Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
File:                     ubrpYJaypQez1LDCdLwv9Ynp-aI.mft (raw, json)
Hash identifier:          KZbyrMapp3/RTdT/+uS/yUOa30MpM1EA2bEcwgMVSoE=
Subject key identifier:   A6:0B:9B:2F:1A:EB:AE:58:71:2A:56:0E:46:D1:F3:3E:F1:DB:25:4B
Authority key identifier: B9:BA:E9:60:96:B2:A5:07:B3:D4:B0:C2:74:BC:2F:F5:89:E9:F9:A2
Certificate issuer:       /CN=b9bae96096b2a507b3d4b0c274bc2ff589e9f9a2
Certificate serial:       019D389C5903B7B053B14195E175D1F82A4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
Manifest number:          0295
Signing time:             Sun 29 Mar 2026 08:01:03 +0000
Manifest this update:     Sun 29 Mar 2026 08:01:03 +0000
Manifest next update:     Mon 30 Mar 2026 08:01:03 +0000
Files and hashes:         1: ubrpYJaypQez1LDCdLwv9Ynp-aI.crl (hash: bU8Igh+63iWGyL8uIOIUn2lxuvT+7vgxt/L024xiU40=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:59:03:b7:b0:53:b1:41:95:e1:75:d1:f8:2a:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9bae96096b2a507b3d4b0c274bc2ff589e9f9a2
        Validity
            Not Before: Mar 29 08:01:03 2026 GMT
            Not After : Mar 30 08:01:03 2026 GMT
        Subject: CN=a60b9b2f1aebae58712a560e46d1f33ef1db254b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:5c:82:1b:46:54:cd:c0:ef:50:41:12:14:65:
                    51:91:00:79:94:36:bc:bb:84:db:0f:90:3c:78:82:
                    d7:df:e4:6d:bd:fe:31:95:be:15:3c:2b:0c:3d:4c:
                    d0:5e:66:b5:da:6d:d4:72:66:84:8c:83:63:d6:41:
                    68:65:72:cc:21:43:6b:db:33:61:6f:be:92:f3:23:
                    3b:ff:f6:f4:29:a5:9f:49:17:4a:2d:a1:8f:b7:b1:
                    dd:ac:91:61:7b:ba:c4:24:a9:d7:52:2c:db:8d:fc:
                    4f:83:aa:f7:33:d1:74:64:e7:fb:70:92:da:b5:41:
                    3d:87:7e:db:a4:7a:7c:1d:df:04:dd:6c:29:a3:49:
                    39:00:00:7e:09:2e:47:b6:5b:eb:07:22:b0:f4:84:
                    e4:4c:4f:e8:55:a6:70:28:f4:4d:e8:ac:a6:2b:24:
                    45:fe:02:ab:38:bb:fa:98:d6:8e:11:ad:f9:9c:1f:
                    a7:2a:05:df:53:fe:3f:3b:58:7b:fb:b2:25:2c:23:
                    5b:7c:8d:fb:ef:69:5e:49:9b:71:84:b5:13:31:82:
                    60:b5:d3:83:a3:ab:8f:e6:0c:82:c1:04:6d:f4:a6:
                    9d:fd:20:3b:a3:cd:92:9b:a9:42:35:da:bd:ed:37:
                    ff:1d:eb:e0:39:86:59:e0:83:74:b4:73:bc:44:34:
                    eb:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:0B:9B:2F:1A:EB:AE:58:71:2A:56:0E:46:D1:F3:3E:F1:DB:25:4B
            X509v3 Authority Key Identifier:
                keyid:B9:BA:E9:60:96:B2:A5:07:B3:D4:B0:C2:74:BC:2F:F5:89:E9:F9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubrpYJaypQez1LDCdLwv9Ynp-aI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/34e759-c9e3-45ba-881b-0873865e4432/1/ubrpYJaypQez1LDCdLwv9Ynp-aI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:e3:38:5f:f0:bd:49:7f:88:f4:27:05:7b:dc:06:90:1f:22:
         c5:40:2f:d1:1e:64:80:05:21:d8:31:1f:ea:06:02:11:26:8d:
         e3:f9:6b:2d:26:21:8f:ca:d6:68:84:a1:dd:cf:0d:bd:8a:80:
         10:77:76:fc:ea:05:7c:65:91:da:97:28:8d:ab:b0:5c:7f:a7:
         7e:fb:c9:03:ad:cd:91:4d:2d:62:78:b6:9f:86:7d:07:f1:8c:
         51:8a:5a:96:0a:8a:5f:84:90:6d:1a:02:a9:62:ab:6a:ec:8a:
         70:49:3f:5f:20:bc:c8:08:e7:d7:9e:f9:44:c7:6c:65:f1:56:
         32:f3:00:8b:34:79:3d:6f:4a:55:37:e0:14:01:9c:09:3e:88:
         ee:6c:64:2c:2c:1b:6f:9b:92:08:f7:24:2d:64:79:ac:0b:ad:
         b1:fd:93:4f:27:fb:25:ca:2c:38:6d:d3:bf:61:7f:2c:2d:a0:
         44:4f:c0:ef:36:52:a3:37:6b:5e:12:8e:49:65:17:0a:b6:28:
         38:9e:a3:a5:56:42:c4:46:1b:54:17:82:5b:87:96:44:54:32:
         8d:95:48:07:1e:0a:53:c9:f0:ae:f2:bd:62:90:e7:4e:55:30:
         89:ae:15:1b:af:1a:76:36:ee:f7:4a:54:b3:9f:5b:02:e4:35:
         40:df:01:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nFkDt7BTsUGV4XXR+CpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YmFlOTYwOTZiMmE1MDdiM2Q0YjBjMjc0YmMyZmY1ODll
OWY5YTIwHhcNMjYwMzI5MDgwMTAzWhcNMjYwMzMwMDgwMTAzWjAzMTEwLwYDVQQD
EyhhNjBiOWIyZjFhZWJhZTU4NzEyYTU2MGU0NmQxZjMzZWYxZGIyNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VyCG0ZUzcDvUEESFGVRkQB5lDa8
u4TbD5A8eILX3+Rtvf4xlb4VPCsMPUzQXma12m3UcmaEjINj1kFoZXLMIUNr2zNh
b76S8yM7//b0KaWfSRdKLaGPt7HdrJFhe7rEJKnXUizbjfxPg6r3M9F0ZOf7cJLa
tUE9h37bpHp8Hd8E3Wwpo0k5AAB+CS5HtlvrByKw9ITkTE/oVaZwKPRN6KymKyRF
/gKrOLv6mNaOEa35nB+nKgXfU/4/O1h7+7IlLCNbfI3772leSZtxhLUTMYJgtdOD
o6uP5gyCwQRt9Kad/SA7o82Sm6lCNdq97Tf/HevgOYZZ4IN0tHO8RDTrxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYLmy8a665YcSpWDkbR8z7x2yVLMB8GA1UdIwQY
MBaAFLm66WCWsqUHs9SwwnS8L/WJ6fmiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zNGU3NTktYzllMy00NWJhLTg4MWIt
MDg3Mzg2NWU0NDMyLzEvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zNGU3NTktYzllMy00NWJhLTg4MWItMDg3Mzg2NWU0NDMy
LzEvdWJycFlKYXlwUWV6MUxEQ2RMd3Y5WW5wLWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAneM4X/C9
SX+I9CcFe9wGkB8ixUAv0R5kgAUh2DEf6gYCESaN4/lrLSYhj8rWaISh3c8NvYqA
EHd2/OoFfGWR2pcojauwXH+nfvvJA63NkU0tYni2n4Z9B/GMUYpalgqKX4SQbRoC
qWKrauyKcEk/XyC8yAjn1575RMdsZfFWMvMAizR5PW9KVTfgFAGcCT6I7mxkLCwb
b5uSCPckLWR5rAutsf2TTyf7JcosOG3Tv2F/LC2gRE/A7zZSozdrXhKOSWUXCrYo
OJ6jpVZCxEYbVBeCW4eWRFQyjZVIBx4KU8nwrvK9YpDnTlUwia4VG68adjbu90pU
s59bAuQ1QN8BJw==
-----END CERTIFICATE-----