Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
File:                     ugpNIpkX1GVzikghtu7FvrJObuQ.mft (raw, json)
Hash identifier:          P0/rVh+Zn6e9skgUxyFAenq9lRcZtVpQKS563G9vFBc=
Subject key identifier:   8D:AE:FE:2D:FA:20:87:01:68:95:11:09:D1:17:F8:48:4D:FF:6A:D1
Authority key identifier: BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4
Certificate issuer:       /CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
Certificate serial:       019D270433C06564B3534D345D8ED129C648
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
Manifest number:          033A
Signing time:             Wed 25 Mar 2026 22:01:19 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:19 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:19 +0000
Files and hashes:         1: ugpNIpkX1GVzikghtu7FvrJObuQ.crl (hash: Q0Paa4+HJuAtaoWCIddQHmnDQL64K7l+TLag4+dhHLY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:33:c0:65:64:b3:53:4d:34:5d:8e:d1:29:c6:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba0a4d229917d465738a4821b6eec5beb24e6ee4
        Validity
            Not Before: Mar 25 22:01:19 2026 GMT
            Not After : Mar 26 22:01:19 2026 GMT
        Subject: CN=8daefe2dfa20870168951109d117f8484dff6ad1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:93:8a:69:fb:3d:ab:dd:f4:4d:71:26:9e:57:
                    bd:78:70:a1:65:76:a3:2a:ea:b9:21:e2:57:0c:53:
                    f1:19:56:12:0a:1c:9f:5d:0c:8c:00:b2:de:a7:29:
                    22:2d:a9:dd:1e:32:b2:6c:08:dd:37:d1:be:e4:8a:
                    59:11:96:80:3c:99:e3:c8:7f:f6:ef:cd:e8:14:24:
                    bd:9e:b2:b2:82:73:f5:e7:d8:02:2a:b1:db:03:6b:
                    73:f1:04:43:76:bf:fe:a1:1c:19:cd:34:5b:ce:2c:
                    22:41:16:41:54:24:27:4d:6b:01:5a:39:c5:c5:61:
                    ab:5f:f2:fb:32:b7:a7:3f:dd:18:fb:7b:8f:25:0a:
                    45:2d:d4:4c:a7:d0:cc:8c:ee:90:5a:e8:f9:8b:4b:
                    52:5c:ee:c1:b6:aa:ff:03:df:5e:f6:90:90:4a:73:
                    e4:f9:e0:f6:55:ff:ea:c7:a7:03:94:01:cd:b6:4e:
                    e9:11:e0:f0:87:33:92:b6:7f:7f:84:01:1e:9c:6f:
                    99:34:71:44:5c:da:4f:ad:fa:60:2c:4b:43:3d:51:
                    a7:3b:0a:5a:ef:75:85:ac:e9:8f:f3:f2:d9:0e:4e:
                    df:27:fe:00:8b:5b:01:0d:ae:a8:71:28:f4:98:e1:
                    ad:97:c2:07:0d:65:b7:f7:ce:68:64:5f:69:b3:53:
                    39:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:AE:FE:2D:FA:20:87:01:68:95:11:09:D1:17:F8:48:4D:FF:6A:D1
            X509v3 Authority Key Identifier:
                keyid:BA:0A:4D:22:99:17:D4:65:73:8A:48:21:B6:EE:C5:BE:B2:4E:6E:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ugpNIpkX1GVzikghtu7FvrJObuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/7815d6-d5ad-4f60-8a6d-057ad9331fa8/1/ugpNIpkX1GVzikghtu7FvrJObuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:ea:8b:98:0c:91:c1:50:36:c8:2d:23:87:1c:3b:34:e9:67:
         a7:23:e8:19:18:b8:c6:59:99:6b:73:88:e7:28:f9:2e:3d:26:
         a5:43:6a:96:9e:4b:42:dc:05:17:25:73:f6:13:5e:7f:3b:84:
         31:02:33:5c:0a:fe:15:a0:02:ff:72:bb:9d:1c:63:30:7f:b0:
         e8:f1:7b:3d:6c:80:7c:a6:69:7e:1f:1a:85:d0:65:8c:ab:b6:
         22:84:9a:14:72:2d:71:ed:85:51:fc:12:d5:9b:63:2a:b2:be:
         94:e7:09:08:3e:66:fc:f9:82:c6:01:66:80:3e:02:d0:fa:b9:
         02:ca:d1:db:aa:de:66:80:61:2a:c7:a6:6b:6c:92:28:96:4b:
         dc:4d:ba:5b:54:81:52:60:f4:68:c0:21:a4:9a:b8:8e:f5:85:
         d3:b3:69:2c:e0:7d:61:0b:bb:53:7b:aa:62:2f:a9:cd:7d:24:
         7f:6f:aa:dc:b3:da:57:12:5c:31:d9:7f:0e:96:b9:c0:5b:e5:
         c8:8c:8b:9d:c4:53:da:9e:df:c8:83:87:a1:81:3e:02:15:41:
         9a:eb:38:81:08:5a:46:20:c1:45:1f:e8:46:54:0e:79:db:73:
         00:4b:e4:74:24:4d:d1:02:38:fd:ca:c1:39:48:f7:37:b2:da:
         0c:69:5f:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDPAZWSzU000XY7RKcZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGE0ZDIyOTkxN2Q0NjU3MzhhNDgyMWI2ZWVjNWJlYjI0
ZTZlZTQwHhcNMjYwMzI1MjIwMTE5WhcNMjYwMzI2MjIwMTE5WjAzMTEwLwYDVQQD
Eyg4ZGFlZmUyZGZhMjA4NzAxNjg5NTExMDlkMTE3Zjg0ODRkZmY2YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pOKafs9q930TXEmnle9eHChZXaj
Kuq5IeJXDFPxGVYSChyfXQyMALLepykiLandHjKybAjdN9G+5IpZEZaAPJnjyH/2
783oFCS9nrKygnP159gCKrHbA2tz8QRDdr/+oRwZzTRbziwiQRZBVCQnTWsBWjnF
xWGrX/L7MrenP90Y+3uPJQpFLdRMp9DMjO6QWuj5i0tSXO7Btqr/A99e9pCQSnPk
+eD2Vf/qx6cDlAHNtk7pEeDwhzOStn9/hAEenG+ZNHFEXNpPrfpgLEtDPVGnOwpa
73WFrOmP8/LZDk7fJ/4Ai1sBDa6ocSj0mOGtl8IHDWW3985oZF9ps1M5TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI2u/i36IIcBaJURCdEX+EhN/2rRMB8GA1UdIwQY
MBaAFLoKTSKZF9Rlc4pIIbbuxb6yTm7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQt
MDU3YWQ5MzMxZmE4LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS83ODE1ZDYtZDVhZC00ZjYwLThhNmQtMDU3YWQ5MzMxZmE4
LzEvdWdwTklwa1gxR1Z6aWtnaHR1N0Z2ckpPYnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuqLmAyR
wVA2yC0jhxw7NOlnpyPoGRi4xlmZa3OI5yj5Lj0mpUNqlp5LQtwFFyVz9hNefzuE
MQIzXAr+FaAC/3K7nRxjMH+w6PF7PWyAfKZpfh8ahdBljKu2IoSaFHItce2FUfwS
1ZtjKrK+lOcJCD5m/PmCxgFmgD4C0Pq5AsrR26reZoBhKsema2ySKJZL3E26W1SB
UmD0aMAhpJq4jvWF07NpLOB9YQu7U3uqYi+pzX0kf2+q3LPaVxJcMdl/Dpa5wFvl
yIyLncRT2p7fyIOHoYE+AhVBmus4gQhaRiDBRR/oRlQOedtzAEvkdCRN0QI4/crB
OUj3N7LaDGlfxA==
-----END CERTIFICATE-----