Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
File:                     uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft (raw, json)
Hash identifier:          oXa8zObNZXvHWpvtPa/Ujy9u7zSN95nvMD9B7OJ8TZg=
Subject key identifier:   57:A0:17:E7:0F:E5:F7:66:5A:ED:12:91:61:A9:D5:06:5A:B2:CA:27
Authority key identifier: BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E
Certificate issuer:       /CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
Certificate serial:       019D37893F1B51343A4F20089566436A1188
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
Manifest number:          0810
Signing time:             Sun 29 Mar 2026 03:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:34 +0000
Files and hashes:         1: uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl (hash: ZE9IjxtKxV5DZQZm/ZbnHYxA4qsjKTRLQXvTht5zBfs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:3f:1b:51:34:3a:4f:20:08:95:66:43:6a:11:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baaf6c08bca308c1c78b0eed8ef30b4a0468118e
        Validity
            Not Before: Mar 29 03:00:34 2026 GMT
            Not After : Mar 30 03:00:34 2026 GMT
        Subject: CN=57a017e70fe5f7665aed129161a9d5065ab2ca27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5d:66:37:79:9c:cd:0b:c9:d9:4f:67:e1:b1:
                    bc:2b:9e:ce:fb:44:bd:a6:96:ac:61:c4:bd:35:d3:
                    00:65:2c:a7:4c:d2:91:ae:e4:2e:78:0f:21:d6:72:
                    b7:d4:d3:12:7b:a2:91:c3:38:c5:d7:cf:33:05:90:
                    5d:b1:70:b2:01:b3:0d:a6:b9:0d:c5:fa:6b:27:e9:
                    a3:c7:5a:5d:ca:73:f8:d2:34:c6:07:c7:8f:c8:19:
                    97:e6:5d:63:b7:12:a7:2b:ce:3e:de:b7:34:9f:a5:
                    22:b4:a8:2c:76:c1:36:2e:cd:28:92:e1:fb:ee:5f:
                    d7:0b:93:1c:c4:de:55:fd:ea:be:0e:87:62:99:aa:
                    82:02:6b:3f:d1:f2:c0:36:50:f4:9b:c5:2d:a8:d5:
                    59:af:cb:e2:30:78:1c:2e:01:a7:49:38:cd:0d:5f:
                    7e:0a:71:21:59:a4:96:62:63:f9:dd:5f:e2:a3:17:
                    9a:b8:ad:dd:29:06:04:2a:e9:9a:01:87:9f:85:79:
                    dc:bf:ed:4d:9b:74:8e:28:5a:c4:15:b9:23:3c:0e:
                    a3:e4:d9:bb:c3:65:8a:6b:6a:12:0a:1e:8a:6e:48:
                    a1:f2:5c:fa:30:f5:d1:a0:4f:7a:e9:b3:84:2b:2b:
                    88:81:69:ef:1e:f3:1f:e1:c7:44:50:81:f4:d6:73:
                    0f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:A0:17:E7:0F:E5:F7:66:5A:ED:12:91:61:A9:D5:06:5A:B2:CA:27
            X509v3 Authority Key Identifier:
                keyid:BA:AF:6C:08:BC:A3:08:C1:C7:8B:0E:ED:8E:F3:0B:4A:04:68:11:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uq9sCLyjCMHHiw7tjvMLSgRoEY4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4aa570-55fe-4b94-bc59-b4993b232e6c/1/uq9sCLyjCMHHiw7tjvMLSgRoEY4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:19:94:5e:7f:b4:26:47:21:0a:70:ba:14:67:e1:c7:a2:44:
         b2:0f:13:e8:e2:64:a5:21:79:72:44:23:32:bf:8c:6d:06:7d:
         38:79:51:b8:08:c8:60:b4:94:41:a3:be:4d:bf:2e:0c:7d:ea:
         36:f8:5f:96:1d:92:76:2a:4d:11:67:c8:a4:eb:d8:80:3f:55:
         cc:ba:cc:c0:2b:e2:aa:9c:56:38:d1:10:b3:cd:6b:f7:35:89:
         ce:70:21:c6:90:88:34:ae:6f:6c:bb:8e:3c:5e:e2:6b:15:96:
         b4:70:f1:d9:17:93:3f:a7:8c:79:90:15:f6:02:3a:fe:77:da:
         8c:89:85:03:4a:e0:61:29:b8:97:94:d0:9c:49:f2:44:87:20:
         c9:2f:34:b9:6c:f3:53:b5:bf:89:79:b4:e0:a5:1d:2b:10:76:
         46:74:c8:67:7f:47:7b:e3:69:52:0f:13:bd:ae:28:d7:30:ab:
         8d:2b:b3:81:3c:3c:2f:ca:03:5e:ef:86:05:15:3a:28:24:b8:
         3e:8e:34:0e:9f:aa:bb:be:50:e7:34:ce:aa:a7:52:22:03:68:
         a5:46:d5:0e:40:54:ed:41:e7:bc:44:84:69:c6:c4:aa:ba:d6:
         14:4e:17:b1:b3:12:5b:ff:6a:d6:9a:de:f0:ca:39:e2:d9:83:
         6f:c4:a8:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iT8bUTQ6TyAIlWZDahGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWY2YzA4YmNhMzA4YzFjNzhiMGVlZDhlZjMwYjRhMDQ2
ODExOGUwHhcNMjYwMzI5MDMwMDM0WhcNMjYwMzMwMDMwMDM0WjAzMTEwLwYDVQQD
Eyg1N2EwMTdlNzBmZTVmNzY2NWFlZDEyOTE2MWE5ZDUwNjVhYjJjYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV1mN3mczQvJ2U9n4bG8K57O+0S9
ppasYcS9NdMAZSynTNKRruQueA8h1nK31NMSe6KRwzjF188zBZBdsXCyAbMNprkN
xfprJ+mjx1pdynP40jTGB8ePyBmX5l1jtxKnK84+3rc0n6UitKgsdsE2Ls0okuH7
7l/XC5McxN5V/eq+DodimaqCAms/0fLANlD0m8UtqNVZr8viMHgcLgGnSTjNDV9+
CnEhWaSWYmP53V/ioxeauK3dKQYEKumaAYefhXncv+1Nm3SOKFrEFbkjPA6j5Nm7
w2WKa2oSCh6Kbkih8lz6MPXRoE966bOEKyuIgWnvHvMf4cdEUIH01nMPQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFegF+cP5fdmWu0SkWGp1QZassonMB8GA1UdIwQY
MBaAFLqvbAi8owjBx4sO7Y7zC0oEaBGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTkt
YjQ5OTNiMjMyZTZjLzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80YWE1NzAtNTVmZS00Yjk0LWJjNTktYjQ5OTNiMjMyZTZj
LzEvdXE5c0NMeWpDTUhIaXc3dGp2TUxTZ1JvRVk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACBmUXn+0
JkchCnC6FGfhx6JEsg8T6OJkpSF5ckQjMr+MbQZ9OHlRuAjIYLSUQaO+Tb8uDH3q
Nvhflh2SdipNEWfIpOvYgD9VzLrMwCviqpxWONEQs81r9zWJznAhxpCINK5vbLuO
PF7iaxWWtHDx2ReTP6eMeZAV9gI6/nfajImFA0rgYSm4l5TQnEnyRIcgyS80uWzz
U7W/iXm04KUdKxB2RnTIZ39He+NpUg8Tva4o1zCrjSuzgTw8L8oDXu+GBRU6KCS4
Po40Dp+qu75Q5zTOqqdSIgNopUbVDkBU7UHnvESEacbEqrrWFE4XsbMSW/9q1pre
8Mo54tmDb8SowQ==
-----END CERTIFICATE-----