Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
File:                     UoUm3npC8eCAkWhA7r85A4uJPRY.mft (raw, json)
Hash identifier:          N2sG5eDSV+eylVJkiWhg02L21ayVj2mbD4a7RLU0Hsw=
Subject key identifier:   EC:97:7A:D5:B0:4D:66:4F:FA:E6:4C:86:92:D0:C8:9B:05:EF:CB:54
Authority key identifier: 52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16
Certificate issuer:       /CN=528526de7a42f1e080916840eebf39038b893d16
Certificate serial:       019D3866248C903D59E7265B5EBE18D62DAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
Manifest number:          0C14
Signing time:             Sun 29 Mar 2026 07:01:51 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:51 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:51 +0000
Files and hashes:         1: UoUm3npC8eCAkWhA7r85A4uJPRY.crl (hash: yxdfwhleTDxkc1vttV24L7GQDCHOgef4P9qByDVanQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:24:8c:90:3d:59:e7:26:5b:5e:be:18:d6:2d:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=528526de7a42f1e080916840eebf39038b893d16
        Validity
            Not Before: Mar 29 07:01:51 2026 GMT
            Not After : Mar 30 07:01:51 2026 GMT
        Subject: CN=ec977ad5b04d664ffae64c8692d0c89b05efcb54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:31:66:b2:b3:2b:8b:2b:6d:ba:cc:02:87:be:
                    83:b4:93:83:a4:98:75:22:aa:17:70:85:47:a4:eb:
                    07:d9:b6:4f:49:f8:55:59:64:16:a4:07:8d:00:8b:
                    44:ca:c0:9c:a9:18:91:1b:c8:38:7b:f8:e1:85:e2:
                    8e:73:bc:b5:a4:68:ab:da:c0:31:d5:4a:d2:91:8a:
                    b4:a9:7a:e4:02:4a:61:c6:9a:2d:3a:83:15:01:be:
                    5c:cd:bd:42:7a:84:54:a0:e8:25:89:b2:b8:89:75:
                    63:ec:e4:7b:86:54:ca:5d:74:6b:fd:79:2c:df:b6:
                    02:55:6f:43:d8:4e:42:79:40:c5:f9:26:f2:ca:b3:
                    f1:5c:d7:82:3f:c7:5b:cb:5b:9a:d3:6d:72:9c:f2:
                    ee:f2:a8:08:a5:c4:d3:a0:57:15:0c:cf:3c:70:ef:
                    6d:b5:04:f4:7f:17:d7:1a:76:cf:65:82:3f:62:40:
                    a7:6e:1f:26:7a:17:b8:78:7b:4e:ab:94:fe:a9:8a:
                    f7:1f:f3:e3:bf:38:75:79:6a:8c:8f:5c:2b:09:d3:
                    d6:ea:8a:3c:5d:a1:2c:99:b9:c8:d9:40:ab:01:27:
                    d1:b7:a9:88:54:39:e1:37:86:d2:85:f2:04:ce:77:
                    6d:e0:9d:bc:40:97:75:4e:b8:ab:98:63:0f:41:88:
                    b3:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:97:7A:D5:B0:4D:66:4F:FA:E6:4C:86:92:D0:C8:9B:05:EF:CB:54
            X509v3 Authority Key Identifier:
                keyid:52:85:26:DE:7A:42:F1:E0:80:91:68:40:EE:BF:39:03:8B:89:3D:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UoUm3npC8eCAkWhA7r85A4uJPRY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/96a928-819c-476c-bae1-50c9f5b3c3e4/1/UoUm3npC8eCAkWhA7r85A4uJPRY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:87:3c:f1:9e:e3:2b:68:1c:0c:85:16:7d:0e:99:94:3d:81:
         1f:8d:57:08:31:55:a9:fb:33:bf:c6:d2:19:cf:26:aa:49:c1:
         78:e9:2a:87:db:9f:1d:bf:bf:ac:d8:10:4f:6b:23:21:de:86:
         79:10:b5:97:1d:f2:e8:74:9a:c9:0b:17:62:13:15:fc:34:bb:
         42:16:88:5c:6a:52:dc:78:4d:0e:be:45:52:fd:76:d5:5c:82:
         2e:f1:15:2d:33:90:f9:6e:81:e5:d3:1d:eb:b5:87:f4:25:4d:
         be:d9:c2:cb:ce:4f:10:09:b8:da:4b:db:a0:98:1c:8a:71:3d:
         fd:a1:1d:1b:84:88:19:9b:dc:e9:ac:8b:64:51:28:c3:f9:bf:
         4b:4b:33:3a:a4:cc:81:b9:ba:ad:0f:48:8d:e5:9d:e3:b6:e5:
         ad:9d:3a:fa:0a:2d:4c:60:8f:d5:25:4d:5a:b5:8c:05:02:cd:
         9f:27:8f:c4:5f:ba:a5:8a:bd:9b:a8:0b:0e:67:56:79:c2:01:
         9f:a0:4b:3e:d0:df:aa:75:e7:ea:70:9c:3f:b7:a4:5a:10:b3:
         38:61:ed:27:94:83:56:8e:3a:dd:68:7e:6d:60:a9:42:60:36:
         ee:88:c2:df:07:27:28:84:aa:3b:e1:87:9c:3f:5b:49:a0:a0:
         02:54:26:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiSMkD1Z5yZbXr4Y1i2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODUyNmRlN2E0MmYxZTA4MDkxNjg0MGVlYmYzOTAzOGI4
OTNkMTYwHhcNMjYwMzI5MDcwMTUxWhcNMjYwMzMwMDcwMTUxWjAzMTEwLwYDVQQD
EyhlYzk3N2FkNWIwNGQ2NjRmZmFlNjRjODY5MmQwYzg5YjA1ZWZjYjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjFmsrMriyttuswCh76DtJODpJh1
IqoXcIVHpOsH2bZPSfhVWWQWpAeNAItEysCcqRiRG8g4e/jhheKOc7y1pGir2sAx
1UrSkYq0qXrkAkphxpotOoMVAb5czb1CeoRUoOglibK4iXVj7OR7hlTKXXRr/Xks
37YCVW9D2E5CeUDF+SbyyrPxXNeCP8dby1ua021ynPLu8qgIpcTToFcVDM88cO9t
tQT0fxfXGnbPZYI/YkCnbh8mehe4eHtOq5T+qYr3H/Pjvzh1eWqMj1wrCdPW6oo8
XaEsmbnI2UCrASfRt6mIVDnhN4bShfIEzndt4J28QJd1TrirmGMPQYizZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyXetWwTWZP+uZMhpLQyJsF78tUMB8GA1UdIwQY
MBaAFFKFJt56QvHggJFoQO6/OQOLiT0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEt
NTBjOWY1YjNjM2U0LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85NmE5MjgtODE5Yy00NzZjLWJhZTEtNTBjOWY1YjNjM2U0
LzEvVW9VbTNucEM4ZUNBa1doQTdyODVBNHVKUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHYc88Z7j
K2gcDIUWfQ6ZlD2BH41XCDFVqfszv8bSGc8mqknBeOkqh9ufHb+/rNgQT2sjId6G
eRC1lx3y6HSayQsXYhMV/DS7QhaIXGpS3HhNDr5FUv121VyCLvEVLTOQ+W6B5dMd
67WH9CVNvtnCy85PEAm42kvboJgcinE9/aEdG4SIGZvc6ayLZFEow/m/S0szOqTM
gbm6rQ9IjeWd47blrZ06+gotTGCP1SVNWrWMBQLNnyePxF+6pYq9m6gLDmdWecIB
n6BLPtDfqnXn6nCcP7ekWhCzOGHtJ5SDVo463Wh+bWCpQmA27ojC3wcnKISqO+GH
nD9bSaCgAlQmZw==
-----END CERTIFICATE-----