Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft
File:                     ULhDqNkbFYJOYOLNaJpvRR4lal4.mft (raw, json)
Hash identifier:          oO+NQFoZmbZ4yhevtgVAOiX6/g5MNXug9+GgPAKKKUo=
Subject key identifier:   E8:F4:0A:8A:F7:B5:17:34:61:63:3E:41:33:3E:1E:98:1F:16:F6:29
Authority key identifier: 50:B8:43:A8:D9:1B:15:82:4E:60:E2:CD:68:9A:6F:45:1E:25:6A:5E
Certificate issuer:       /CN=50b843a8d91b15824e60e2cd689a6f451e256a5e
Certificate serial:       019D288475DD1D936958658C900F89641AD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ULhDqNkbFYJOYOLNaJpvRR4lal4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft
Manifest number:          05F8
Signing time:             Thu 26 Mar 2026 05:01:02 +0000
Manifest this update:     Thu 26 Mar 2026 05:01:02 +0000
Manifest next update:     Fri 27 Mar 2026 05:01:02 +0000
Files and hashes:         1: ULhDqNkbFYJOYOLNaJpvRR4lal4.crl (hash: RZSH9cUDGYktLc4jgYD9vT5CWGq+PkDB0kAd9QIiq+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ULhDqNkbFYJOYOLNaJpvRR4lal4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 05:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:75:dd:1d:93:69:58:65:8c:90:0f:89:64:1a:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50b843a8d91b15824e60e2cd689a6f451e256a5e
        Validity
            Not Before: Mar 26 05:01:02 2026 GMT
            Not After : Mar 27 05:01:02 2026 GMT
        Subject: CN=e8f40a8af7b5173461633e41333e1e981f16f629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:d5:24:3a:88:cb:2e:10:2d:2f:f2:99:e7:22:
                    90:02:e7:8f:67:b3:b8:6c:fe:f9:49:70:47:85:31:
                    f4:72:4f:da:f0:ed:4b:90:48:10:3a:81:53:61:dd:
                    57:b4:7b:60:97:4f:8c:92:a1:ce:d4:e9:a7:63:f0:
                    be:9d:a3:54:1c:7a:5b:22:b3:c4:1d:2c:cb:89:e3:
                    f2:6e:1a:26:90:ec:c9:eb:79:05:f3:15:83:76:96:
                    29:b2:a5:3e:a3:d9:6c:3b:9a:1c:38:19:a5:32:3a:
                    98:1a:ac:22:05:b3:c6:af:13:0a:7c:78:0d:be:30:
                    10:bb:9d:87:16:aa:70:05:b7:f8:01:4c:42:c2:c9:
                    7a:5f:6a:d2:65:be:9d:70:db:c3:f5:b0:36:3d:23:
                    93:02:98:d7:c1:72:97:e4:3e:9b:d1:4e:ab:9f:22:
                    85:82:42:e5:14:4d:1d:e6:44:ef:c1:fd:cf:12:8c:
                    7e:af:a3:09:31:b2:d9:64:08:79:fb:2f:10:a2:cb:
                    27:1e:1c:7a:79:b2:f7:57:c4:f8:9b:66:b2:c1:d3:
                    44:ad:e5:7d:43:1a:90:74:66:ba:fa:c6:9d:bd:6e:
                    b1:2b:c6:41:96:38:5f:ee:58:9a:c8:44:a9:49:c5:
                    0e:ce:d6:c0:87:59:f9:10:19:57:25:d4:d3:75:5c:
                    da:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:F4:0A:8A:F7:B5:17:34:61:63:3E:41:33:3E:1E:98:1F:16:F6:29
            X509v3 Authority Key Identifier:
                keyid:50:B8:43:A8:D9:1B:15:82:4E:60:E2:CD:68:9A:6F:45:1E:25:6A:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULhDqNkbFYJOYOLNaJpvRR4lal4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/0fe7a3-6fce-42b6-8a18-251867bdc13f/1/ULhDqNkbFYJOYOLNaJpvRR4lal4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:24:a8:67:a3:ed:75:06:ef:89:58:fe:0c:27:04:9a:d2:93:
         8b:11:dd:1b:ee:b5:71:18:20:23:44:da:84:10:97:98:02:cd:
         7b:8d:7f:bc:3b:84:35:d8:26:76:75:25:04:26:7e:86:99:68:
         ad:bc:30:e8:27:62:38:b2:e5:fa:e6:19:2f:f5:a5:dc:90:a4:
         61:1c:db:d1:b2:b3:fd:d0:d3:29:68:be:aa:fd:58:2b:cb:b0:
         b7:14:10:fe:b8:da:d7:85:99:6c:39:55:20:14:4d:ea:d9:72:
         8a:49:f3:a8:14:56:16:43:3d:1f:8c:7a:13:16:7b:ac:b8:e3:
         32:0a:b2:8d:a9:6e:54:1d:06:83:17:cd:96:9b:10:06:0f:9d:
         84:05:b8:0f:ab:99:92:ec:ed:a6:70:ee:02:f9:e4:9e:f1:e0:
         3b:9e:7e:49:26:86:e1:89:c9:4c:27:35:6f:0d:5f:cd:31:c9:
         d0:b7:83:0f:cb:5f:7d:0a:1c:c3:bc:35:96:54:75:eb:48:79:
         ef:82:e5:3a:f3:5e:27:19:ca:d1:c4:10:9f:70:42:a9:b3:02:
         8c:2f:55:1b:5b:30:d6:b8:76:dc:08:47:01:64:30:dc:8e:46:
         70:29:f0:b2:55:61:3d:32:ae:d2:75:42:d3:a3:55:4a:28:78:
         c5:12:d2:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohHXdHZNpWGWMkA+JZBrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYjg0M2E4ZDkxYjE1ODI0ZTYwZTJjZDY4OWE2ZjQ1MWUy
NTZhNWUwHhcNMjYwMzI2MDUwMTAyWhcNMjYwMzI3MDUwMTAyWjAzMTEwLwYDVQQD
EyhlOGY0MGE4YWY3YjUxNzM0NjE2MzNlNDEzMzNlMWU5ODFmMTZmNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytUkOojLLhAtL/KZ5yKQAuePZ7O4
bP75SXBHhTH0ck/a8O1LkEgQOoFTYd1XtHtgl0+MkqHO1OmnY/C+naNUHHpbIrPE
HSzLiePybhomkOzJ63kF8xWDdpYpsqU+o9lsO5ocOBmlMjqYGqwiBbPGrxMKfHgN
vjAQu52HFqpwBbf4AUxCwsl6X2rSZb6dcNvD9bA2PSOTApjXwXKX5D6b0U6rnyKF
gkLlFE0d5kTvwf3PEox+r6MJMbLZZAh5+y8QossnHhx6ebL3V8T4m2aywdNEreV9
QxqQdGa6+sadvW6xK8ZBljhf7liayESpScUOztbAh1n5EBlXJdTTdVzaoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOj0Cor3tRc0YWM+QTM+HpgfFvYpMB8GA1UdIwQY
MBaAFFC4Q6jZGxWCTmDizWiab0UeJWpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxoRHFOa2JGWUpPWU9MTmFKcHZSUjRsYWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wZmU3YTMtNmZjZS00MmI2LThhMTgt
MjUxODY3YmRjMTNmLzEvVUxoRHFOa2JGWUpPWU9MTmFKcHZSUjRsYWw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wZmU3YTMtNmZjZS00MmI2LThhMTgtMjUxODY3YmRjMTNm
LzEvVUxoRHFOa2JGWUpPWU9MTmFKcHZSUjRsYWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyiSoZ6Pt
dQbviVj+DCcEmtKTixHdG+61cRggI0TahBCXmALNe41/vDuENdgmdnUlBCZ+hplo
rbww6CdiOLLl+uYZL/Wl3JCkYRzb0bKz/dDTKWi+qv1YK8uwtxQQ/rja14WZbDlV
IBRN6tlyiknzqBRWFkM9H4x6ExZ7rLjjMgqyjaluVB0GgxfNlpsQBg+dhAW4D6uZ
kuztpnDuAvnknvHgO55+SSaG4YnJTCc1bw1fzTHJ0LeDD8tffQocw7w1llR160h5
74LlOvNeJxnK0cQQn3BCqbMCjC9VG1sw1rh23AhHAWQw3I5GcCnwslVhPTKu0nVC
06NVSih4xRLS6w==
-----END CERTIFICATE-----