Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft
File:                     ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft (raw, json)
Hash identifier:          oOBXcvdiEQx8szQTOYalEQ3ISmDDJM0Qt80wOR8pJkc=
Subject key identifier:   DE:2E:5F:06:47:2F:6E:91:6A:50:2B:EB:53:98:59:6E:2A:16:70:54
Authority key identifier: BA:53:CA:18:E3:A0:48:D5:9F:A6:CF:59:66:7C:FD:39:A0:57:97:3E
Certificate issuer:       /CN=ba53ca18e3a048d59fa6cf59667cfd39a057973e
Certificate serial:       019D2AE12A0B4D8B4021A5F6BF47C52600C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulPKGOOgSNWfps9ZZnz9OaBXlz4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft
Manifest number:          1245
Signing time:             Thu 26 Mar 2026 16:01:32 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:32 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:32 +0000
Files and hashes:         1: ulPKGOOgSNWfps9ZZnz9OaBXlz4.crl (hash: wD8amEBsQ3bt8kRU5tRKoGGQh5Of+KCuayQS9ArvVyw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulPKGOOgSNWfps9ZZnz9OaBXlz4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e1:2a:0b:4d:8b:40:21:a5:f6:bf:47:c5:26:00:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba53ca18e3a048d59fa6cf59667cfd39a057973e
        Validity
            Not Before: Mar 26 16:01:32 2026 GMT
            Not After : Mar 27 16:01:32 2026 GMT
        Subject: CN=de2e5f06472f6e916a502beb5398596e2a167054
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:25:a0:00:8b:8c:8e:51:32:c5:cf:c9:3b:
                    ed:cd:26:c9:46:f0:af:24:84:b4:e4:f2:0f:43:d0:
                    6f:5e:38:2d:de:b0:ee:24:00:07:a4:76:dd:66:cd:
                    1c:e2:f2:9a:e2:4c:e3:b7:f0:15:13:e6:5e:eb:fe:
                    9d:c8:a3:f7:ac:3d:46:a9:b5:11:cb:14:c3:66:e7:
                    47:b5:3c:39:66:e0:47:f4:80:f5:d7:60:5a:62:92:
                    55:58:c7:9d:f2:df:7f:19:b4:4c:69:c6:96:94:68:
                    a4:27:c9:ac:1f:13:c3:90:bf:e2:81:4d:c5:5e:0f:
                    6d:81:b5:0a:4e:0e:14:79:0d:ea:2e:47:6f:04:c3:
                    6d:bf:1c:81:d1:35:19:c2:1e:8c:2b:bb:74:ca:d3:
                    52:74:da:dc:86:49:0a:68:a3:fb:38:31:b1:74:7b:
                    67:03:14:df:0f:63:6c:9b:7d:cc:01:95:3f:9c:60:
                    a0:af:b2:6e:2f:98:ad:cd:ae:b4:82:ce:72:78:47:
                    d3:ec:db:8c:85:b3:3d:d1:34:53:aa:eb:67:98:f5:
                    86:43:34:47:61:25:96:2f:51:8c:b0:ab:26:7b:1e:
                    8a:5c:f6:79:26:ba:ac:78:c0:c9:e6:3b:85:06:44:
                    61:5e:ba:90:8e:c8:86:d5:7e:4c:7f:14:b7:cc:d7:
                    a9:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:2E:5F:06:47:2F:6E:91:6A:50:2B:EB:53:98:59:6E:2A:16:70:54
            X509v3 Authority Key Identifier:
                keyid:BA:53:CA:18:E3:A0:48:D5:9F:A6:CF:59:66:7C:FD:39:A0:57:97:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulPKGOOgSNWfps9ZZnz9OaBXlz4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/688ce0-10ec-4937-9443-1b20454a2862/1/ulPKGOOgSNWfps9ZZnz9OaBXlz4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:fa:14:4c:24:c0:8d:39:5f:d3:3b:53:29:a1:a2:09:f5:4c:
         90:42:37:5a:f6:eb:77:71:6b:38:2d:94:22:57:85:5d:6b:05:
         a2:b0:e7:c7:69:0d:ed:f8:91:f8:22:a7:e2:dc:ea:30:18:bf:
         99:a7:8e:aa:3a:6b:ca:ed:0e:d0:b0:e5:09:2c:7e:bb:0b:14:
         91:43:55:36:75:c3:6f:85:9c:22:22:aa:9f:04:69:b6:bb:35:
         5f:85:68:bd:21:c9:fe:67:dd:73:0b:d0:bc:6f:2f:b4:90:25:
         f8:b1:e9:9c:c4:18:16:84:f1:8a:e6:bf:f0:64:63:0c:50:bb:
         54:41:12:27:9a:5e:98:56:4a:93:bc:ee:f8:13:1c:ce:21:66:
         28:98:16:87:04:85:7e:d4:89:28:51:c9:20:61:33:03:9c:e2:
         cb:47:cd:c2:a6:48:2b:cb:b0:55:04:a2:88:83:a3:65:d2:61:
         55:73:ac:3b:7d:8f:c0:3c:9a:6f:c5:d6:03:fe:14:7a:a2:36:
         a4:6d:f0:b4:94:8c:72:c0:e6:01:67:fe:bb:81:85:77:44:0b:
         17:15:5c:26:2e:58:7e:a2:3d:ee:1d:2d:c4:7f:f1:03:a7:63:
         b1:97:c6:59:b6:84:c9:9f:8a:f9:30:3e:87:21:f6:1f:0a:d3:
         44:70:d5:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4SoLTYtAIaX2v0fFJgDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNTNjYTE4ZTNhMDQ4ZDU5ZmE2Y2Y1OTY2N2NmZDM5YTA1
Nzk3M2UwHhcNMjYwMzI2MTYwMTMyWhcNMjYwMzI3MTYwMTMyWjAzMTEwLwYDVQQD
EyhkZTJlNWYwNjQ3MmY2ZTkxNmE1MDJiZWI1Mzk4NTk2ZTJhMTY3MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWYloACLjI5RMsXPyTvtzSbJRvCv
JIS05PIPQ9BvXjgt3rDuJAAHpHbdZs0c4vKa4kzjt/AVE+Ze6/6dyKP3rD1GqbUR
yxTDZudHtTw5ZuBH9ID112BaYpJVWMed8t9/GbRMacaWlGikJ8msHxPDkL/igU3F
Xg9tgbUKTg4UeQ3qLkdvBMNtvxyB0TUZwh6MK7t0ytNSdNrchkkKaKP7ODGxdHtn
AxTfD2Nsm33MAZU/nGCgr7JuL5itza60gs5yeEfT7NuMhbM90TRTqutnmPWGQzRH
YSWWL1GMsKsmex6KXPZ5JrqseMDJ5juFBkRhXrqQjsiG1X5MfxS3zNepXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4uXwZHL26RalAr61OYWW4qFnBUMB8GA1UdIwQY
MBaAFLpTyhjjoEjVn6bPWWZ8/TmgV5c+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWxQS0dPT2dTTldmcHM5WlpuejlPYUJYbHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82ODhjZTAtMTBlYy00OTM3LTk0NDMt
MWIyMDQ1NGEyODYyLzEvdWxQS0dPT2dTTldmcHM5WlpuejlPYUJYbHo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82ODhjZTAtMTBlYy00OTM3LTk0NDMtMWIyMDQ1NGEyODYy
LzEvdWxQS0dPT2dTTldmcHM5WlpuejlPYUJYbHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPoUTCTA
jTlf0ztTKaGiCfVMkEI3Wvbrd3FrOC2UIleFXWsForDnx2kN7fiR+CKn4tzqMBi/
maeOqjpryu0O0LDlCSx+uwsUkUNVNnXDb4WcIiKqnwRptrs1X4VovSHJ/mfdcwvQ
vG8vtJAl+LHpnMQYFoTxiua/8GRjDFC7VEESJ5pemFZKk7zu+BMcziFmKJgWhwSF
ftSJKFHJIGEzA5ziy0fNwqZIK8uwVQSiiIOjZdJhVXOsO32PwDyab8XWA/4UeqI2
pG3wtJSMcsDmAWf+u4GFd0QLFxVcJi5YfqI97h0txH/xA6djsZfGWbaEyZ+K+TA+
hyH2HwrTRHDVcQ==
-----END CERTIFICATE-----