Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/6bfb8f-3c46-4cc2-acfd-4f9e895631fe/1/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.mft
File:                     UnflGtXwNMxWbBkw8ZgwYDP2ZPM.mft (raw, json)
Hash identifier:          0PbyiZw1VAMzQJwmOwEnHm6h3wgZHGROi4KCDhCHvVs=
Subject key identifier:   78:69:69:99:34:35:6A:70:A9:3C:36:3B:9A:B2:A1:A7:FB:C8:82:35
Authority key identifier: 52:77:E5:1A:D5:F0:34:CC:56:6C:19:30:F1:98:30:60:33:F6:64:F3
Certificate issuer:       /CN=5277e51ad5f034cc566c1930f198306033f664f3
Certificate serial:       019D38D3A9BD76E94439D4C4DD438BE05BDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/6bfb8f-3c46-4cc2-acfd-4f9e895631fe/1/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.mft
Manifest number:          49
Signing time:             Sun 29 Mar 2026 09:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:28 +0000
Files and hashes:         1: UnflGtXwNMxWbBkw8ZgwYDP2ZPM.crl (hash: s9YEEJSAwcZoAc1hfNLseQPlFvOLMQZy1Uod2ggii1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/6bfb8f-3c46-4cc2-acfd-4f9e895631fe/1/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/6bfb8f-3c46-4cc2-acfd-4f9e895631fe/1/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 09:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a9:bd:76:e9:44:39:d4:c4:dd:43:8b:e0:5b:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5277e51ad5f034cc566c1930f198306033f664f3
        Validity
            Not Before: Mar 29 09:01:28 2026 GMT
            Not After : Mar 30 09:01:28 2026 GMT
        Subject: CN=7869699934356a70a93c363b9ab2a1a7fbc88235
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b9:96:a8:ef:8c:11:e0:ab:b7:78:89:02:80:
                    ba:da:b1:25:3e:60:12:94:6b:82:ff:f9:f9:d6:ad:
                    aa:16:29:e3:5b:0a:3f:a4:3b:c2:92:2a:e5:45:f5:
                    19:46:c0:7b:3e:68:37:f6:92:42:e0:2c:93:2d:65:
                    55:58:0e:5a:a2:64:26:6b:bb:e5:37:d5:b3:89:de:
                    69:2c:9c:9b:3d:fc:41:ad:e3:fc:85:99:04:cb:df:
                    e1:ef:6a:52:e7:c7:a8:6f:db:71:9d:e2:bd:89:89:
                    27:a5:9e:70:b9:f5:79:b3:e9:a4:37:d5:a6:75:7b:
                    f2:1d:f7:5e:8b:ff:dc:62:61:63:1f:08:3a:10:10:
                    c8:53:49:b3:e0:3e:96:e5:64:49:6a:b0:d3:27:18:
                    cc:40:fd:2f:fc:c0:d1:a4:4b:2f:41:1b:96:3e:f3:
                    33:cc:bc:f5:5b:7a:8e:e5:5c:b2:e5:c0:3c:49:d0:
                    be:c8:41:2e:85:f3:2f:18:9a:01:74:41:68:3b:3f:
                    14:ae:5b:19:1b:0c:3d:8c:ae:85:6c:29:00:8f:cc:
                    bd:27:b6:8b:4e:0a:7f:e0:e4:13:f5:3c:19:71:36:
                    1e:17:b6:86:61:4a:27:98:1a:b1:be:b6:9f:8e:26:
                    92:dc:8b:bd:55:f3:68:d2:8d:12:ee:96:2a:91:51:
                    a7:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:69:69:99:34:35:6A:70:A9:3C:36:3B:9A:B2:A1:A7:FB:C8:82:35
            X509v3 Authority Key Identifier:
                keyid:52:77:E5:1A:D5:F0:34:CC:56:6C:19:30:F1:98:30:60:33:F6:64:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6bfb8f-3c46-4cc2-acfd-4f9e895631fe/1/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/6bfb8f-3c46-4cc2-acfd-4f9e895631fe/1/UnflGtXwNMxWbBkw8ZgwYDP2ZPM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:b1:83:44:f4:b6:1a:ae:75:80:57:ca:5b:3d:8a:b1:f2:8b:
         81:43:83:46:22:fd:28:9f:1a:3e:f0:da:b2:a9:a5:f3:c5:40:
         12:48:04:7d:af:f9:c5:e2:48:3a:38:f9:5d:4f:49:64:0e:00:
         38:ba:0f:51:75:ec:67:36:8d:c3:e4:1e:a3:d7:42:a2:06:1c:
         4f:d0:80:44:a6:a2:68:24:71:6d:ab:3a:00:0f:27:a7:d9:01:
         0c:fd:a2:a8:71:aa:67:65:37:d6:ef:18:ae:ce:a2:ef:84:93:
         e1:12:1a:a4:1e:59:a5:ce:5e:be:0d:41:0f:e2:cf:3e:21:38:
         5d:fe:ec:b6:9b:c8:19:cb:3c:6a:38:0a:32:a8:0f:86:3a:38:
         6f:c5:3e:68:b1:21:30:7b:91:d8:14:59:1c:90:8c:7d:54:9f:
         02:2f:8c:e0:58:37:cb:03:81:c9:c4:53:81:3d:a8:81:c5:fe:
         d5:d8:d6:17:eb:e8:ea:3c:0d:28:82:a5:8f:a3:16:87:73:ca:
         e2:78:5f:12:54:cb:a3:3d:07:a9:46:db:7c:21:eb:98:6e:8d:
         05:7a:82:8c:8e:03:7b:2e:c5:4f:0e:d5:9f:76:bf:e4:1e:88:
         70:04:43:05:14:bc:1b:9e:66:15:3c:40:8b:bc:22:99:44:7f:
         90:71:fa:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406m9dulEOdTE3UOL4FvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzdlNTFhZDVmMDM0Y2M1NjZjMTkzMGYxOTgzMDYwMzNm
NjY0ZjMwHhcNMjYwMzI5MDkwMTI4WhcNMjYwMzMwMDkwMTI4WjAzMTEwLwYDVQQD
Eyg3ODY5Njk5OTM0MzU2YTcwYTkzYzM2M2I5YWIyYTFhN2ZiYzg4MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbmWqO+MEeCrt3iJAoC62rElPmAS
lGuC//n51q2qFinjWwo/pDvCkirlRfUZRsB7Pmg39pJC4CyTLWVVWA5aomQma7vl
N9Wzid5pLJybPfxBreP8hZkEy9/h72pS58eob9txneK9iYknpZ5wufV5s+mkN9Wm
dXvyHfdei//cYmFjHwg6EBDIU0mz4D6W5WRJarDTJxjMQP0v/MDRpEsvQRuWPvMz
zLz1W3qO5Vyy5cA8SdC+yEEuhfMvGJoBdEFoOz8UrlsZGww9jK6FbCkAj8y9J7aL
Tgp/4OQT9TwZcTYeF7aGYUonmBqxvrafjiaS3Iu9VfNo0o0S7pYqkVGnGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhpaZk0NWpwqTw2O5qyoaf7yII1MB8GA1UdIwQY
MBaAFFJ35RrV8DTMVmwZMPGYMGAz9mTzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5mbEd0WHdOTXhXYkJrdzhaZ3dZRFAyWlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy82YmZiOGYtM2M0Ni00Y2MyLWFjZmQt
NGY5ZTg5NTYzMWZlLzEvVW5mbEd0WHdOTXhXYkJrdzhaZ3dZRFAyWlBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy82YmZiOGYtM2M0Ni00Y2MyLWFjZmQtNGY5ZTg5NTYzMWZl
LzEvVW5mbEd0WHdOTXhXYkJrdzhaZ3dZRFAyWlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcrGDRPS2
Gq51gFfKWz2KsfKLgUODRiL9KJ8aPvDasqml88VAEkgEfa/5xeJIOjj5XU9JZA4A
OLoPUXXsZzaNw+Qeo9dCogYcT9CARKaiaCRxbas6AA8np9kBDP2iqHGqZ2U31u8Y
rs6i74ST4RIapB5Zpc5evg1BD+LPPiE4Xf7stpvIGcs8ajgKMqgPhjo4b8U+aLEh
MHuR2BRZHJCMfVSfAi+M4Fg3ywOBycRTgT2ogcX+1djWF+vo6jwNKIKlj6MWh3PK
4nhfElTLoz0HqUbbfCHrmG6NBXqCjI4Dey7FTw7Vn3a/5B6IcARDBRS8G55mFTxA
i7wimUR/kHH6dQ==
-----END CERTIFICATE-----