Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/e65c73-eeb1-4064-b6d4-b56d0c53ff04/1/uSlkIXfSedGfRHiNubyPENZdm9c.mft
File:                     uSlkIXfSedGfRHiNubyPENZdm9c.mft (raw, json)
Hash identifier:          tQHPnCn/lyC8SV/wJLocg/bBPYUNPZptO1sqa15eTjc=
Subject key identifier:   21:01:60:9B:BE:17:11:87:9A:C6:D1:C4:9E:45:7E:8C:10:50:54:AB
Authority key identifier: B9:29:64:21:77:D2:79:D1:9F:44:78:8D:B9:BC:8F:10:D6:5D:9B:D7
Certificate issuer:       /CN=b929642177d279d19f44788db9bc8f10d65d9bd7
Certificate serial:       019D38D29C90CE4002FF74BC138BCDB109DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uSlkIXfSedGfRHiNubyPENZdm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/e65c73-eeb1-4064-b6d4-b56d0c53ff04/1/uSlkIXfSedGfRHiNubyPENZdm9c.mft
Manifest number:          0215
Signing time:             Sun 29 Mar 2026 09:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:19 +0000
Files and hashes:         1: uSlkIXfSedGfRHiNubyPENZdm9c.crl (hash: 3RGlVM2MLi3aKRLX6rcFlNuxA5GM+BxuNFckizvuMd4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/e65c73-eeb1-4064-b6d4-b56d0c53ff04/1/uSlkIXfSedGfRHiNubyPENZdm9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/e65c73-eeb1-4064-b6d4-b56d0c53ff04/1/uSlkIXfSedGfRHiNubyPENZdm9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uSlkIXfSedGfRHiNubyPENZdm9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:9c:90:ce:40:02:ff:74:bc:13:8b:cd:b1:09:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b929642177d279d19f44788db9bc8f10d65d9bd7
        Validity
            Not Before: Mar 29 09:00:19 2026 GMT
            Not After : Mar 30 09:00:19 2026 GMT
        Subject: CN=2101609bbe1711879ac6d1c49e457e8c105054ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:aa:a0:ff:54:ad:26:b3:2b:28:49:75:b5:d2:
                    b3:4b:7e:28:6d:9e:67:56:7d:72:ae:e9:e8:83:58:
                    19:31:e5:76:0f:3a:d1:ed:3c:67:7c:8e:5e:a8:73:
                    2d:b6:09:0f:84:c6:2d:8d:87:e4:e2:8c:84:19:cb:
                    ca:f4:cf:1c:40:f1:1a:77:b2:67:24:39:28:49:e2:
                    0a:8f:36:64:3e:e4:64:41:bb:90:b1:65:e9:2b:65:
                    dc:74:b3:09:5a:cb:0c:5e:ff:49:03:4b:7c:78:e7:
                    18:e4:2e:e6:af:e7:f0:98:e4:9d:6e:74:55:ea:bc:
                    8e:23:94:5e:e7:e8:b4:be:89:9b:69:e9:95:42:d3:
                    28:77:a7:e3:b2:30:0d:48:ec:23:52:fe:ad:4e:b6:
                    e5:b1:1d:7c:95:16:17:19:c7:49:a0:84:42:40:9a:
                    55:ce:ee:c3:67:83:bf:eb:41:9b:ba:97:65:08:87:
                    0f:90:68:0b:86:fb:14:1c:d4:7e:7f:27:aa:5d:5a:
                    96:1a:f9:4c:3f:86:88:d6:8a:e3:3a:38:08:af:8e:
                    e3:1f:8e:77:2c:ad:4a:38:d7:06:ff:7d:c1:a1:a1:
                    f2:b1:86:e7:e9:74:5a:71:72:62:9b:d9:c1:9e:da:
                    5a:e6:b6:8e:64:8c:9d:4a:29:05:c0:f3:28:6e:fb:
                    c9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:01:60:9B:BE:17:11:87:9A:C6:D1:C4:9E:45:7E:8C:10:50:54:AB
            X509v3 Authority Key Identifier:
                keyid:B9:29:64:21:77:D2:79:D1:9F:44:78:8D:B9:BC:8F:10:D6:5D:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uSlkIXfSedGfRHiNubyPENZdm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e65c73-eeb1-4064-b6d4-b56d0c53ff04/1/uSlkIXfSedGfRHiNubyPENZdm9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/e65c73-eeb1-4064-b6d4-b56d0c53ff04/1/uSlkIXfSedGfRHiNubyPENZdm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:2b:b3:f2:41:77:f0:7d:09:ff:26:fe:a8:e8:b9:51:70:4b:
         ca:b6:94:45:3a:d5:9b:ec:30:f8:f8:b6:3c:60:b8:25:bb:75:
         57:2b:a5:57:b2:c1:fa:91:ef:45:2a:c2:86:cc:70:31:d7:79:
         5f:c5:a2:41:6f:d8:ce:69:69:e4:24:29:f2:0f:f5:e9:f1:bc:
         66:7c:66:8c:7d:db:b5:59:d9:29:7f:87:3b:7c:09:47:92:0f:
         c2:82:06:c3:c9:f0:75:12:61:69:60:c5:fc:16:ad:49:b5:73:
         84:31:3f:c7:35:e0:df:a1:75:dc:af:8d:32:5b:31:7a:26:2a:
         14:8f:0e:6e:a8:96:2c:d8:24:89:8e:2f:9c:ba:bf:60:b4:e0:
         55:03:20:b6:8c:33:58:22:b4:3d:7c:4d:d3:3c:f8:ed:a3:24:
         79:a0:d6:8b:38:86:52:cf:13:27:5a:d5:d9:05:69:1d:b9:3b:
         b0:66:c8:1c:ab:fe:c8:51:a6:15:da:19:b8:a7:54:0f:11:cb:
         92:83:53:10:18:83:f8:ee:e4:cf:3e:6c:ba:95:b9:4b:2a:70:
         74:c1:e3:9c:26:de:5d:7d:06:79:ef:16:66:16:d5:85:9e:8c:
         1d:da:07:22:5c:b9:9f:81:f3:f3:39:a8:84:6d:d7:da:e2:f1:
         e2:32:dc:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040pyQzkAC/3S8E4vNsQncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Mjk2NDIxNzdkMjc5ZDE5ZjQ0Nzg4ZGI5YmM4ZjEwZDY1
ZDliZDcwHhcNMjYwMzI5MDkwMDE5WhcNMjYwMzMwMDkwMDE5WjAzMTEwLwYDVQQD
EygyMTAxNjA5YmJlMTcxMTg3OWFjNmQxYzQ5ZTQ1N2U4YzEwNTA1NGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKqg/1StJrMrKEl1tdKzS34obZ5n
Vn1yrunog1gZMeV2DzrR7TxnfI5eqHMttgkPhMYtjYfk4oyEGcvK9M8cQPEad7Jn
JDkoSeIKjzZkPuRkQbuQsWXpK2XcdLMJWssMXv9JA0t8eOcY5C7mr+fwmOSdbnRV
6ryOI5Re5+i0vombaemVQtMod6fjsjANSOwjUv6tTrblsR18lRYXGcdJoIRCQJpV
zu7DZ4O/60GbupdlCIcPkGgLhvsUHNR+fyeqXVqWGvlMP4aI1orjOjgIr47jH453
LK1KONcG/33BoaHysYbn6XRacXJim9nBntpa5raOZIydSikFwPMobvvJRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEBYJu+FxGHmsbRxJ5FfowQUFSrMB8GA1UdIwQY
MBaAFLkpZCF30nnRn0R4jbm8jxDWXZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVNsa0lYZlNlZEdmUkhpTnVieVBFTlpkbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9lNjVjNzMtZWViMS00MDY0LWI2ZDQt
YjU2ZDBjNTNmZjA0LzEvdVNsa0lYZlNlZEdmUkhpTnVieVBFTlpkbTljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9lNjVjNzMtZWViMS00MDY0LWI2ZDQtYjU2ZDBjNTNmZjA0
LzEvdVNsa0lYZlNlZEdmUkhpTnVieVBFTlpkbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUSuz8kF3
8H0J/yb+qOi5UXBLyraURTrVm+ww+Pi2PGC4Jbt1VyulV7LB+pHvRSrChsxwMdd5
X8WiQW/Yzmlp5CQp8g/16fG8ZnxmjH3btVnZKX+HO3wJR5IPwoIGw8nwdRJhaWDF
/BatSbVzhDE/xzXg36F13K+NMlsxeiYqFI8ObqiWLNgkiY4vnLq/YLTgVQMgtowz
WCK0PXxN0zz47aMkeaDWiziGUs8TJ1rV2QVpHbk7sGbIHKv+yFGmFdoZuKdUDxHL
koNTEBiD+O7kzz5supW5SypwdMHjnCbeXX0Gee8WZhbVhZ6MHdoHIly5n4Hz8zmo
hG3X2uLx4jLcNg==
-----END CERTIFICATE-----