Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          2dwYGEx/ywi5evt1S7Yu0GjgHo9n8Pp1cHxSKxK7Nhc=
Subject key identifier:   82:85:C8:76:1A:7B:16:D7:D6:70:B6:6C:FF:6B:DA:23:71:F3:A4:1A
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019D3789141DCE2A6050A1F275239B6ECD75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          05BB
Signing time:             Sun 29 Mar 2026 03:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:23 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: 8H9W22gNFH/S6WB0HRVzPRxymb8b633LkheVNvedyLQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:14:1d:ce:2a:60:50:a1:f2:75:23:9b:6e:cd:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Mar 29 03:00:23 2026 GMT
            Not After : Mar 30 03:00:23 2026 GMT
        Subject: CN=8285c8761a7b16d7d670b66cff6bda2371f3a41a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:d0:62:27:50:77:9d:93:8f:11:3b:06:dd:51:
                    4a:d9:ff:24:f2:4f:80:c3:f5:77:3e:57:a4:7f:14:
                    f0:cf:2f:89:f6:8c:01:88:da:84:cb:0f:d4:bf:42:
                    40:85:28:41:ad:e6:c8:65:05:9a:20:6e:71:1e:25:
                    c9:31:4f:a8:03:1e:c1:94:74:ac:98:3e:df:ac:1d:
                    f0:26:c5:3a:0c:3f:5f:72:9d:43:c7:c2:84:8f:5b:
                    5b:fc:e9:15:19:45:bd:99:43:10:47:7f:cc:bc:54:
                    ab:b9:a8:9e:87:4b:f9:e4:cd:0a:d7:b8:1a:52:39:
                    40:bc:2f:e4:f4:bb:44:24:53:a1:cc:70:16:b2:c9:
                    db:52:04:f3:58:32:db:b9:15:b9:88:70:d8:3a:9c:
                    67:9e:f5:0f:ce:30:4f:13:4f:94:58:96:db:1e:ca:
                    d5:08:01:28:5f:82:7c:bb:a2:83:42:f2:0c:bd:de:
                    c2:8a:af:f2:70:8a:c6:fd:0f:61:b1:4f:6e:6e:b3:
                    4f:0f:6c:17:fa:18:3a:3a:de:53:0d:e7:02:c2:26:
                    02:f5:bc:7b:60:b3:94:31:61:b3:3e:bd:b6:82:02:
                    87:2d:01:39:3a:e2:ef:a9:98:15:d3:35:bb:da:6f:
                    3c:26:fb:96:5e:06:2c:b5:01:40:dd:e1:e4:a1:bb:
                    16:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:85:C8:76:1A:7B:16:D7:D6:70:B6:6C:FF:6B:DA:23:71:F3:A4:1A
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:58:e6:2b:cb:5d:76:32:7d:ee:0b:bc:dd:5e:86:b2:5b:d5:
         5e:05:4e:72:1b:9d:5a:94:7b:89:c5:61:02:2a:90:0d:5b:a3:
         8b:90:18:4d:6d:87:f0:77:17:69:cb:68:17:d7:0b:ea:83:27:
         58:c0:ad:ff:5e:18:45:6b:2b:e5:9a:f2:6f:f0:77:92:0a:02:
         7e:f9:c4:0b:fb:8e:13:57:55:2a:af:f7:2a:a6:13:c0:73:22:
         d2:99:e9:55:9d:10:b1:93:ff:fa:26:2a:7b:7a:82:62:cd:93:
         1e:fb:23:e7:0b:33:02:23:dd:e0:19:da:d2:0f:0a:e9:77:db:
         16:a0:db:21:16:e7:34:de:51:6b:a9:2f:7f:e3:36:86:ac:eb:
         fa:23:59:f9:b2:33:cf:6a:19:e0:84:7b:67:39:ff:64:62:24:
         6c:d1:84:12:66:c8:50:4f:64:0d:b7:40:7a:1b:7e:21:4a:39:
         d5:e1:56:41:6e:9f:08:d2:9a:f0:42:a0:a2:f6:7f:2a:e1:5e:
         9f:40:5f:ac:d1:61:ef:8d:fa:49:8d:fa:33:fa:14:05:c5:3d:
         2d:9a:92:e5:19:c4:40:f9:c9:20:4a:18:0d:bb:fa:8f:39:50:
         b8:34:4d:22:00:7f:36:f8:6e:86:bd:f2:eb:b1:62:e4:e9:5c:
         41:44:84:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRQdzipgUKHydSObbs11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjYwMzI5MDMwMDIzWhcNMjYwMzMwMDMwMDIzWjAzMTEwLwYDVQQD
Eyg4Mjg1Yzg3NjFhN2IxNmQ3ZDY3MGI2NmNmZjZiZGEyMzcxZjNhNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNBiJ1B3nZOPETsG3VFK2f8k8k+A
w/V3PlekfxTwzy+J9owBiNqEyw/Uv0JAhShBrebIZQWaIG5xHiXJMU+oAx7BlHSs
mD7frB3wJsU6DD9fcp1Dx8KEj1tb/OkVGUW9mUMQR3/MvFSruaieh0v55M0K17ga
UjlAvC/k9LtEJFOhzHAWssnbUgTzWDLbuRW5iHDYOpxnnvUPzjBPE0+UWJbbHsrV
CAEoX4J8u6KDQvIMvd7Ciq/ycIrG/Q9hsU9ubrNPD2wX+hg6Ot5TDecCwiYC9bx7
YLOUMWGzPr22ggKHLQE5OuLvqZgV0zW72m88JvuWXgYstQFA3eHkobsWCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKFyHYaexbX1nC2bP9r2iNx86QaMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwVjmK8td
djJ97gu83V6GslvVXgVOchudWpR7icVhAiqQDVuji5AYTW2H8HcXactoF9cL6oMn
WMCt/14YRWsr5Zryb/B3kgoCfvnEC/uOE1dVKq/3KqYTwHMi0pnpVZ0QsZP/+iYq
e3qCYs2THvsj5wszAiPd4Bna0g8K6XfbFqDbIRbnNN5Ra6kvf+M2hqzr+iNZ+bIz
z2oZ4IR7Zzn/ZGIkbNGEEmbIUE9kDbdAeht+IUo51eFWQW6fCNKa8EKgovZ/KuFe
n0BfrNFh7436SY36M/oUBcU9LZqS5RnEQPnJIEoYDbv6jzlQuDRNIgB/Nvhuhr3y
67Fi5OlcQUSE/g==
-----END CERTIFICATE-----