Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
File:                     uFK2pNRayK4a7VTG9ayO1v88Hdc.mft (raw, json)
Hash identifier:          UtjkrvRfw5oOyqTcqxzZo/FR7EepULvE1F9jpjdeIwQ=
Subject key identifier:   9C:DD:8D:60:69:4F:AE:2B:A5:87:FD:15:7A:B2:54:E4:50:29:48:CE
Authority key identifier: B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7
Certificate issuer:       /CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
Certificate serial:       019D3A536DA1432395D750C0E0063EA6FC18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
Manifest number:          0E24
Signing time:             Sun 29 Mar 2026 16:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:39 +0000
Files and hashes:         1: uFK2pNRayK4a7VTG9ayO1v88Hdc.crl (hash: jb8xaI2/D6Ec+BeiR+Ubx3M0cqxmcJZZCCQq6d0pRzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:6d:a1:43:23:95:d7:50:c0:e0:06:3e:a6:fc:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b852b6a4d45ac8ae1aed54c6f5ac8ed6ff3c1dd7
        Validity
            Not Before: Mar 29 16:00:39 2026 GMT
            Not After : Mar 30 16:00:39 2026 GMT
        Subject: CN=9cdd8d60694fae2ba587fd157ab254e4502948ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:28:93:0c:3a:06:cb:69:f2:05:0f:59:7e:41:
                    4e:7e:f7:11:50:21:72:b8:df:49:c4:d1:3c:fc:e8:
                    b7:25:de:81:8e:40:c7:a3:b8:ce:05:14:a3:c9:cd:
                    e7:b6:6f:85:40:85:d7:77:e5:91:50:44:f6:9c:e3:
                    a5:90:3b:04:11:1e:8c:88:f1:26:3b:18:04:e2:e9:
                    44:c9:2b:dc:78:8d:c9:78:c2:8b:b0:af:ad:31:d4:
                    03:16:1c:56:30:00:84:d1:ef:91:b6:78:21:a1:36:
                    c6:7a:ab:4c:07:eb:0d:e6:ed:43:59:8e:8a:18:12:
                    64:a5:6f:80:2b:6d:fd:c4:50:6c:05:ee:3c:00:57:
                    2a:12:2a:29:27:cd:01:dc:33:60:13:82:5e:a6:23:
                    b3:90:94:7b:24:21:8b:25:66:8e:bc:53:ab:b0:7e:
                    aa:b4:b3:04:68:9b:ef:c6:20:58:63:a9:29:ea:b6:
                    e1:ac:1f:25:80:9b:82:da:61:3b:88:bd:2d:11:39:
                    92:12:2b:1b:0f:9c:5b:fb:1f:f3:d6:a1:35:30:5b:
                    df:08:74:dc:b4:68:4f:09:d2:43:9d:61:18:5c:63:
                    01:67:1f:86:55:7e:9d:5c:7b:d5:9c:e6:68:39:a2:
                    75:3e:b3:81:f2:c8:be:87:b3:86:6e:72:6f:f0:7e:
                    31:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:DD:8D:60:69:4F:AE:2B:A5:87:FD:15:7A:B2:54:E4:50:29:48:CE
            X509v3 Authority Key Identifier:
                keyid:B8:52:B6:A4:D4:5A:C8:AE:1A:ED:54:C6:F5:AC:8E:D6:FF:3C:1D:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFK2pNRayK4a7VTG9ayO1v88Hdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/ee479f-dd4e-492f-b6a6-3c46cd580789/1/uFK2pNRayK4a7VTG9ayO1v88Hdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:1d:32:09:5c:b7:63:61:80:b0:c8:69:a0:b8:5f:a8:04:c8:
         17:f7:bc:ae:56:67:bf:8a:f6:87:2f:e6:d7:ce:c7:8e:2d:1d:
         f4:ed:ee:4c:89:ec:23:3b:06:fe:01:cc:ad:80:25:ea:0c:19:
         10:ad:e6:28:7b:71:73:5f:55:7d:d8:31:40:76:ad:7f:44:9c:
         c5:2e:62:01:89:16:0e:41:ea:7f:dd:1e:75:d9:ec:55:14:d9:
         68:fc:0b:41:13:01:94:2a:23:25:4d:91:15:66:83:99:85:90:
         f6:23:a0:54:7b:b7:97:f8:36:6d:7d:87:bf:02:43:58:ce:c8:
         ad:9b:c5:db:b0:fa:cf:1f:8f:fb:87:69:9d:36:91:f5:ba:72:
         a7:04:31:00:58:4a:1c:6f:94:17:ad:9c:b1:9e:93:97:9f:af:
         af:eb:c7:ae:2d:23:0c:7d:d2:6b:52:81:b1:ab:95:75:21:3b:
         7f:e0:1b:71:50:52:c9:46:c2:8f:22:83:a2:53:e7:8b:f1:ea:
         61:55:fd:26:d1:44:7b:9e:d4:30:93:bc:5c:a8:c7:40:b1:e4:
         f2:73:d5:a8:ff:7f:3b:ec:92:1c:f7:99:ee:f4:2c:64:26:28:
         e6:49:66:f2:2c:d2:86:e3:af:c3:bb:72:ca:b6:c0:47:9e:ca:
         f8:17:a9:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U22hQyOV11DA4AY+pvwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTJiNmE0ZDQ1YWM4YWUxYWVkNTRjNmY1YWM4ZWQ2ZmYz
YzFkZDcwHhcNMjYwMzI5MTYwMDM5WhcNMjYwMzMwMTYwMDM5WjAzMTEwLwYDVQQD
Eyg5Y2RkOGQ2MDY5NGZhZTJiYTU4N2ZkMTU3YWIyNTRlNDUwMjk0OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyiTDDoGy2nyBQ9ZfkFOfvcRUCFy
uN9JxNE8/Oi3Jd6BjkDHo7jOBRSjyc3ntm+FQIXXd+WRUET2nOOlkDsEER6MiPEm
OxgE4ulEySvceI3JeMKLsK+tMdQDFhxWMACE0e+RtnghoTbGeqtMB+sN5u1DWY6K
GBJkpW+AK239xFBsBe48AFcqEiopJ80B3DNgE4JepiOzkJR7JCGLJWaOvFOrsH6q
tLMEaJvvxiBYY6kp6rbhrB8lgJuC2mE7iL0tETmSEisbD5xb+x/z1qE1MFvfCHTc
tGhPCdJDnWEYXGMBZx+GVX6dXHvVnOZoOaJ1PrOB8si+h7OGbnJv8H4x+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzdjWBpT64rpYf9FXqyVORQKUjOMB8GA1UdIwQY
MBaAFLhStqTUWsiuGu1UxvWsjtb/PB3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYt
M2M0NmNkNTgwNzg5LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZTQ3OWYtZGQ0ZS00OTJmLWI2YTYtM2M0NmNkNTgwNzg5
LzEvdUZLMnBOUmF5SzRhN1ZURzlheU8xdjg4SGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYx0yCVy3
Y2GAsMhpoLhfqATIF/e8rlZnv4r2hy/m187Hji0d9O3uTInsIzsG/gHMrYAl6gwZ
EK3mKHtxc19VfdgxQHatf0ScxS5iAYkWDkHqf90eddnsVRTZaPwLQRMBlCojJU2R
FWaDmYWQ9iOgVHu3l/g2bX2HvwJDWM7IrZvF27D6zx+P+4dpnTaR9bpypwQxAFhK
HG+UF62csZ6Tl5+vr+vHri0jDH3Sa1KBsauVdSE7f+AbcVBSyUbCjyKDolPni/Hq
YVX9JtFEe57UMJO8XKjHQLHk8nPVqP9/O+ySHPeZ7vQsZCYo5klm8izShuOvw7ty
yrbAR57K+BepAw==
-----END CERTIFICATE-----