Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
File:                     dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json)
Hash identifier:          mCYGgaInYHSOHFrtxBRbdJkdUX2fAmB0gcHQxnAKsjA=
Subject key identifier:   94:A9:0A:9A:CB:B2:4D:A4:5F:2A:D3:19:03:D5:9A:14:D4:CD:C0:23
Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15
Certificate issuer:       /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
Certificate serial:       019D3865B524EF735CEB7B4008CB59541123
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
Manifest number:          0F00
Signing time:             Sun 29 Mar 2026 07:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:22 +0000
Files and hashes:         1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: p+rgqjvKKY1ryiObTRZpKAGMFwbSTugs84cr75hHNj8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b5:24:ef:73:5c:eb:7b:40:08:cb:59:54:11:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
        Validity
            Not Before: Mar 29 07:01:22 2026 GMT
            Not After : Mar 30 07:01:22 2026 GMT
        Subject: CN=94a90a9acbb24da45f2ad31903d59a14d4cdc023
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:09:cc:18:7a:ea:67:cd:43:a4:0a:1b:8d:78:
                    dc:cf:88:2a:94:74:57:80:f9:e4:ba:7d:4f:35:8b:
                    41:36:6b:9e:c1:50:a8:1a:92:e1:6a:ab:d4:03:69:
                    6e:da:1f:80:5b:42:70:73:b9:44:0b:be:b7:94:25:
                    9b:e7:3f:36:d7:9d:7f:65:1d:eb:a3:e7:9d:41:0c:
                    e9:57:58:02:12:07:41:64:a8:f1:2d:b8:66:74:5c:
                    93:40:c9:d7:34:60:99:ce:9b:66:75:38:e8:6d:8e:
                    b3:72:77:09:76:d0:55:43:a3:8d:9f:b4:59:63:35:
                    b9:22:5c:ce:03:04:a2:d7:81:07:b7:1d:9e:41:fb:
                    89:71:b0:6c:a6:8a:a0:e1:59:37:d5:d9:0a:8f:60:
                    a3:4a:67:73:c9:69:76:c5:09:09:c2:b0:a1:77:47:
                    78:d3:48:f4:66:63:7c:e4:af:2c:a2:70:9d:cc:b4:
                    de:67:f7:51:27:24:88:58:e1:db:8a:33:e1:95:5b:
                    52:c3:e7:69:66:42:15:8e:01:d2:3b:46:4e:c1:29:
                    85:b0:52:d6:26:bf:be:b4:64:58:df:33:2d:0f:b1:
                    96:fe:fa:ca:02:07:2e:50:c8:72:34:f4:c8:24:87:
                    e8:fd:03:3a:ee:f2:15:6c:6e:63:d8:11:78:d1:a7:
                    46:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:A9:0A:9A:CB:B2:4D:A4:5F:2A:D3:19:03:D5:9A:14:D4:CD:C0:23
            X509v3 Authority Key Identifier:
                keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:20:82:22:63:e5:e3:b2:17:f3:55:7a:54:9a:f9:d5:b4:4b:
         ab:de:47:c4:31:23:16:2c:30:0e:22:19:f1:29:f6:d6:2a:cd:
         c6:10:dd:ca:52:31:91:4e:fe:da:5a:42:15:ab:41:85:a9:28:
         d3:d4:71:56:8a:bc:b7:d3:d5:34:15:ee:38:58:29:d8:b9:8f:
         ce:88:3e:7b:f9:5e:fd:f1:a9:f2:a8:4d:e1:86:b6:a4:a2:40:
         ef:a2:fa:e4:56:ea:88:e7:70:e1:fd:12:b0:59:ef:99:ed:0f:
         60:d4:41:87:43:78:4f:a4:ef:d0:70:7d:96:12:7e:69:f6:9e:
         d9:ad:d5:f6:b8:6c:80:03:67:fe:ec:70:58:18:c1:c0:43:f4:
         e0:29:75:3b:0e:e3:56:4e:b1:5f:dc:7a:55:6d:c2:0f:66:a9:
         a5:0d:93:19:32:7d:ac:d4:ed:76:51:f0:ef:fe:80:b7:19:ca:
         29:ed:45:ad:30:1c:25:be:00:a7:4b:5c:46:b5:bd:b5:0e:44:
         eb:a1:cc:0c:1d:52:61:ab:0d:4a:df:09:d1:54:5a:39:18:ff:
         e8:88:ba:4e:1d:99:16:34:dc:5a:55:b0:be:c0:70:9a:53:f2:
         84:33:81:98:19:47:71:30:2d:d3:dd:87:4e:95:38:8e:c5:f2:
         f7:2a:00:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbUk73Nc63tACMtZVBEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy
ZWQ2MTUwHhcNMjYwMzI5MDcwMTIyWhcNMjYwMzMwMDcwMTIyWjAzMTEwLwYDVQQD
Eyg5NGE5MGE5YWNiYjI0ZGE0NWYyYWQzMTkwM2Q1OWExNGQ0Y2RjMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQnMGHrqZ81DpAobjXjcz4gqlHRX
gPnkun1PNYtBNmuewVCoGpLhaqvUA2lu2h+AW0Jwc7lEC763lCWb5z82151/ZR3r
o+edQQzpV1gCEgdBZKjxLbhmdFyTQMnXNGCZzptmdTjobY6zcncJdtBVQ6ONn7RZ
YzW5IlzOAwSi14EHtx2eQfuJcbBspoqg4Vk31dkKj2CjSmdzyWl2xQkJwrChd0d4
00j0ZmN85K8sonCdzLTeZ/dRJySIWOHbijPhlVtSw+dpZkIVjgHSO0ZOwSmFsFLW
Jr++tGRY3zMtD7GW/vrKAgcuUMhyNPTIJIfo/QM67vIVbG5j2BF40adGEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJSpCprLsk2kXyrTGQPVmhTUzcAjMB8GA1UdIwQY
MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt
MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk
LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJCCCImPl
47IX81V6VJr51bRLq95HxDEjFiwwDiIZ8Sn21irNxhDdylIxkU7+2lpCFatBhako
09RxVoq8t9PVNBXuOFgp2LmPzog+e/le/fGp8qhN4Ya2pKJA76L65FbqiOdw4f0S
sFnvme0PYNRBh0N4T6Tv0HB9lhJ+afae2a3V9rhsgANn/uxwWBjBwEP04Cl1Ow7j
Vk6xX9x6VW3CD2appQ2TGTJ9rNTtdlHw7/6AtxnKKe1FrTAcJb4Ap0tcRrW9tQ5E
66HMDB1SYasNSt8J0VRaORj/6Ii6Th2ZFjTcWlWwvsBwmlPyhDOBmBlHcTAt092H
TpU4jsXy9yoAkA==
-----END CERTIFICATE-----