Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          JjS3lWzYz+WSDKeKjlysVyBcZFGHacHI5u9v5hqLMV8=
Subject key identifier:   7F:05:9D:17:13:99:80:95:B2:60:03:C1:79:50:71:2A:80:E3:AD:5F
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       019D386663C36C85EFE64814FB819FCF7CFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          0343
Signing time:             Sun 29 Mar 2026 07:02:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:07 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: vczwps41Rw2u+9f3os79jSq96QNFdhJlo1d1cb3Qt5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:63:c3:6c:85:ef:e6:48:14:fb:81:9f:cf:7c:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Mar 29 07:02:07 2026 GMT
            Not After : Mar 30 07:02:07 2026 GMT
        Subject: CN=7f059d1713998095b26003c17950712a80e3ad5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bb:a7:01:c9:b3:bf:4e:6c:c8:c7:9c:81:a0:
                    b5:8f:09:68:8d:6c:ea:75:64:7d:28:96:85:f8:fd:
                    5f:b9:3e:52:cf:19:c0:de:cf:6a:d2:07:ec:03:13:
                    a2:be:bf:d0:26:bd:45:3c:55:32:0d:b3:99:e6:36:
                    a9:37:40:40:24:59:b8:f1:eb:46:47:7d:e1:35:e7:
                    c1:35:dc:d6:a6:dc:06:d7:32:c3:31:ba:9d:86:fb:
                    ac:c1:10:9f:04:ab:a1:55:bd:29:ea:28:cd:d7:78:
                    7f:78:b4:14:84:68:e0:68:b1:0c:8e:70:34:1a:6d:
                    3b:ff:1e:eb:27:de:ed:d4:a0:f9:26:07:d1:95:00:
                    60:7f:c4:af:f2:45:4b:3f:15:cb:f5:90:af:1d:ad:
                    64:81:45:7e:5d:5b:ad:af:cc:af:2a:9a:1b:d9:bb:
                    87:8a:ef:6b:ac:9c:5f:1a:de:d1:02:ab:f4:37:52:
                    97:9b:90:4c:59:fc:78:68:4d:fb:12:43:db:e7:da:
                    56:e4:7a:65:4b:c5:45:7b:4f:8d:91:37:a8:b8:24:
                    a1:f5:58:e1:b6:d3:35:49:bf:74:4d:9c:fb:ca:3f:
                    90:ad:1d:14:81:13:52:b3:b9:5d:7e:be:97:5c:ed:
                    7a:7b:85:af:81:6b:0d:ac:b8:e3:b5:07:dc:00:79:
                    dd:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:05:9D:17:13:99:80:95:B2:60:03:C1:79:50:71:2A:80:E3:AD:5F
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:3d:12:ef:22:db:64:62:a2:f6:9e:07:6d:b4:ce:78:a3:d9:
         fc:d9:4a:c4:09:d7:61:e7:39:66:a6:20:0c:df:90:11:0c:2c:
         67:ad:5c:86:fc:db:31:55:80:c3:a0:92:e5:58:9f:ca:5e:93:
         68:88:69:c3:34:25:75:77:30:04:ee:51:fe:8f:8c:b0:11:e6:
         d0:8e:a3:ee:47:c6:b8:22:56:cb:92:8b:bb:8b:ff:9f:14:11:
         b5:17:80:cc:37:25:d1:7f:96:8c:da:1e:6f:3e:09:53:da:64:
         3c:84:e1:45:ab:55:6f:81:ec:07:fe:50:c0:8b:bb:5d:9f:0a:
         8b:99:88:61:a6:bd:7d:67:08:18:89:16:6d:37:6a:dd:98:5f:
         4f:a4:3b:30:a1:9a:25:41:da:be:f5:4c:4b:30:7b:68:7a:3f:
         37:cf:a3:d6:d8:78:6d:d1:a5:12:24:4b:bc:0e:53:b8:d1:5a:
         23:aa:37:54:27:ed:00:63:77:18:8d:e7:6a:a5:01:b0:1e:e8:
         51:d4:4e:4a:17:f0:34:a9:31:78:64:ab:d2:85:bd:a2:3e:70:
         49:0a:96:70:4a:f5:bc:ff:b7:25:fe:5f:5e:8f:48:b2:dd:47:
         74:47:7c:ef:ee:7f:82:05:c5:3e:b0:c6:f7:a0:4e:c9:fd:df:
         31:0f:a7:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmPDbIXv5kgU+4Gfz3z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjYwMzI5MDcwMjA3WhcNMjYwMzMwMDcwMjA3WjAzMTEwLwYDVQQD
Eyg3ZjA1OWQxNzEzOTk4MDk1YjI2MDAzYzE3OTUwNzEyYTgwZTNhZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbunAcmzv05syMecgaC1jwlojWzq
dWR9KJaF+P1fuT5SzxnA3s9q0gfsAxOivr/QJr1FPFUyDbOZ5japN0BAJFm48etG
R33hNefBNdzWptwG1zLDMbqdhvuswRCfBKuhVb0p6ijN13h/eLQUhGjgaLEMjnA0
Gm07/x7rJ97t1KD5JgfRlQBgf8Sv8kVLPxXL9ZCvHa1kgUV+XVutr8yvKpob2buH
iu9rrJxfGt7RAqv0N1KXm5BMWfx4aE37EkPb59pW5HplS8VFe0+NkTeouCSh9Vjh
ttM1Sb90TZz7yj+QrR0UgRNSs7ldfr6XXO16e4WvgWsNrLjjtQfcAHnd8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8FnRcTmYCVsmADwXlQcSqA461fMB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASz0S7yLb
ZGKi9p4HbbTOeKPZ/NlKxAnXYec5ZqYgDN+QEQwsZ61chvzbMVWAw6CS5Vifyl6T
aIhpwzQldXcwBO5R/o+MsBHm0I6j7kfGuCJWy5KLu4v/nxQRtReAzDcl0X+WjNoe
bz4JU9pkPIThRatVb4HsB/5QwIu7XZ8Ki5mIYaa9fWcIGIkWbTdq3ZhfT6Q7MKGa
JUHavvVMSzB7aHo/N8+j1th4bdGlEiRLvA5TuNFaI6o3VCftAGN3GI3naqUBsB7o
UdROShfwNKkxeGSr0oW9oj5wSQqWcEr1vP+3Jf5fXo9Ist1HdEd87+5/ggXFPrDG
96BOyf3fMQ+n4A==
-----END CERTIFICATE-----