Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/150033-06ed-474f-a9e9-9162feb43a0a/1/UBgkf7zuOIV32aTE3_wTdEYb-Jo.mft
File:                     UBgkf7zuOIV32aTE3_wTdEYb-Jo.mft (raw, json)
Hash identifier:          GfRYN8awFG79nnvcsO7561kg/SNLmimDBP5S5Y1pwkM=
Subject key identifier:   DF:40:C6:DA:92:59:BC:5F:80:50:D6:36:74:4B:B3:92:1B:6F:06:90
Authority key identifier: 50:18:24:7F:BC:EE:38:85:77:D9:A4:C4:DF:FC:13:74:46:1B:F8:9A
Certificate issuer:       /CN=5018247fbcee388577d9a4c4dffc1374461bf89a
Certificate serial:       019D3A8A6E81563544125111D4128745434C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UBgkf7zuOIV32aTE3_wTdEYb-Jo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/150033-06ed-474f-a9e9-9162feb43a0a/1/UBgkf7zuOIV32aTE3_wTdEYb-Jo.mft
Manifest number:          D7
Signing time:             Sun 29 Mar 2026 17:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 17:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 17:00:43 +0000
Files and hashes:         1: UBgkf7zuOIV32aTE3_wTdEYb-Jo.crl (hash: c3GDG3QhQoKdZE2wbiA1iXeI7vdOw5JDHjqjwYE+ieg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/150033-06ed-474f-a9e9-9162feb43a0a/1/UBgkf7zuOIV32aTE3_wTdEYb-Jo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/150033-06ed-474f-a9e9-9162feb43a0a/1/UBgkf7zuOIV32aTE3_wTdEYb-Jo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UBgkf7zuOIV32aTE3_wTdEYb-Jo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:6e:81:56:35:44:12:51:11:d4:12:87:45:43:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5018247fbcee388577d9a4c4dffc1374461bf89a
        Validity
            Not Before: Mar 29 17:00:43 2026 GMT
            Not After : Mar 30 17:00:43 2026 GMT
        Subject: CN=df40c6da9259bc5f8050d636744bb3921b6f0690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:aa:0e:bc:4d:23:16:47:d2:fd:52:96:ca:7e:
                    3d:77:e7:42:b4:03:45:6c:42:36:f0:a0:22:f1:40:
                    e9:7f:26:06:72:38:22:ba:e3:88:87:28:bc:9f:db:
                    94:22:ee:98:3c:11:bf:f6:c8:28:27:e9:cb:37:f7:
                    c0:f3:92:81:65:fb:28:02:03:8f:0c:21:b0:59:19:
                    09:e2:6b:4a:44:0c:9d:47:76:a0:fc:ef:34:92:d4:
                    7c:89:e4:01:45:87:5d:08:f9:64:f1:d0:5f:a5:54:
                    f2:0d:89:16:2f:61:fd:4f:ab:08:b1:63:e2:62:c5:
                    9e:bb:f6:0a:f2:6b:87:e8:30:53:03:d4:c8:5e:94:
                    24:1a:64:08:23:2b:7d:70:f2:8b:aa:17:83:18:a8:
                    a8:94:2f:3f:ae:10:46:1f:28:94:fb:8d:ac:e7:55:
                    8f:0d:dd:b9:e0:3d:b1:73:b6:6b:94:1e:d5:4b:3d:
                    a1:46:a3:60:55:a4:e4:9e:91:15:e4:04:fa:d9:50:
                    52:eb:11:d9:20:30:64:4d:80:11:cb:f5:31:56:8e:
                    7a:da:40:ab:59:f9:8d:f9:ed:49:14:d9:53:9d:de:
                    a0:11:fb:9a:8a:6c:ef:1c:18:29:e1:3a:65:04:52:
                    13:91:13:9e:63:dd:67:25:79:fa:75:78:35:2b:5d:
                    42:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:40:C6:DA:92:59:BC:5F:80:50:D6:36:74:4B:B3:92:1B:6F:06:90
            X509v3 Authority Key Identifier:
                keyid:50:18:24:7F:BC:EE:38:85:77:D9:A4:C4:DF:FC:13:74:46:1B:F8:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBgkf7zuOIV32aTE3_wTdEYb-Jo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/150033-06ed-474f-a9e9-9162feb43a0a/1/UBgkf7zuOIV32aTE3_wTdEYb-Jo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/150033-06ed-474f-a9e9-9162feb43a0a/1/UBgkf7zuOIV32aTE3_wTdEYb-Jo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:07:30:ab:48:03:c9:a8:4d:40:0c:4d:30:ce:ab:1b:6d:fa:
         80:ca:bd:30:39:ad:a3:ac:79:c0:97:d3:05:de:8b:af:d5:b4:
         f6:25:a3:b0:b3:28:26:a7:a2:72:c2:7a:41:b3:43:9b:59:13:
         ae:7d:4d:9b:fa:c0:50:d8:e7:d8:f3:e7:f7:ae:44:18:a1:9c:
         be:7e:d7:c2:81:21:a1:77:d2:e2:3f:6c:45:15:1a:4b:a5:71:
         f8:c8:ae:10:f0:b5:8f:89:b4:96:96:e1:74:a3:22:13:05:ef:
         c4:35:b4:01:c2:c5:18:9d:e7:e2:b2:d9:5c:0a:9d:09:10:7d:
         5d:c1:47:21:00:f5:52:ee:e4:7a:49:1e:b0:79:a1:55:de:87:
         53:05:58:4c:96:df:71:53:fb:72:d7:9c:b1:90:cc:94:bd:6e:
         35:d0:7c:5c:e4:15:10:f0:0a:79:25:df:3d:dd:7a:b6:2c:44:
         c0:c8:69:e8:94:7a:9c:a4:e3:cc:68:68:3d:f8:52:32:d5:ad:
         31:31:3e:15:b3:bf:79:d2:c3:9a:14:5a:cf:cf:b1:d4:61:85:
         13:45:16:ae:44:bf:fd:fd:4e:02:d8:df:02:c4:c5:23:02:87:
         ff:70:5b:72:ef:e7:ec:bc:a6:f8:59:8a:44:72:4e:6c:0b:d6:
         78:7d:c5:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06im6BVjVEElER1BKHRUNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTgyNDdmYmNlZTM4ODU3N2Q5YTRjNGRmZmMxMzc0NDYx
YmY4OWEwHhcNMjYwMzI5MTcwMDQzWhcNMjYwMzMwMTcwMDQzWjAzMTEwLwYDVQQD
EyhkZjQwYzZkYTkyNTliYzVmODA1MGQ2MzY3NDRiYjM5MjFiNmYwNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKoOvE0jFkfS/VKWyn49d+dCtANF
bEI28KAi8UDpfyYGcjgiuuOIhyi8n9uUIu6YPBG/9sgoJ+nLN/fA85KBZfsoAgOP
DCGwWRkJ4mtKRAydR3ag/O80ktR8ieQBRYddCPlk8dBfpVTyDYkWL2H9T6sIsWPi
YsWeu/YK8muH6DBTA9TIXpQkGmQIIyt9cPKLqheDGKiolC8/rhBGHyiU+42s51WP
Dd254D2xc7ZrlB7VSz2hRqNgVaTknpEV5AT62VBS6xHZIDBkTYARy/UxVo562kCr
WfmN+e1JFNlTnd6gEfuaimzvHBgp4TplBFITkROeY91nJXn6dXg1K11CbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9AxtqSWbxfgFDWNnRLs5IbbwaQMB8GA1UdIwQY
MBaAFFAYJH+87jiFd9mkxN/8E3RGG/iaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJna2Y3enVPSVYzMmFURTNfd1RkRVliLUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNTAwMzMtMDZlZC00NzRmLWE5ZTkt
OTE2MmZlYjQzYTBhLzEvVUJna2Y3enVPSVYzMmFURTNfd1RkRVliLUpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xNTAwMzMtMDZlZC00NzRmLWE5ZTktOTE2MmZlYjQzYTBh
LzEvVUJna2Y3enVPSVYzMmFURTNfd1RkRVliLUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwcwq0gD
yahNQAxNMM6rG236gMq9MDmto6x5wJfTBd6Lr9W09iWjsLMoJqeicsJ6QbNDm1kT
rn1Nm/rAUNjn2PPn965EGKGcvn7XwoEhoXfS4j9sRRUaS6Vx+MiuEPC1j4m0lpbh
dKMiEwXvxDW0AcLFGJ3n4rLZXAqdCRB9XcFHIQD1Uu7kekkesHmhVd6HUwVYTJbf
cVP7ctecsZDMlL1uNdB8XOQVEPAKeSXfPd16tixEwMhp6JR6nKTjzGhoPfhSMtWt
MTE+FbO/edLDmhRaz8+x1GGFE0UWrkS//f1OAtjfAsTFIwKH/3Bbcu/n7Lym+FmK
RHJObAvWeH3FFA==
-----END CERTIFICATE-----