Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
File:                     UNlf0yarPwj3bczGVrs-Hia03Fc.mft (raw, json)
Hash identifier:          d3T0ivIN8UPn5Y3uBSN76F9fzAVMBUPTcvnZPu+4Swo=
Subject key identifier:   1B:B5:B4:47:A4:4A:E0:50:7C:29:1F:7C:61:FE:5F:BD:3E:9A:6B:10
Authority key identifier: 50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57
Certificate issuer:       /CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
Certificate serial:       019D38D2F7F4FAF6237F65CE3B8BF82CB740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
Manifest number:          0436
Signing time:             Sun 29 Mar 2026 09:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:43 +0000
Files and hashes:         1: UNlf0yarPwj3bczGVrs-Hia03Fc.crl (hash: oqrJnCEuxKwMEOnXfVoyT6Tl7YSWF6yO8o8UaLKoctg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:f7:f4:fa:f6:23:7f:65:ce:3b:8b:f8:2c:b7:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
        Validity
            Not Before: Mar 29 09:00:43 2026 GMT
            Not After : Mar 30 09:00:43 2026 GMT
        Subject: CN=1bb5b447a44ae0507c291f7c61fe5fbd3e9a6b10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9e:85:e8:51:9b:f8:8e:66:5d:34:93:ca:26:
                    23:3a:8a:b8:3b:33:70:f1:b0:f9:f0:26:ca:d0:b6:
                    9e:d0:e6:53:7b:44:27:56:da:a7:39:79:43:2c:38:
                    c0:c6:b6:a9:81:25:02:cb:b6:49:29:37:f2:12:f0:
                    d9:e2:a0:cf:d9:0c:86:ed:69:38:ab:6c:10:84:2b:
                    c4:cd:69:ec:7e:29:30:21:12:6e:bf:41:1c:cc:1d:
                    dc:69:ca:91:fa:75:9a:f8:24:f2:be:38:88:b6:9c:
                    6d:76:3a:ef:e1:90:e4:3f:4b:65:dd:45:74:14:79:
                    32:df:7c:ec:2b:48:51:f4:ac:53:36:c3:9e:84:33:
                    47:1b:e2:7f:ae:99:22:4b:d4:2f:fd:32:29:3b:c5:
                    a5:23:a9:5c:bf:22:ef:9d:73:4e:0c:09:8f:54:43:
                    22:be:b7:79:85:8e:a5:c9:a9:d0:81:31:92:91:fb:
                    82:38:f5:04:5a:28:94:06:53:09:cd:d9:24:b0:7c:
                    85:42:f7:72:f5:34:b3:3d:80:e5:de:4d:fb:db:99:
                    8a:99:cf:cb:f6:31:e3:b5:6d:a0:f9:35:59:8f:5f:
                    b6:6e:15:da:9b:de:e8:7d:2e:b1:fe:2a:b0:30:3e:
                    b7:d7:8d:6f:7d:37:83:9c:ae:da:63:20:0f:b6:1a:
                    36:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B5:B4:47:A4:4A:E0:50:7C:29:1F:7C:61:FE:5F:BD:3E:9A:6B:10
            X509v3 Authority Key Identifier:
                keyid:50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:88:6e:d5:7f:ee:a2:34:8b:08:dd:31:56:59:1e:7b:1e:ca:
         c1:5b:7a:70:74:09:18:a5:15:a6:9a:e8:34:13:58:5c:fd:74:
         f6:a2:0d:a1:93:52:1f:6c:cd:a3:c5:41:06:a0:51:8d:4e:4f:
         e6:d8:b1:34:73:a2:7c:c8:b3:2d:79:de:6e:2b:04:c4:b1:1c:
         db:b6:38:df:a1:e6:b9:56:88:6b:7c:9a:2b:07:5d:e7:4a:c2:
         ed:db:eb:bf:19:c9:dd:59:93:42:7e:2d:4a:01:ab:79:b5:dd:
         e4:d6:ca:cf:77:c7:2d:88:9c:b1:8b:65:e5:cf:e0:22:a5:a4:
         41:71:8a:64:2b:63:2b:80:71:ca:e3:8c:c7:22:da:8e:33:89:
         a9:32:31:97:56:a3:4d:e2:54:eb:5b:e4:6c:d0:fc:46:7e:0d:
         fb:8b:ff:65:0c:1f:31:a3:17:df:fb:b7:9d:44:9a:1d:34:a7:
         b0:e9:e4:4f:41:c3:de:72:7b:2a:f1:4d:68:64:2e:5c:c3:17:
         7d:92:b0:94:6c:28:52:92:f9:73:d7:f4:3f:94:b2:4a:19:e8:
         32:f0:67:6b:40:1f:2c:d8:48:ef:ee:5e:94:7a:3e:16:bb:b5:
         ad:1d:8e:e2:6d:7e:be:b0:cf:87:28:b6:08:6f:69:de:4d:69:
         06:2d:d4:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040vf0+vYjf2XOO4v4LLdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDk1ZmQzMjZhYjNmMDhmNzZkY2NjNjU2YmIzZTFlMjZi
NGRjNTcwHhcNMjYwMzI5MDkwMDQzWhcNMjYwMzMwMDkwMDQzWjAzMTEwLwYDVQQD
EygxYmI1YjQ0N2E0NGFlMDUwN2MyOTFmN2M2MWZlNWZiZDNlOWE2YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z6F6FGb+I5mXTSTyiYjOoq4OzNw
8bD58CbK0Lae0OZTe0QnVtqnOXlDLDjAxrapgSUCy7ZJKTfyEvDZ4qDP2QyG7Wk4
q2wQhCvEzWnsfikwIRJuv0EczB3cacqR+nWa+CTyvjiItpxtdjrv4ZDkP0tl3UV0
FHky33zsK0hR9KxTNsOehDNHG+J/rpkiS9Qv/TIpO8WlI6lcvyLvnXNODAmPVEMi
vrd5hY6lyanQgTGSkfuCOPUEWiiUBlMJzdkksHyFQvdy9TSzPYDl3k3725mKmc/L
9jHjtW2g+TVZj1+2bhXam97ofS6x/iqwMD63141vfTeDnK7aYyAPtho2NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBu1tEekSuBQfCkffGH+X70+mmsQMB8GA1UdIwQY
MBaAFFDZX9Mmqz8I923Mxla7Ph4mtNxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWIt
NTA2YTQ5MzRjYWQ1LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWItNTA2YTQ5MzRjYWQ1
LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaYhu1X/u
ojSLCN0xVlkeex7KwVt6cHQJGKUVpproNBNYXP109qINoZNSH2zNo8VBBqBRjU5P
5tixNHOifMizLXnebisExLEc27Y436HmuVaIa3yaKwdd50rC7dvrvxnJ3VmTQn4t
SgGrebXd5NbKz3fHLYicsYtl5c/gIqWkQXGKZCtjK4BxyuOMxyLajjOJqTIxl1aj
TeJU61vkbND8Rn4N+4v/ZQwfMaMX3/u3nUSaHTSnsOnkT0HD3nJ7KvFNaGQuXMMX
fZKwlGwoUpL5c9f0P5SyShnoMvBna0AfLNhI7+5elHo+Fru1rR2O4m1+vrDPhyi2
CG9p3k1pBi3U2w==
-----END CERTIFICATE-----