Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          FmplZiQtyKbdVse8Sy7IsDnrvlc/F+KSe4izDZmHdn8=
Subject key identifier:   43:EE:30:9C:50:16:A1:A4:64:B9:C8:F2:92:62:8B:45:83:9D:D6:23
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       019D3865F434E8F9E564DA733DD8EB26C45E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0F46
Signing time:             Sun 29 Mar 2026 07:01:38 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:38 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:38 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: ODhXT6YzxrA+v+98PwvaGkVv70q1RLuTfTTqKY7qsGA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f4:34:e8:f9:e5:64:da:73:3d:d8:eb:26:c4:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Mar 29 07:01:38 2026 GMT
            Not After : Mar 30 07:01:38 2026 GMT
        Subject: CN=43ee309c5016a1a464b9c8f292628b45839dd623
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a4:c7:c8:6f:45:cc:c4:e9:00:6c:a7:96:8b:
                    7e:33:7d:df:bb:ee:07:bc:db:54:ee:3a:73:87:dd:
                    e1:b9:d2:71:1c:50:0f:e9:43:4b:f0:6d:4a:d6:ea:
                    1d:ee:0f:83:79:59:1d:bb:f5:ed:75:82:e2:e5:48:
                    ea:87:e2:50:a6:a7:d3:c7:ff:a5:2c:49:ea:28:6b:
                    68:6e:f2:9c:b4:25:97:b7:f2:59:b8:74:e9:b1:ec:
                    e7:10:d3:3c:51:a8:a7:8d:11:52:ee:c1:7a:bc:fd:
                    fb:17:ec:d8:62:c4:bd:42:48:12:e7:ed:74:88:34:
                    18:05:e9:94:3b:09:cc:3a:71:94:33:11:c7:90:e8:
                    b8:85:c0:e9:da:ac:04:7e:ae:50:a0:fb:d2:18:57:
                    b1:c7:71:df:af:48:b4:47:1e:61:6e:26:e5:fa:a0:
                    5d:67:d4:3a:ce:56:ce:0d:7f:a0:1f:f9:e0:51:3d:
                    54:99:32:c5:2c:54:64:64:2c:95:bc:0a:2f:d5:79:
                    45:63:2b:82:32:56:9b:14:a3:2e:48:fa:3c:18:2b:
                    21:6b:ed:5c:cc:44:ef:7f:72:1d:13:52:68:bb:cb:
                    d3:ea:57:27:3b:1a:ae:10:a3:cd:d7:1a:00:45:c7:
                    98:62:2f:02:5f:dc:67:c5:e7:6b:26:4a:0a:43:d4:
                    8b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:EE:30:9C:50:16:A1:A4:64:B9:C8:F2:92:62:8B:45:83:9D:D6:23
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:a2:8c:7c:a5:a2:8e:9f:0e:5a:78:d0:02:38:c1:9d:8d:7e:
         e3:79:4c:a4:7d:6e:1e:b0:b9:f7:94:61:43:43:0e:8e:7c:b0:
         b5:d2:82:7a:a7:6b:fd:ae:f6:50:40:bd:70:6f:e2:5f:52:79:
         54:ae:e2:97:6f:4b:b4:0e:a0:1e:ad:d9:51:9e:f2:56:36:51:
         43:d2:08:85:bf:ba:38:e3:8b:3d:2f:1c:50:7b:a3:f0:dd:e1:
         7d:72:14:cf:90:4e:46:25:23:d4:3d:50:43:56:05:57:76:08:
         0a:58:30:1b:bb:d6:95:fd:01:a2:82:b4:a5:23:cf:9c:3b:f5:
         4d:a8:a8:65:56:1d:c7:f2:f5:3c:3c:a5:f8:b8:22:cc:0e:70:
         49:f0:9f:d4:da:3a:95:1e:17:8c:6c:87:2c:6c:df:5c:ed:2d:
         6f:7f:d0:b6:e6:7e:04:56:b0:f9:78:ae:90:dc:9a:b4:51:e0:
         0f:69:77:ca:d5:09:db:14:98:73:16:c2:1b:e6:fd:35:72:31:
         44:55:de:a3:43:44:06:d9:d9:e4:39:eb:ea:c5:3a:37:75:79:
         78:e4:f3:61:d1:0b:f0:61:74:73:74:13:9e:54:0f:22:c2:55:
         41:b6:cb:23:d5:f9:c5:51:ef:75:e7:8b:ff:b5:10:30:89:62:
         ef:08:90:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfQ06PnlZNpzPdjrJsReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjYwMzI5MDcwMTM4WhcNMjYwMzMwMDcwMTM4WjAzMTEwLwYDVQQD
Eyg0M2VlMzA5YzUwMTZhMWE0NjRiOWM4ZjI5MjYyOGI0NTgzOWRkNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKTHyG9FzMTpAGynlot+M33fu+4H
vNtU7jpzh93hudJxHFAP6UNL8G1K1uod7g+DeVkdu/XtdYLi5Ujqh+JQpqfTx/+l
LEnqKGtobvKctCWXt/JZuHTpseznENM8UainjRFS7sF6vP37F+zYYsS9QkgS5+10
iDQYBemUOwnMOnGUMxHHkOi4hcDp2qwEfq5QoPvSGFexx3Hfr0i0Rx5hbibl+qBd
Z9Q6zlbODX+gH/ngUT1UmTLFLFRkZCyVvAov1XlFYyuCMlabFKMuSPo8GCsha+1c
zETvf3IdE1Jou8vT6lcnOxquEKPN1xoARceYYi8CX9xnxedrJkoKQ9SLBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEPuMJxQFqGkZLnI8pJii0WDndYjMB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtKKMfKWi
jp8OWnjQAjjBnY1+43lMpH1uHrC595RhQ0MOjnywtdKCeqdr/a72UEC9cG/iX1J5
VK7il29LtA6gHq3ZUZ7yVjZRQ9IIhb+6OOOLPS8cUHuj8N3hfXIUz5BORiUj1D1Q
Q1YFV3YIClgwG7vWlf0BooK0pSPPnDv1TaioZVYdx/L1PDyl+LgizA5wSfCf1No6
lR4XjGyHLGzfXO0tb3/QtuZ+BFaw+XiukNyatFHgD2l3ytUJ2xSYcxbCG+b9NXIx
RFXeo0NEBtnZ5Dnr6sU6N3V5eOTzYdEL8GF0c3QTnlQPIsJVQbbLI9X5xVHvdeeL
/7UQMIli7wiQ4A==
-----END CERTIFICATE-----