNKNfbTmv3sGTev2cp6OgGtd
YfKxltYlP0DK80avUxBk6l3qQ1oQgAE6syA/fvJcIlRC3KYURSpF+mbc4ea7gcGM
erVQvGAggAcA6Q==
-----END CERTIFICATE-----