Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
File:                     uIazyxP9IWfYnRIYXpNQbdRcmvk.mft (raw, json)
Hash identifier:          8SzfzBTbKMwolI8tzq4n744i7dhAHUzQtrIOlNf+qCw=
Subject key identifier:   6B:CE:10:49:ED:90:D4:30:50:28:CA:99:A6:B5:52:32:2B:ED:D0:90
Authority key identifier: B8:86:B3:CB:13:FD:21:67:D8:9D:12:18:5E:93:50:6D:D4:5C:9A:F9
Certificate issuer:       /CN=b886b3cb13fd2167d89d12185e93506dd45c9af9
Certificate serial:       019D37C0E742DCB67A1370C16C32F86C3546
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
Manifest number:          0DAF
Signing time:             Sun 29 Mar 2026 04:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:22 +0000
Files and hashes:         1: uIazyxP9IWfYnRIYXpNQbdRcmvk.crl (hash: 0yeTIrYOGWiYlz0dXjnFtzIG043w2NefhrmYLSX6oO0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:e7:42:dc:b6:7a:13:70:c1:6c:32:f8:6c:35:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b886b3cb13fd2167d89d12185e93506dd45c9af9
        Validity
            Not Before: Mar 29 04:01:22 2026 GMT
            Not After : Mar 30 04:01:22 2026 GMT
        Subject: CN=6bce1049ed90d4305028ca99a6b552322bedd090
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:5d:e6:55:2f:c0:fb:82:fe:26:78:6f:4d:98:
                    f9:02:4a:81:f7:80:7d:70:67:3c:3c:02:20:75:0f:
                    b1:b9:69:79:0e:2e:50:34:bf:71:b8:99:78:c3:8e:
                    45:74:c8:fe:34:df:ae:48:6e:6a:f7:39:ac:35:9d:
                    67:bb:a4:e5:31:80:2d:9d:f6:36:c4:0b:db:cb:cd:
                    94:26:ac:a2:b1:b4:c5:a9:dc:f4:ce:60:53:0b:37:
                    0f:dd:09:ea:bc:18:e2:20:88:48:fb:1d:eb:31:8d:
                    ed:c6:06:65:67:5c:e1:2b:db:36:94:65:ee:ed:3a:
                    b3:61:0e:a9:f8:0c:e9:35:dd:e0:af:ab:c6:4e:30:
                    99:54:42:eb:12:c8:f0:5f:d0:eb:8e:6f:e8:71:b4:
                    b8:07:41:b8:ce:87:fc:bd:65:3f:cd:2b:ce:67:73:
                    3c:2e:a4:c8:1d:52:28:e7:41:28:9c:96:bf:66:ef:
                    96:c6:d2:0f:34:b8:2e:de:63:b7:23:3c:36:f5:15:
                    9e:9a:63:4f:50:7f:2b:a2:13:e8:a9:b6:14:69:a0:
                    01:e7:63:b2:63:11:72:f4:97:63:85:4c:a9:68:1d:
                    ef:d1:d2:f7:d4:a3:f4:8b:c0:38:73:c0:04:8e:1f:
                    6b:ef:83:bb:6b:4e:a1:5c:08:e4:e8:15:5f:f4:67:
                    24:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:CE:10:49:ED:90:D4:30:50:28:CA:99:A6:B5:52:32:2B:ED:D0:90
            X509v3 Authority Key Identifier:
                keyid:B8:86:B3:CB:13:FD:21:67:D8:9D:12:18:5E:93:50:6D:D4:5C:9A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uIazyxP9IWfYnRIYXpNQbdRcmvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/42ac3c-c583-4b82-bcb7-04739402e27b/1/uIazyxP9IWfYnRIYXpNQbdRcmvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:58:e0:dd:8e:3c:59:f5:6f:03:62:5c:0f:5a:c6:d2:b2:b8:
         5a:6f:e4:50:30:ca:83:d5:41:e1:de:b5:13:12:cc:4a:df:77:
         93:52:36:fc:f9:3b:06:12:50:22:95:32:6c:0f:e7:5a:a5:1d:
         76:72:f6:57:c5:b5:a4:88:90:47:ce:ef:db:01:6a:b3:93:d5:
         d8:3f:57:a2:7f:33:af:5b:c7:49:83:2c:5f:78:80:6c:6e:3a:
         48:9b:6a:2f:9c:e9:81:87:e1:5e:f4:25:3e:8b:4c:b3:d6:4c:
         3f:57:a4:33:14:d9:05:42:62:16:1b:63:f5:4e:e2:ba:0e:95:
         17:7b:42:2f:83:96:e8:1b:56:d5:e3:cd:88:41:e8:35:cd:ea:
         ee:3a:4c:49:34:12:c7:7a:3d:96:35:71:e0:f1:dd:bf:3d:84:
         60:79:4b:9a:f2:f3:c3:3d:d1:39:bb:4b:9e:1f:d3:30:24:90:
         39:97:64:0b:20:7c:d9:88:37:8b:6e:7c:e4:49:94:ca:d6:d2:
         f0:ce:69:b8:99:08:43:39:c6:95:cb:ca:5f:df:03:33:7c:ae:
         7a:a6:01:b5:47:38:9c:b4:e2:28:b8:aa:b7:a9:9c:bf:3c:99:
         9f:54:04:f8:d4:28:0b:38:df:8d:e2:d8:aa:97:b0:25:22:cb:
         69:f5:d8:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wOdC3LZ6E3DBbDL4bDVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ODZiM2NiMTNmZDIxNjdkODlkMTIxODVlOTM1MDZkZDQ1
YzlhZjkwHhcNMjYwMzI5MDQwMTIyWhcNMjYwMzMwMDQwMTIyWjAzMTEwLwYDVQQD
Eyg2YmNlMTA0OWVkOTBkNDMwNTAyOGNhOTlhNmI1NTIzMjJiZWRkMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV3mVS/A+4L+JnhvTZj5AkqB94B9
cGc8PAIgdQ+xuWl5Di5QNL9xuJl4w45FdMj+NN+uSG5q9zmsNZ1nu6TlMYAtnfY2
xAvby82UJqyisbTFqdz0zmBTCzcP3QnqvBjiIIhI+x3rMY3txgZlZ1zhK9s2lGXu
7TqzYQ6p+AzpNd3gr6vGTjCZVELrEsjwX9Drjm/ocbS4B0G4zof8vWU/zSvOZ3M8
LqTIHVIo50EonJa/Zu+WxtIPNLgu3mO3Izw29RWemmNPUH8rohPoqbYUaaAB52Oy
YxFy9JdjhUypaB3v0dL31KP0i8A4c8AEjh9r74O7a06hXAjk6BVf9GckKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvOEEntkNQwUCjKmaa1UjIr7dCQMB8GA1UdIwQY
MBaAFLiGs8sT/SFn2J0SGF6TUG3UXJr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80MmFjM2MtYzU4My00YjgyLWJjYjct
MDQ3Mzk0MDJlMjdiLzEvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80MmFjM2MtYzU4My00YjgyLWJjYjctMDQ3Mzk0MDJlMjdi
LzEvdUlhenl4UDlJV2ZZblJJWVhwTlFiZFJjbXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1jg3Y48
WfVvA2JcD1rG0rK4Wm/kUDDKg9VB4d61ExLMSt93k1I2/Pk7BhJQIpUybA/nWqUd
dnL2V8W1pIiQR87v2wFqs5PV2D9Xon8zr1vHSYMsX3iAbG46SJtqL5zpgYfhXvQl
PotMs9ZMP1ekMxTZBUJiFhtj9U7iug6VF3tCL4OW6BtW1ePNiEHoNc3q7jpMSTQS
x3o9ljVx4PHdvz2EYHlLmvLzwz3RObtLnh/TMCSQOZdkCyB82Yg3i2585EmUytbS
8M5puJkIQznGlcvKX98DM3yueqYBtUc4nLTiKLiqt6mcvzyZn1QE+NQoCzjfjeLY
qpewJSLLafXYeQ==
-----END CERTIFICATE-----