Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          jQy6SNPJQdmWIEC+6LFDWSI/ttEdZVpFFQufGLejEHs=
Subject key identifier:   21:5D:D4:A7:AC:CC:7E:EA:EE:C6:14:4A:58:02:4A:C5:7D:90:86:64
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       019D3865738EBDAB94766E42D53F1C64F681
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          0C14
Signing time:             Sun 29 Mar 2026 07:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:05 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: r3RcZ6D7Tk287jySkJvf0L7CqllY3Re5m+n2iIALRrM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:73:8e:bd:ab:94:76:6e:42:d5:3f:1c:64:f6:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: Mar 29 07:01:05 2026 GMT
            Not After : Mar 30 07:01:05 2026 GMT
        Subject: CN=215dd4a7accc7eeaeec6144a58024ac57d908664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7c:e2:b6:4a:32:96:24:e5:32:f0:25:4e:22:
                    ef:8c:6d:48:fe:ce:73:a3:86:4a:11:f7:73:22:36:
                    01:63:8c:5d:4f:3c:71:c3:e2:d2:73:e9:38:8c:6e:
                    99:3a:86:1e:61:f6:42:50:fb:82:99:23:75:ff:ee:
                    be:7b:af:d1:ab:29:16:ec:64:85:6d:a2:25:ed:bb:
                    79:3a:0d:a0:71:28:f2:b7:08:40:23:9f:53:bf:d8:
                    ff:cf:6f:9c:fd:9f:20:e3:a9:3c:fe:0c:57:bb:b6:
                    41:51:4b:54:9f:fe:97:4d:4e:f7:2e:c0:2d:33:ec:
                    66:ea:4e:da:f9:73:df:8c:94:88:ed:c3:5c:f7:3a:
                    d6:af:f5:5d:c1:f3:f8:cd:96:04:ed:0a:0d:04:3d:
                    be:f2:f7:1f:a6:cf:75:67:5f:be:d7:dc:5b:61:f2:
                    e0:71:a0:1a:03:5a:f5:60:cf:64:12:37:31:1c:c4:
                    07:d2:bd:c5:82:90:a6:48:4a:aa:69:14:24:69:6c:
                    31:95:56:18:12:05:8a:29:9e:43:58:c8:62:d7:a2:
                    a9:3a:e2:da:79:bd:dd:64:34:fd:51:f7:ec:d9:6b:
                    b8:26:db:df:73:90:f9:31:e5:9d:dc:2f:31:a8:ed:
                    eb:dc:ce:62:74:33:ef:64:15:ee:94:d1:99:00:63:
                    34:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:5D:D4:A7:AC:CC:7E:EA:EE:C6:14:4A:58:02:4A:C5:7D:90:86:64
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:04:3d:9e:5a:f7:5e:34:d5:2c:21:42:bc:b3:ab:19:44:84:
         28:e1:75:4f:5b:25:b5:9a:17:21:af:93:89:48:8d:7d:a7:f9:
         c3:b3:68:0f:c4:aa:f8:d9:b8:63:2d:26:8f:fe:cb:42:95:ec:
         80:ad:35:c8:e7:d5:8a:23:ed:a8:0a:60:df:8d:dc:cb:79:7f:
         fc:9b:fe:85:90:4e:09:e0:eb:9e:a5:1f:7b:fd:0c:b3:a9:bf:
         7b:9e:d5:9b:06:60:26:22:84:a6:fc:74:81:d8:82:9e:eb:3b:
         4a:50:bc:2a:5b:d2:99:66:cf:e0:0f:1f:5f:60:4e:97:a6:d5:
         cb:2e:16:21:a2:43:54:01:87:1a:b6:66:74:a3:51:e0:44:91:
         2c:24:f3:46:90:3a:58:45:ea:50:18:dc:65:96:a1:7d:ac:ab:
         15:7b:2d:67:56:d8:c4:91:4c:cc:19:5a:e5:55:39:12:d6:8a:
         e0:09:5e:29:a7:13:b5:f8:5d:f5:01:17:65:a9:fa:65:5e:99:
         5c:e2:c5:25:f9:a6:68:14:ed:bd:49:04:d6:ff:ba:c9:03:37:
         5d:fe:5f:c7:ae:22:db:fd:a9:36:eb:61:9e:ff:83:35:e4:be:
         7c:de:44:27:6d:08:07:57:96:39:d9:f8:ad:6b:0a:87:67:a8:
         ba:f7:cf:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXOOvauUdm5C1T8cZPaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
EygyMTVkZDRhN2FjY2M3ZWVhZWVjNjE0NGE1ODAyNGFjNTdkOTA4NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXzitkoyliTlMvAlTiLvjG1I/s5z
o4ZKEfdzIjYBY4xdTzxxw+LSc+k4jG6ZOoYeYfZCUPuCmSN1/+6+e6/RqykW7GSF
baIl7bt5Og2gcSjytwhAI59Tv9j/z2+c/Z8g46k8/gxXu7ZBUUtUn/6XTU73LsAt
M+xm6k7a+XPfjJSI7cNc9zrWr/VdwfP4zZYE7QoNBD2+8vcfps91Z1++19xbYfLg
caAaA1r1YM9kEjcxHMQH0r3FgpCmSEqqaRQkaWwxlVYYEgWKKZ5DWMhi16KpOuLa
eb3dZDT9Uffs2Wu4Jtvfc5D5MeWd3C8xqO3r3M5idDPvZBXulNGZAGM01wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFd1KeszH7q7sYUSlgCSsV9kIZkMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWAQ9nlr3
XjTVLCFCvLOrGUSEKOF1T1sltZoXIa+TiUiNfaf5w7NoD8Sq+Nm4Yy0mj/7LQpXs
gK01yOfViiPtqApg343cy3l//Jv+hZBOCeDrnqUfe/0Ms6m/e57VmwZgJiKEpvx0
gdiCnus7SlC8KlvSmWbP4A8fX2BOl6bVyy4WIaJDVAGHGrZmdKNR4ESRLCTzRpA6
WEXqUBjcZZahfayrFXstZ1bYxJFMzBla5VU5EtaK4AleKacTtfhd9QEXZan6ZV6Z
XOLFJfmmaBTtvUkE1v+6yQM3Xf5fx64i2/2pNuthnv+DNeS+fN5EJ20IB1eWOdn4
rWsKh2eouvfPwg==
-----END CERTIFICATE-----