Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
File:                     U_tSQvmM_53qm6qMiuRmpCtTfFw.mft (raw, json)
Hash identifier:          DlO7IZEB0rtc7HSeAafKM1+3yteXE63y2IQXbomKlWw=
Subject key identifier:   49:6C:A7:F8:DC:A5:C1:1F:7B:2A:72:90:FB:5D:FA:E9:17:16:87:03
Authority key identifier: 53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C
Certificate issuer:       /CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
Certificate serial:       019D38669147D51870A7B7A3900790C70AF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
Manifest number:          1874
Signing time:             Sun 29 Mar 2026 07:02:18 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:18 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:18 +0000
Files and hashes:         1: U_tSQvmM_53qm6qMiuRmpCtTfFw.crl (hash: BqgqDV1XK5oLg/mBZXpoUsitdBgJsT9YVCGWkPAOK58=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:91:47:d5:18:70:a7:b7:a3:90:07:90:c7:0a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53fb5242f98cff9dea9baa8c8ae466a42b537c5c
        Validity
            Not Before: Mar 29 07:02:18 2026 GMT
            Not After : Mar 30 07:02:18 2026 GMT
        Subject: CN=496ca7f8dca5c11f7b2a7290fb5dfae917168703
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:1b:94:43:f7:56:97:81:eb:5c:69:63:9f:5e:
                    9e:53:12:28:90:05:fb:0e:e9:dd:cc:a0:40:db:54:
                    3e:f5:77:0e:90:b5:86:6b:c7:e5:70:03:98:ad:91:
                    a3:6c:0a:91:71:bc:9c:14:0d:f0:b6:eb:1f:25:f8:
                    47:09:a0:de:be:92:de:f2:a9:0a:08:66:ac:89:cb:
                    8b:ad:af:bf:fd:38:4e:d7:7f:85:30:45:9e:49:b7:
                    ca:8d:bb:51:24:60:ec:cf:9d:89:f9:a1:5b:b3:0e:
                    25:67:e4:a4:ff:6b:f5:5e:39:71:70:75:7d:d1:ff:
                    8a:cc:0a:ca:31:b9:81:ee:f3:09:ca:36:36:ed:c3:
                    13:16:f9:21:51:28:86:e6:d8:32:26:45:4e:be:95:
                    8b:6d:b8:13:02:23:f3:c5:b8:64:17:95:97:31:6b:
                    e1:f9:6c:04:11:8a:a8:28:16:8a:c7:cc:69:be:21:
                    a8:df:c8:fc:9d:a7:a8:0e:7b:59:16:36:ec:25:35:
                    8e:99:29:7d:48:57:c4:a3:c4:66:ad:14:d0:d0:6f:
                    60:f9:04:b4:ac:2e:40:7b:a6:a3:98:da:3b:3a:5f:
                    92:b2:bc:9b:6d:71:c5:dc:33:de:81:0e:bb:43:90:
                    f0:8a:4c:92:5c:36:c7:b3:7a:ef:fd:ad:20:7c:79:
                    d0:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:6C:A7:F8:DC:A5:C1:1F:7B:2A:72:90:FB:5D:FA:E9:17:16:87:03
            X509v3 Authority Key Identifier:
                keyid:53:FB:52:42:F9:8C:FF:9D:EA:9B:AA:8C:8A:E4:66:A4:2B:53:7C:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_tSQvmM_53qm6qMiuRmpCtTfFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e4d7c6-a299-4b88-8247-9c4032963e17/1/U_tSQvmM_53qm6qMiuRmpCtTfFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:cf:39:e1:fe:7e:b6:f1:09:9a:26:70:15:80:3d:92:22:55:
         17:d2:68:f1:b1:ed:df:94:1e:8b:05:9b:c0:70:54:4b:bc:97:
         e8:b2:3b:21:0a:c0:ae:06:1d:d8:bf:a9:e8:79:d8:ba:de:fb:
         a1:f6:c6:04:35:f2:33:7e:03:ae:c7:cf:d0:ae:54:9e:72:f4:
         82:79:84:fb:f6:aa:b0:9d:2b:65:be:bd:88:14:c2:3d:14:7e:
         67:07:bf:fc:7b:56:40:1e:33:82:e8:93:e0:8c:52:13:e0:ef:
         bc:7a:78:cb:cc:48:6e:43:92:a3:47:ff:36:a7:3f:14:05:5a:
         ce:2c:25:65:b7:23:d6:a6:25:00:e6:95:92:57:0a:fd:22:da:
         6f:52:cc:ab:52:5d:43:82:d7:eb:6e:8c:c8:e1:4b:28:b7:7b:
         fc:d9:47:6a:21:e4:b8:24:d0:87:bd:81:83:bb:8a:68:0b:a4:
         a8:0f:51:b7:e2:3a:9f:a0:9a:8b:98:19:f4:6c:7c:95:d6:fa:
         54:72:7a:b8:c9:4b:3a:52:0c:97:d6:17:de:bf:b3:4d:12:2a:
         03:67:85:8a:3d:2b:b1:96:e9:18:80:ac:e3:16:ae:65:1d:08:
         a5:f6:6c:35:40:44:30:14:4f:de:9d:9f:f1:c3:9e:77:4d:b0:
         db:4f:88:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpFH1Rhwp7ejkAeQxwr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmI1MjQyZjk4Y2ZmOWRlYTliYWE4YzhhZTQ2NmE0MmI1
MzdjNWMwHhcNMjYwMzI5MDcwMjE4WhcNMjYwMzMwMDcwMjE4WjAzMTEwLwYDVQQD
Eyg0OTZjYTdmOGRjYTVjMTFmN2IyYTcyOTBmYjVkZmFlOTE3MTY4NzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8huUQ/dWl4HrXGljn16eUxIokAX7
DundzKBA21Q+9XcOkLWGa8flcAOYrZGjbAqRcbycFA3wtusfJfhHCaDevpLe8qkK
CGasicuLra+//ThO13+FMEWeSbfKjbtRJGDsz52J+aFbsw4lZ+Sk/2v1XjlxcHV9
0f+KzArKMbmB7vMJyjY27cMTFvkhUSiG5tgyJkVOvpWLbbgTAiPzxbhkF5WXMWvh
+WwEEYqoKBaKx8xpviGo38j8naeoDntZFjbsJTWOmSl9SFfEo8RmrRTQ0G9g+QS0
rC5Ae6ajmNo7Ol+SsrybbXHF3DPegQ67Q5DwikySXDbHs3rv/a0gfHnQ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElsp/jcpcEfeypykPtd+ukXFocDMB8GA1UdIwQY
MBaAFFP7UkL5jP+d6puqjIrkZqQrU3xcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDct
OWM0MDMyOTYzZTE3LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNGQ3YzYtYTI5OS00Yjg4LTgyNDctOWM0MDMyOTYzZTE3
LzEvVV90U1F2bU1fNTNxbTZxTWl1Um1wQ3RUZkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB8854f5+
tvEJmiZwFYA9kiJVF9Jo8bHt35QeiwWbwHBUS7yX6LI7IQrArgYd2L+p6HnYut77
ofbGBDXyM34DrsfP0K5UnnL0gnmE+/aqsJ0rZb69iBTCPRR+Zwe//HtWQB4zguiT
4IxSE+DvvHp4y8xIbkOSo0f/Nqc/FAVaziwlZbcj1qYlAOaVklcK/SLab1LMq1Jd
Q4LX626MyOFLKLd7/NlHaiHkuCTQh72Bg7uKaAukqA9Rt+I6n6Cai5gZ9Gx8ldb6
VHJ6uMlLOlIMl9YX3r+zTRIqA2eFij0rsZbpGICs4xauZR0IpfZsNUBEMBRP3p2f
8cOed02w20+IHQ==
-----END CERTIFICATE-----