Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
File:                     ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft (raw, json)
Hash identifier:          FoJd2Qg6IypZGjmjh2MQ6KcoNcr6uKovr53phoVFIfA=
Subject key identifier:   D6:2C:8F:8E:2B:35:AC:C6:2F:E9:A6:99:16:07:04:1D:F0:33:4A:62
Authority key identifier: B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17
Certificate issuer:       /CN=b9f1d5b06f5701555ff5888154dd141b48896117
Certificate serial:       019D386614FB919185FFEBE03FE7DEAFF639
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
Manifest number:          18A6
Signing time:             Sun 29 Mar 2026 07:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:47 +0000
Files and hashes:         1: ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl (hash: f7+hg7MBi8MolQq/SiT78okBa0YlGMP9MN5qhvuraAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:14:fb:91:91:85:ff:eb:e0:3f:e7:de:af:f6:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9f1d5b06f5701555ff5888154dd141b48896117
        Validity
            Not Before: Mar 29 07:01:47 2026 GMT
            Not After : Mar 30 07:01:47 2026 GMT
        Subject: CN=d62c8f8e2b35acc62fe9a6991607041df0334a62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:07:40:3f:47:c1:2b:1d:a6:fc:95:c0:78:88:
                    fb:ee:22:60:27:f1:08:26:83:b8:fd:67:43:55:09:
                    a1:0e:fe:9d:86:98:ed:b5:2a:5f:38:14:a5:2d:b4:
                    c7:fc:20:11:5e:d4:f6:a4:12:d5:c1:dd:14:5c:43:
                    10:a7:2c:ea:3b:1c:1f:37:04:8c:7d:8a:c3:1d:8a:
                    cc:21:ce:76:01:c9:15:d8:9d:b7:b7:d3:c4:58:0b:
                    41:9f:1c:83:d1:b6:ce:e0:14:e6:3f:f9:cd:ba:60:
                    6c:bb:85:a0:1d:94:43:66:9e:94:76:59:44:1c:bb:
                    75:3f:e1:93:40:a4:1f:b8:3c:ff:3d:d2:77:1a:43:
                    9b:2c:96:3d:f0:81:ce:22:cd:68:a3:6b:2e:0e:ae:
                    91:74:76:3f:9f:cb:14:9d:72:97:7e:77:ab:3e:ad:
                    2d:b0:b9:ea:81:b1:84:c6:12:70:8f:1b:7b:23:ad:
                    14:19:76:80:d3:39:9f:3d:25:0f:8f:d8:c5:f5:2b:
                    70:4b:d0:12:d7:7f:dd:6a:9e:5c:8b:fa:91:07:1b:
                    20:6a:4d:9f:0c:f9:c3:44:af:0c:a1:a1:c7:c3:58:
                    9a:78:d6:ab:31:57:c6:0f:5e:d0:0d:08:da:28:2a:
                    55:e9:0e:2c:e8:ae:bb:e2:fe:ff:9c:3d:20:a4:b2:
                    4c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:2C:8F:8E:2B:35:AC:C6:2F:E9:A6:99:16:07:04:1D:F0:33:4A:62
            X509v3 Authority Key Identifier:
                keyid:B9:F1:D5:B0:6F:57:01:55:5F:F5:88:81:54:DD:14:1B:48:89:61:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufHVsG9XAVVf9YiBVN0UG0iJYRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/caf5ea-626e-455a-8708-f5ca8fa7270d/1/ufHVsG9XAVVf9YiBVN0UG0iJYRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:73:f4:46:07:e6:22:0c:7b:d2:ce:5e:1e:c3:f4:4e:43:d5:
         29:3e:d7:24:9e:55:5b:b0:eb:5c:4b:d6:a7:93:b5:56:99:6c:
         d5:3f:ba:44:89:08:40:e1:92:83:24:8e:b9:ac:58:4f:cd:a3:
         b1:a9:be:bb:e4:02:7c:34:8c:bb:a2:9f:26:7f:5c:14:30:93:
         6f:e2:fe:03:48:a9:c3:b7:4c:16:1b:3a:15:ab:1a:67:61:45:
         bf:5a:8d:39:47:1e:af:86:bf:e8:7b:1f:e2:9c:d2:38:e0:3f:
         3d:58:9f:10:64:55:fd:4c:78:93:5d:e0:62:71:c2:1c:85:10:
         a8:b6:f0:61:c4:a8:a9:03:60:53:4a:d8:0b:43:a0:ad:71:30:
         79:46:0d:ec:72:e1:2d:d6:71:7b:c0:4d:94:57:bf:fe:52:4a:
         81:5c:5a:5e:cb:2c:32:e1:50:c6:2b:00:19:d8:da:b6:12:14:
         f4:5c:2d:28:3d:40:de:eb:6f:78:34:bd:ce:ca:0b:d5:44:d1:
         e0:fd:be:14:71:8c:6a:48:6b:54:77:af:c2:ff:dd:ec:b1:0f:
         99:5b:30:98:aa:93:81:bb:76:a0:b5:6c:12:74:50:d2:f7:34:
         60:42:d7:8c:a5:c1:b6:69:f5:bc:7e:6b:28:a7:e0:a9:8e:2c:
         2d:4b:f9:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhT7kZGF/+vgP+fer/Y5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZjFkNWIwNmY1NzAxNTU1ZmY1ODg4MTU0ZGQxNDFiNDg4
OTYxMTcwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
EyhkNjJjOGY4ZTJiMzVhY2M2MmZlOWE2OTkxNjA3MDQxZGYwMzM0YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQdAP0fBKx2m/JXAeIj77iJgJ/EI
JoO4/WdDVQmhDv6dhpjttSpfOBSlLbTH/CARXtT2pBLVwd0UXEMQpyzqOxwfNwSM
fYrDHYrMIc52AckV2J23t9PEWAtBnxyD0bbO4BTmP/nNumBsu4WgHZRDZp6UdllE
HLt1P+GTQKQfuDz/PdJ3GkObLJY98IHOIs1oo2suDq6RdHY/n8sUnXKXfnerPq0t
sLnqgbGExhJwjxt7I60UGXaA0zmfPSUPj9jF9StwS9AS13/dap5ci/qRBxsgak2f
DPnDRK8MoaHHw1iaeNarMVfGD17QDQjaKCpV6Q4s6K674v7/nD0gpLJMAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYsj44rNazGL+mmmRYHBB3wM0piMB8GA1UdIwQY
MBaAFLnx1bBvVwFVX/WIgVTdFBtIiWEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgt
ZjVjYThmYTcyNzBkLzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9jYWY1ZWEtNjI2ZS00NTVhLTg3MDgtZjVjYThmYTcyNzBk
LzEvdWZIVnNHOVhBVlZmOVlpQlZOMFVHMGlKWVJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiHP0Rgfm
Igx70s5eHsP0TkPVKT7XJJ5VW7DrXEvWp5O1Vpls1T+6RIkIQOGSgySOuaxYT82j
sam+u+QCfDSMu6KfJn9cFDCTb+L+A0ipw7dMFhs6FasaZ2FFv1qNOUcer4a/6Hsf
4pzSOOA/PVifEGRV/Ux4k13gYnHCHIUQqLbwYcSoqQNgU0rYC0OgrXEweUYN7HLh
LdZxe8BNlFe//lJKgVxaXsssMuFQxisAGdjathIU9FwtKD1A3utveDS9zsoL1UTR
4P2+FHGMakhrVHevwv/d7LEPmVswmKqTgbt2oLVsEnRQ0vc0YELXjKXBtmn1vH5r
KKfgqY4sLUv52g==
-----END CERTIFICATE-----