Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
File:                     UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json)
Hash identifier:          0JwM7heGIXRQZVrMkyOhxqFp6VaWIMz4Ua4kI45Srgo=
Subject key identifier:   14:C3:C8:CF:B7:25:C4:B8:CA:21:1A:3F:98:D6:49:2A:E6:41:BF:2E
Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64
Certificate issuer:       /CN=50da2bafc37a3988dd294c913ae5220e038db964
Certificate serial:       019D2A3B9DB82EF1D85C1F7BA5E5D77AC851
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
Manifest number:          17D4
Signing time:             Thu 26 Mar 2026 13:00:43 +0000
Manifest this update:     Thu 26 Mar 2026 13:00:43 +0000
Manifest next update:     Fri 27 Mar 2026 13:00:43 +0000
Files and hashes:         1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: Mh1fMNL6GkIB25ClQxoZ/tk7a8liCXjPQax+7jgnNyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3b:9d:b8:2e:f1:d8:5c:1f:7b:a5:e5:d7:7a:c8:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964
        Validity
            Not Before: Mar 26 13:00:43 2026 GMT
            Not After : Mar 27 13:00:43 2026 GMT
        Subject: CN=14c3c8cfb725c4b8ca211a3f98d6492ae641bf2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:95:e2:72:f9:96:3f:8c:d7:16:cc:ca:1e:41:
                    b9:b7:39:88:2a:6c:b9:c8:d3:67:42:7a:7a:14:c9:
                    fe:81:fd:39:6d:d1:27:41:a6:06:33:cd:ba:e3:cd:
                    c4:b4:4c:5e:a0:81:2a:af:af:8e:0f:d1:06:d7:1b:
                    d2:bd:c2:c9:3b:36:21:c5:b0:7f:ac:3b:1c:5c:bb:
                    6c:3a:3d:00:0e:4c:74:2d:eb:9f:cd:a1:97:f0:a0:
                    ef:15:47:50:21:08:51:4a:e7:14:34:ee:b8:80:05:
                    d8:94:51:53:8d:80:01:27:fd:a1:e1:4d:f3:31:c0:
                    21:94:5b:ba:a8:c2:b0:c4:24:b0:a4:3e:94:c8:36:
                    c6:8b:81:18:56:0d:38:0c:4a:d7:f0:2f:55:c2:72:
                    12:ce:ce:58:b3:04:bd:bf:1d:5e:4d:ea:21:0a:79:
                    72:26:de:10:b9:d9:84:07:92:6a:df:fb:d7:79:80:
                    59:28:65:ae:b1:24:0c:ad:a0:59:64:94:0e:db:cf:
                    3c:2f:30:fb:ca:75:94:da:32:84:64:69:e2:50:58:
                    f5:68:f4:37:87:51:e3:d1:58:f3:e7:d7:82:ec:25:
                    a0:95:0c:4b:14:97:d6:36:97:0e:36:38:1e:56:07:
                    1c:85:34:aa:26:e3:e7:d6:f3:27:4a:f9:2c:a8:49:
                    72:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:C3:C8:CF:B7:25:C4:B8:CA:21:1A:3F:98:D6:49:2A:E6:41:BF:2E
            X509v3 Authority Key Identifier:
                keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:a5:df:9d:27:49:19:cf:46:ce:09:e4:e1:c7:9f:c4:93:d7:
         2b:ca:48:11:1e:e7:c9:92:38:d8:d5:00:4c:25:0c:f9:67:2f:
         81:2e:7e:59:cb:e4:4b:44:3b:d8:af:43:d5:d0:6d:f4:54:f9:
         aa:34:2b:4d:85:03:79:9e:55:6a:d0:62:98:03:1a:cb:3a:8f:
         e0:e8:b7:f9:5e:27:16:ac:f3:84:f7:81:86:99:45:e9:fa:e8:
         0b:d0:2a:ab:86:91:cf:84:8b:60:a3:61:8e:25:49:99:ae:23:
         c4:c3:49:21:49:e3:6d:78:52:20:31:ad:ed:19:a4:c1:42:40:
         0c:18:c0:10:ab:ea:3c:ae:05:fa:59:45:5c:8e:02:15:f7:ad:
         3d:73:a3:e6:74:18:6d:4d:2f:ad:57:7a:41:c2:db:39:0d:c2:
         e3:68:ca:25:51:2e:7c:ff:0d:e4:8b:93:bf:e4:6c:8a:6d:fb:
         d1:5a:a9:1c:5c:ea:c2:e8:3c:08:24:c9:f6:2f:ed:39:5a:ee:
         52:78:4b:3b:91:21:41:7f:18:f0:e9:fb:fc:c4:51:b1:49:b1:
         0c:19:0f:d7:57:32:62:3c:67:dc:df:f0:b4:d9:b9:32:a8:81:
         60:40:51:73:e9:3b:83:62:2e:f6:f5:3e:14:4e:b4:b7:7e:ac:
         79:83:dc:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qO524LvHYXB97peXXeshRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4
ZGI5NjQwHhcNMjYwMzI2MTMwMDQzWhcNMjYwMzI3MTMwMDQzWjAzMTEwLwYDVQQD
EygxNGMzYzhjZmI3MjVjNGI4Y2EyMTFhM2Y5OGQ2NDkyYWU2NDFiZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZXicvmWP4zXFszKHkG5tzmIKmy5
yNNnQnp6FMn+gf05bdEnQaYGM826483EtExeoIEqr6+OD9EG1xvSvcLJOzYhxbB/
rDscXLtsOj0ADkx0LeufzaGX8KDvFUdQIQhRSucUNO64gAXYlFFTjYABJ/2h4U3z
McAhlFu6qMKwxCSwpD6UyDbGi4EYVg04DErX8C9VwnISzs5YswS9vx1eTeohCnly
Jt4QudmEB5Jq3/vXeYBZKGWusSQMraBZZJQO2888LzD7ynWU2jKEZGniUFj1aPQ3
h1Hj0Vjz59eC7CWglQxLFJfWNpcONjgeVgcchTSqJuPn1vMnSvksqEly8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTDyM+3JcS4yiEaP5jWSSrmQb8uMB8GA1UdIwQY
MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct
YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz
LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd6XfnSdJ
Gc9Gzgnk4cefxJPXK8pIER7nyZI42NUATCUM+WcvgS5+WcvkS0Q72K9D1dBt9FT5
qjQrTYUDeZ5VatBimAMayzqP4Oi3+V4nFqzzhPeBhplF6froC9Aqq4aRz4SLYKNh
jiVJma4jxMNJIUnjbXhSIDGt7RmkwUJADBjAEKvqPK4F+llFXI4CFfetPXOj5nQY
bU0vrVd6QcLbOQ3C42jKJVEufP8N5IuTv+Rsim370VqpHFzqwug8CCTJ9i/tOVru
UnhLO5EhQX8Y8On7/MRRsUmxDBkP11cyYjxn3N/wtNm5MqiBYEBRc+k7g2Iu9vU+
FE60t36seYPcEA==
-----END CERTIFICATE-----