Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
File:                     UTNdj7orxzOYOV-90-DW8_89G2Q.mft (raw, json)
Hash identifier:          vaPlyl9OyCYrB6R5Ry6GE18tmpsw3XR7LMofqQpFgL8=
Subject key identifier:   7B:91:56:CF:25:FA:86:FF:A5:3C:33:CC:31:71:2C:75:48:B4:B8:9A
Authority key identifier: 51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64
Certificate issuer:       /CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
Certificate serial:       019D3940BFECBCAEECC6652B2FF9C30783C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
Manifest number:          1423
Signing time:             Sun 29 Mar 2026 11:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:37 +0000
Files and hashes:         1: UTNdj7orxzOYOV-90-DW8_89G2Q.crl (hash: rGtbEuhSJp/hWighc04lvVGd2eWxu18D3OTeNdG6dEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:bf:ec:bc:ae:ec:c6:65:2b:2f:f9:c3:07:83:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
        Validity
            Not Before: Mar 29 11:00:37 2026 GMT
            Not After : Mar 30 11:00:37 2026 GMT
        Subject: CN=7b9156cf25fa86ffa53c33cc31712c7548b4b89a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:81:9a:2b:14:ed:3c:88:c1:7f:c4:cf:68:42:
                    71:4a:6c:49:cc:48:88:22:35:c1:15:26:0c:b3:fc:
                    8d:97:67:78:c4:65:8d:1f:dc:e3:fe:bb:3b:6a:a1:
                    ca:7f:1d:bc:1f:7d:3a:b3:ff:a4:a9:52:3d:4c:01:
                    56:1e:08:5d:f6:1d:57:56:ee:c6:68:b4:ca:bf:ec:
                    e2:b1:12:9e:a0:b1:06:4a:6d:bf:ab:35:c5:5d:a7:
                    0e:7f:ab:bb:83:88:8a:5e:c0:d3:1c:c2:69:66:dd:
                    f9:63:2f:c4:41:91:d9:44:23:9b:fa:5d:93:d8:28:
                    08:ed:13:ca:fc:5c:3d:9f:45:79:cf:ca:8e:fc:54:
                    43:d4:0d:50:a6:a3:b5:73:6d:e4:ea:2f:f5:38:cb:
                    90:04:e4:68:de:cf:1a:0d:2b:8f:c6:45:bf:ab:58:
                    32:54:6d:15:36:d5:e8:35:bc:b2:9f:55:02:d5:3a:
                    a0:59:c0:4b:e7:47:d0:09:d5:da:8b:5c:18:09:04:
                    eb:91:75:0a:b2:f6:1b:43:27:4c:97:eb:fa:b1:2c:
                    a7:22:96:c8:1c:d8:c7:4e:a1:83:74:64:f2:cc:b8:
                    38:ba:f1:27:a1:02:74:ed:9b:e3:8c:f6:7d:c6:e5:
                    b0:bd:09:b4:fe:5c:c2:cf:5c:9d:15:41:b5:e6:63:
                    b7:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:91:56:CF:25:FA:86:FF:A5:3C:33:CC:31:71:2C:75:48:B4:B8:9A
            X509v3 Authority Key Identifier:
                keyid:51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:c8:cf:38:47:d1:4a:0b:be:20:8d:a8:b4:e8:37:7a:2c:cd:
         46:17:2c:e6:d3:df:34:c4:dc:01:10:89:3e:44:46:f7:04:2b:
         19:2e:69:5b:a4:5e:f5:22:85:41:d1:c6:39:3b:96:35:df:a1:
         c6:b2:0d:a6:8f:29:a0:b8:ab:18:13:fe:68:c8:fc:4e:1c:09:
         4f:78:65:8e:ac:82:ca:f4:ad:06:22:94:e2:43:aa:57:63:25:
         ad:3d:7d:eb:2d:6a:8e:2e:7f:a2:f8:97:2f:5d:b1:0a:33:76:
         f6:4d:40:04:48:2d:55:c6:52:c5:b4:6a:30:4d:97:bb:26:35:
         41:0b:9a:11:74:a3:27:46:2c:09:cd:0f:03:11:42:12:48:1c:
         1b:d1:ff:40:b3:17:1d:16:ba:53:42:d5:04:95:22:2f:e6:f5:
         3c:d4:ef:90:9f:4b:e2:07:f5:d4:06:fe:62:47:21:71:42:73:
         db:4d:6f:e6:44:10:ff:35:fa:15:3b:4f:cc:73:13:d1:fa:14:
         89:4f:6c:42:bb:7f:03:ab:8a:f2:7b:1c:3f:c2:6e:88:d5:08:
         c4:24:a0:5e:2c:b3:9e:cb:3d:5d:94:f1:81:41:1f:b0:bb:4e:
         1a:dc:d8:3b:bc:e3:6e:88:27:58:93:aa:4b:ec:f7:5c:56:f8:
         c2:75:24:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QL/svK7sxmUrL/nDB4PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMzM1ZDhmYmEyYmM3MzM5ODM5NWZiZGQzZTBkNmYzZmYz
ZDFiNjQwHhcNMjYwMzI5MTEwMDM3WhcNMjYwMzMwMTEwMDM3WjAzMTEwLwYDVQQD
Eyg3YjkxNTZjZjI1ZmE4NmZmYTUzYzMzY2MzMTcxMmM3NTQ4YjRiODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIGaKxTtPIjBf8TPaEJxSmxJzEiI
IjXBFSYMs/yNl2d4xGWNH9zj/rs7aqHKfx28H306s/+kqVI9TAFWHghd9h1XVu7G
aLTKv+zisRKeoLEGSm2/qzXFXacOf6u7g4iKXsDTHMJpZt35Yy/EQZHZRCOb+l2T
2CgI7RPK/Fw9n0V5z8qO/FRD1A1QpqO1c23k6i/1OMuQBORo3s8aDSuPxkW/q1gy
VG0VNtXoNbyyn1UC1TqgWcBL50fQCdXai1wYCQTrkXUKsvYbQydMl+v6sSynIpbI
HNjHTqGDdGTyzLg4uvEnoQJ07ZvjjPZ9xuWwvQm0/lzCz1ydFUG15mO3gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHuRVs8l+ob/pTwzzDFxLHVItLiaMB8GA1UdIwQY
MBaAFFEzXY+6K8czmDlfvdPg1vP/PRtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUt
YmZhOTY5ZTU2N2IxLzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUtYmZhOTY5ZTU2N2Ix
LzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVMjPOEfR
Sgu+II2otOg3eizNRhcs5tPfNMTcARCJPkRG9wQrGS5pW6Re9SKFQdHGOTuWNd+h
xrINpo8poLirGBP+aMj8ThwJT3hljqyCyvStBiKU4kOqV2MlrT196y1qji5/oviX
L12xCjN29k1ABEgtVcZSxbRqME2XuyY1QQuaEXSjJ0YsCc0PAxFCEkgcG9H/QLMX
HRa6U0LVBJUiL+b1PNTvkJ9L4gf11Ab+YkchcUJz201v5kQQ/zX6FTtPzHMT0foU
iU9sQrt/A6uK8nscP8JuiNUIxCSgXiyznss9XZTxgUEfsLtOGtzYO7zjbognWJOq
S+z3XFb4wnUkyQ==
-----END CERTIFICATE-----