Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
File:                     UNlf0yarPwj3bczGVrs-Hia03Fc.mft (raw, json)
Hash identifier:          xrISVUy26B28YApo34xLK3f4nzOPBYlMgAZFIADcsuA=
Subject key identifier:   36:C7:F7:ED:00:4B:67:00:6F:56:64:FE:98:F0:C1:F1:AA:45:05:6C
Authority key identifier: 50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57
Certificate issuer:       /CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
Certificate serial:       019D27728556CF7E6E5380EDC16956413079
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
Manifest number:          042D
Signing time:             Thu 26 Mar 2026 00:01:49 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:49 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:49 +0000
Files and hashes:         1: UNlf0yarPwj3bczGVrs-Hia03Fc.crl (hash: o0gum5FHi7Erv/VNYlNUnWv2QxZBm0yUUf++fKallVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:85:56:cf:7e:6e:53:80:ed:c1:69:56:41:30:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50d95fd326ab3f08f76dccc656bb3e1e26b4dc57
        Validity
            Not Before: Mar 26 00:01:49 2026 GMT
            Not After : Mar 27 00:01:49 2026 GMT
        Subject: CN=36c7f7ed004b67006f5664fe98f0c1f1aa45056c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8e:b9:48:2d:ea:a6:ee:d9:24:cd:d3:54:3b:
                    54:2d:74:47:6c:16:10:60:c6:7c:99:c0:13:ab:9b:
                    66:8c:80:1f:ea:15:e2:aa:f3:60:20:0f:4c:a5:ac:
                    25:71:e2:c8:f2:f8:7d:ec:40:8b:5d:46:3e:9d:b7:
                    89:7f:48:4a:71:33:3a:a1:4f:e5:e2:90:93:45:14:
                    9c:19:1f:25:7c:c6:5d:96:2a:ce:76:97:48:3e:33:
                    04:6c:8d:c9:34:7b:8f:9e:4c:31:26:d6:08:5c:ba:
                    f1:d7:1e:48:cf:e2:91:3a:cb:9c:76:75:34:3f:be:
                    1e:34:00:b4:68:ac:ce:7a:74:c2:80:81:7b:0b:6c:
                    ba:2d:bf:5c:d2:03:3a:79:da:0a:01:40:fc:36:3e:
                    0b:28:98:67:e2:b3:24:28:a3:87:41:0c:db:85:6b:
                    69:c6:ad:e2:88:82:b9:00:f8:e8:f1:16:5f:73:40:
                    9c:81:96:e7:4f:38:3d:d3:26:89:74:b1:89:7d:4e:
                    10:13:da:43:75:5b:0f:31:25:01:79:ad:62:34:ee:
                    e4:5c:53:9a:d5:22:a6:39:7d:9a:10:bb:d2:99:c8:
                    b7:ea:d5:b3:41:db:63:e7:a4:1a:0a:59:5b:77:e8:
                    fe:7f:27:97:09:a5:79:8f:ed:62:4d:a3:50:70:24:
                    3f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:C7:F7:ED:00:4B:67:00:6F:56:64:FE:98:F0:C1:F1:AA:45:05:6C
            X509v3 Authority Key Identifier:
                keyid:50:D9:5F:D3:26:AB:3F:08:F7:6D:CC:C6:56:BB:3E:1E:26:B4:DC:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNlf0yarPwj3bczGVrs-Hia03Fc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e6ccc7-d1e5-4f07-8dab-506a4934cad5/1/UNlf0yarPwj3bczGVrs-Hia03Fc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:67:21:b8:4d:c2:8c:93:c4:28:6f:13:6a:d2:21:41:fd:e2:
         73:01:ef:0c:59:f9:37:e6:08:69:41:8e:ea:35:9f:3f:94:cb:
         bb:89:af:38:b4:34:38:97:aa:e9:08:07:2f:96:92:ea:6a:b8:
         d9:3a:23:ed:95:da:0e:f2:f4:59:45:74:08:6a:5d:cb:19:89:
         5b:92:a8:d6:1a:e9:cf:88:b7:27:a7:d1:ef:29:4d:54:c1:ac:
         17:ff:f9:c3:bd:c4:67:2b:23:df:d0:bb:7f:d9:35:0f:d2:0b:
         3d:28:5e:1c:2f:c1:15:7d:9d:83:31:30:c7:05:95:fa:f9:19:
         50:f1:4e:54:b8:7d:77:02:dd:fb:7e:ab:1d:f4:0c:04:7d:f4:
         ae:b5:c2:b6:cc:9a:04:57:e4:47:8e:b9:e5:17:a2:77:9a:29:
         69:e1:de:50:31:9f:10:78:51:35:50:97:19:73:32:fc:26:81:
         30:12:4f:8f:60:4e:2f:1f:1e:1d:5f:62:57:e0:d8:05:5f:07:
         22:6e:88:b3:d3:5e:1f:03:4c:22:19:9a:f1:e3:09:34:bd:8a:
         0c:bb:71:99:1c:f5:98:1a:51:69:9f:e0:9b:b1:ae:3b:cf:3d:
         52:31:c4:f9:06:64:0f:94:5b:f1:87:42:93:cd:2a:00:f9:aa:
         9d:e8:5c:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncoVWz35uU4DtwWlWQTB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDk1ZmQzMjZhYjNmMDhmNzZkY2NjNjU2YmIzZTFlMjZi
NGRjNTcwHhcNMjYwMzI2MDAwMTQ5WhcNMjYwMzI3MDAwMTQ5WjAzMTEwLwYDVQQD
EygzNmM3ZjdlZDAwNGI2NzAwNmY1NjY0ZmU5OGYwYzFmMWFhNDUwNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI65SC3qpu7ZJM3TVDtULXRHbBYQ
YMZ8mcATq5tmjIAf6hXiqvNgIA9MpawlceLI8vh97ECLXUY+nbeJf0hKcTM6oU/l
4pCTRRScGR8lfMZdlirOdpdIPjMEbI3JNHuPnkwxJtYIXLrx1x5Iz+KROsucdnU0
P74eNAC0aKzOenTCgIF7C2y6Lb9c0gM6edoKAUD8Nj4LKJhn4rMkKKOHQQzbhWtp
xq3iiIK5APjo8RZfc0CcgZbnTzg90yaJdLGJfU4QE9pDdVsPMSUBea1iNO7kXFOa
1SKmOX2aELvSmci36tWzQdtj56QaCllbd+j+fyeXCaV5j+1iTaNQcCQ/dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbH9+0AS2cAb1Zk/pjwwfGqRQVsMB8GA1UdIwQY
MBaAFFDZX9Mmqz8I923Mxla7Ph4mtNxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWIt
NTA2YTQ5MzRjYWQ1LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNmNjYzctZDFlNS00ZjA3LThkYWItNTA2YTQ5MzRjYWQ1
LzEvVU5sZjB5YXJQd2ozYmN6R1Zycy1IaWEwM0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWchuE3C
jJPEKG8TatIhQf3icwHvDFn5N+YIaUGO6jWfP5TLu4mvOLQ0OJeq6QgHL5aS6mq4
2Toj7ZXaDvL0WUV0CGpdyxmJW5Ko1hrpz4i3J6fR7ylNVMGsF//5w73EZysj39C7
f9k1D9ILPSheHC/BFX2dgzEwxwWV+vkZUPFOVLh9dwLd+36rHfQMBH30rrXCtsya
BFfkR4655Reid5opaeHeUDGfEHhRNVCXGXMy/CaBMBJPj2BOLx8eHV9iV+DYBV8H
Im6Is9NeHwNMIhma8eMJNL2KDLtxmRz1mBpRaZ/gm7GuO889UjHE+QZkD5Rb8YdC
k80qAPmqnehcTQ==
-----END CERTIFICATE-----