Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
File:                     ujWrXugfdPzKSgwT6XLsHP6WeTs.mft (raw, json)
Hash identifier:          +T0FNrMRgubxaOiL29oqH+WG4u29j2NM6ZoTWH9aSes=
Subject key identifier:   AD:5E:FC:31:8D:8B:10:4F:45:C2:80:06:23:67:FC:67:30:74:66:83
Authority key identifier: BA:35:AB:5E:E8:1F:74:FC:CA:4A:0C:13:E9:72:EC:1C:FE:96:79:3B
Certificate issuer:       /CN=ba35ab5ee81f74fcca4a0c13e972ec1cfe96793b
Certificate serial:       019D3866250BDAE4D405A873DA8D7854865E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
Manifest number:          0B66
Signing time:             Sun 29 Mar 2026 07:01:51 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:51 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:51 +0000
Files and hashes:         1: ujWrXugfdPzKSgwT6XLsHP6WeTs.crl (hash: fAqCCfu4FJZw1yJzV2krCf9V8nUXDwpjhds/HPTY4TI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:25:0b:da:e4:d4:05:a8:73:da:8d:78:54:86:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba35ab5ee81f74fcca4a0c13e972ec1cfe96793b
        Validity
            Not Before: Mar 29 07:01:51 2026 GMT
            Not After : Mar 30 07:01:51 2026 GMT
        Subject: CN=ad5efc318d8b104f45c280062367fc6730746683
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:56:10:2a:ec:d5:f0:d9:31:cb:4d:ed:72:93:
                    8b:5d:ff:a4:fb:e1:c6:c3:52:83:0a:8e:69:eb:18:
                    5d:73:24:36:af:fd:60:fc:8c:b4:d0:9e:3b:63:46:
                    15:c5:47:b2:ed:31:19:f5:f3:79:72:93:f8:e5:3f:
                    12:99:64:22:b9:ea:d4:f8:bb:22:5b:be:e7:1a:cf:
                    9a:fc:10:7f:73:8c:e4:30:cb:ff:39:0e:48:59:08:
                    c2:9d:f8:44:c1:81:58:72:12:79:76:d1:fb:12:d4:
                    50:4b:96:2e:36:f1:e4:0d:36:ab:df:74:6f:ec:94:
                    39:aa:8c:8e:ed:9f:5f:99:0e:6b:62:79:48:26:ae:
                    e1:67:ec:5c:65:97:82:7c:4a:b5:e3:bb:a1:77:69:
                    27:a3:0d:ac:27:92:46:32:c2:af:ca:06:62:b1:5b:
                    84:ff:4d:22:f6:26:6f:c4:6a:f8:a3:48:89:bc:13:
                    b5:e8:a0:6e:98:49:b5:dd:ba:66:72:2e:91:76:2b:
                    6e:be:c6:ff:de:f2:21:2b:6a:49:35:d5:b2:57:cb:
                    e6:33:55:11:39:f0:84:e2:13:67:b7:86:4b:64:32:
                    87:31:27:0f:8a:fb:4d:84:8b:66:aa:5e:2b:94:65:
                    e0:75:36:b9:b8:af:60:36:d1:1d:34:ca:68:8a:5d:
                    29:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:5E:FC:31:8D:8B:10:4F:45:C2:80:06:23:67:FC:67:30:74:66:83
            X509v3 Authority Key Identifier:
                keyid:BA:35:AB:5E:E8:1F:74:FC:CA:4A:0C:13:E9:72:EC:1C:FE:96:79:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujWrXugfdPzKSgwT6XLsHP6WeTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/c0bd66-eed2-429f-a6c7-15efc6785b16/1/ujWrXugfdPzKSgwT6XLsHP6WeTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:2f:0a:c1:92:53:1a:09:4c:e1:1a:7b:61:1e:ce:fb:e7:45:
         11:23:b8:d1:2c:10:12:04:a6:d4:82:9b:aa:58:ab:90:f8:9a:
         c9:76:8d:d7:45:5d:30:46:4b:ab:f9:1a:dd:c4:14:83:fb:7e:
         24:12:c9:4f:25:fd:ae:84:df:15:14:c9:b5:61:52:e9:2d:60:
         90:e6:c6:1f:5b:5a:88:97:04:04:7b:bb:61:b1:c8:2a:35:2d:
         18:da:6f:65:80:9a:fe:d6:1d:c8:3a:2b:3f:ef:bb:38:24:7b:
         69:87:98:f5:03:ae:06:06:7d:4c:54:f3:a4:50:d5:31:08:53:
         1a:3e:d3:8e:c9:88:48:e7:f9:e3:29:78:f2:18:5d:9a:29:f3:
         cf:81:71:2e:d3:be:c8:09:98:c6:8c:5f:36:43:14:05:d7:36:
         18:0c:33:a7:d5:d4:3c:d2:55:25:97:55:15:3d:0a:08:75:de:
         c3:1a:ca:37:f2:b9:4a:73:f7:d5:b7:a8:c9:e7:49:96:62:f3:
         ff:d2:b2:a7:6b:ba:8e:fb:2d:eb:11:81:b2:e8:c9:b9:e1:74:
         22:8a:5b:b0:31:03:98:85:f6:7e:ae:0d:62:d7:84:45:fa:67:
         f5:48:d9:99:55:dc:bd:43:56:a3:a8:dd:a1:89:97:bd:21:5d:
         7e:d0:ab:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiUL2uTUBahz2o14VIZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzVhYjVlZTgxZjc0ZmNjYTRhMGMxM2U5NzJlYzFjZmU5
Njc5M2IwHhcNMjYwMzI5MDcwMTUxWhcNMjYwMzMwMDcwMTUxWjAzMTEwLwYDVQQD
EyhhZDVlZmMzMThkOGIxMDRmNDVjMjgwMDYyMzY3ZmM2NzMwNzQ2NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVYQKuzV8Nkxy03tcpOLXf+k++HG
w1KDCo5p6xhdcyQ2r/1g/Iy00J47Y0YVxUey7TEZ9fN5cpP45T8SmWQiuerU+Lsi
W77nGs+a/BB/c4zkMMv/OQ5IWQjCnfhEwYFYchJ5dtH7EtRQS5YuNvHkDTar33Rv
7JQ5qoyO7Z9fmQ5rYnlIJq7hZ+xcZZeCfEq147uhd2know2sJ5JGMsKvygZisVuE
/00i9iZvxGr4o0iJvBO16KBumEm13bpmci6Rdituvsb/3vIhK2pJNdWyV8vmM1UR
OfCE4hNnt4ZLZDKHMScPivtNhItmql4rlGXgdTa5uK9gNtEdNMpoil0pwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1e/DGNixBPRcKABiNn/GcwdGaDMB8GA1UdIwQY
MBaAFLo1q17oH3T8ykoME+ly7Bz+lnk7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9jMGJkNjYtZWVkMi00MjlmLWE2Yzct
MTVlZmM2Nzg1YjE2LzEvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9jMGJkNjYtZWVkMi00MjlmLWE2YzctMTVlZmM2Nzg1YjE2
LzEvdWpXclh1Z2ZkUHpLU2d3VDZYTHNIUDZXZVRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOy8KwZJT
GglM4Rp7YR7O++dFESO40SwQEgSm1IKbqlirkPiayXaN10VdMEZLq/ka3cQUg/t+
JBLJTyX9roTfFRTJtWFS6S1gkObGH1taiJcEBHu7YbHIKjUtGNpvZYCa/tYdyDor
P++7OCR7aYeY9QOuBgZ9TFTzpFDVMQhTGj7TjsmISOf54yl48hhdminzz4FxLtO+
yAmYxoxfNkMUBdc2GAwzp9XUPNJVJZdVFT0KCHXewxrKN/K5SnP31beoyedJlmLz
/9Kyp2u6jvst6xGBsujJueF0IopbsDEDmIX2fq4NYteERfpn9UjZmVXcvUNWo6jd
oYmXvSFdftCrUA==
-----END CERTIFICATE-----