Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
File:                     UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft (raw, json)
Hash identifier:          mmc/xPpHwyJ7EgriILD3YLEoASJZycDVulGStfgVYns=
Subject key identifier:   8E:51:AF:A2:DA:CB:57:19:02:43:CA:B1:C0:FE:32:9C:C8:0A:17:25
Authority key identifier: 52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D
Certificate issuer:       /CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
Certificate serial:       019D39409E6ED6CE3B8DCCEF5E682B9856A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
Manifest number:          17ED
Signing time:             Sun 29 Mar 2026 11:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:29 +0000
Files and hashes:         1: UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl (hash: 4dtkVo9MwZA37KHrpaVa7J4AgvRqTF4+jaz62e9m8sc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:9e:6e:d6:ce:3b:8d:cc:ef:5e:68:2b:98:56:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5262d3f27cc05be5924bb7bd890f7e6deffb497d
        Validity
            Not Before: Mar 29 11:00:29 2026 GMT
            Not After : Mar 30 11:00:29 2026 GMT
        Subject: CN=8e51afa2dacb57190243cab1c0fe329cc80a1725
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:38:bc:49:61:3b:56:35:04:09:a7:82:74:8d:
                    68:c2:b6:6b:90:0b:34:21:f8:3e:6f:f4:30:85:ca:
                    5f:31:75:03:22:d2:3b:6a:fa:06:85:29:e1:61:1b:
                    8f:68:b9:3d:19:63:67:e5:37:80:e5:72:6e:90:34:
                    39:87:de:8d:78:b5:0a:19:7e:7f:88:7f:16:6f:65:
                    20:97:18:bd:48:3e:c0:87:b2:e3:46:16:54:69:62:
                    0e:e3:09:5c:7a:76:70:7a:87:50:af:5f:b4:bb:92:
                    3e:f2:b2:00:88:7a:c9:41:54:3a:e5:ab:8b:62:d6:
                    cd:aa:c8:27:ad:97:f3:76:5d:d1:54:19:8c:fa:a7:
                    3e:ae:67:c5:a2:6e:9f:a5:18:c6:7b:c3:a7:24:3d:
                    82:33:18:c1:88:b4:74:2b:f0:a4:31:39:79:e8:db:
                    38:9c:41:54:7e:ca:21:7a:45:53:f0:a9:48:e8:73:
                    55:0d:f4:3c:64:b9:42:25:a3:47:89:ef:b5:5e:30:
                    39:e0:c8:f5:1f:e6:ec:66:fc:c4:57:c7:12:36:bc:
                    ca:d9:28:5f:0a:6a:ae:8c:92:66:f5:93:c1:d1:9f:
                    d7:ed:2f:83:55:d4:58:5b:20:f9:f2:3a:75:c1:17:
                    51:fc:e3:13:7c:03:de:f0:7e:e0:9f:33:d6:5a:03:
                    77:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:51:AF:A2:DA:CB:57:19:02:43:CA:B1:C0:FE:32:9C:C8:0A:17:25
            X509v3 Authority Key Identifier:
                keyid:52:62:D3:F2:7C:C0:5B:E5:92:4B:B7:BD:89:0F:7E:6D:EF:FB:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmLT8nzAW-WSS7e9iQ9-be_7SX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5974d6-6c67-442b-993a-7ae5987bee62/1/UmLT8nzAW-WSS7e9iQ9-be_7SX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:88:97:56:dc:1a:00:7d:93:91:d7:77:7b:ed:32:56:48:bd:
         5f:50:96:19:46:d5:73:1e:c4:b1:30:d5:63:ae:e7:d9:ba:c6:
         b0:9e:d4:04:28:26:89:3d:20:74:d1:5c:e3:2b:1c:85:9c:c4:
         58:f0:27:9d:98:03:ad:d5:1c:3c:34:1e:6a:68:df:24:23:8c:
         bf:90:d6:c0:2a:71:9c:c6:d3:06:ac:9f:8c:7d:e0:a3:bf:c5:
         6a:d5:e3:82:a5:9c:e4:2c:79:e8:3c:39:4d:d8:fb:09:88:05:
         e7:02:96:ed:ce:3a:55:a7:d1:9b:89:fe:47:d4:f4:10:d5:8e:
         2e:08:86:19:b1:76:51:5c:fb:ac:2a:4f:37:67:05:7b:70:73:
         2c:61:9a:89:7c:76:4f:d3:16:b4:ce:76:f4:a5:26:62:f4:af:
         30:df:cd:d6:ec:ea:8e:4e:23:17:3d:d7:f8:b3:81:8b:9d:70:
         7c:29:93:12:10:af:07:8c:5d:79:0b:59:7e:af:31:a8:36:ee:
         ae:d7:00:14:8f:00:7c:1c:24:81:76:f2:b2:7c:0c:6c:d4:df:
         3d:db:2c:3e:c8:31:88:b9:e2:d0:8a:b2:a1:1c:4b:af:be:9e:
         5e:47:e4:05:ee:5b:08:c6:9f:10:3c:0e:2d:c1:2a:d6:16:e8:
         61:6c:73:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QJ5u1s47jczvXmgrmFakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjJkM2YyN2NjMDViZTU5MjRiYjdiZDg5MGY3ZTZkZWZm
YjQ5N2QwHhcNMjYwMzI5MTEwMDI5WhcNMjYwMzMwMTEwMDI5WjAzMTEwLwYDVQQD
Eyg4ZTUxYWZhMmRhY2I1NzE5MDI0M2NhYjFjMGZlMzI5Y2M4MGExNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTi8SWE7VjUECaeCdI1owrZrkAs0
Ifg+b/QwhcpfMXUDItI7avoGhSnhYRuPaLk9GWNn5TeA5XJukDQ5h96NeLUKGX5/
iH8Wb2Uglxi9SD7Ah7LjRhZUaWIO4wlcenZweodQr1+0u5I+8rIAiHrJQVQ65auL
YtbNqsgnrZfzdl3RVBmM+qc+rmfFom6fpRjGe8OnJD2CMxjBiLR0K/CkMTl56Ns4
nEFUfsohekVT8KlI6HNVDfQ8ZLlCJaNHie+1XjA54Mj1H+bsZvzEV8cSNrzK2Shf
CmqujJJm9ZPB0Z/X7S+DVdRYWyD58jp1wRdR/OMTfAPe8H7gnzPWWgN3YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5Rr6Lay1cZAkPKscD+MpzIChclMB8GA1UdIwQY
MBaAFFJi0/J8wFvlkku3vYkPfm3v+0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2Et
N2FlNTk4N2JlZTYyLzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81OTc0ZDYtNmM2Ny00NDJiLTk5M2EtN2FlNTk4N2JlZTYy
LzEvVW1MVDhuekFXLVdTUzdlOWlROS1iZV83U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlYiXVtwa
AH2Tkdd3e+0yVki9X1CWGUbVcx7EsTDVY67n2brGsJ7UBCgmiT0gdNFc4yschZzE
WPAnnZgDrdUcPDQeamjfJCOMv5DWwCpxnMbTBqyfjH3go7/FatXjgqWc5Cx56Dw5
Tdj7CYgF5wKW7c46VafRm4n+R9T0ENWOLgiGGbF2UVz7rCpPN2cFe3BzLGGaiXx2
T9MWtM529KUmYvSvMN/N1uzqjk4jFz3X+LOBi51wfCmTEhCvB4xdeQtZfq8xqDbu
rtcAFI8AfBwkgXbysnwMbNTfPdssPsgxiLni0IqyoRxLr76eXkfkBe5bCMafEDwO
LcEq1hboYWxzUQ==
-----END CERTIFICATE-----