Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
File:                     0wUa-GYelCUtF1k103l-nsos2Aw.mft (raw, json)
Hash identifier:          CZGaD/HYwLt4+kUs0h4iLTqcxdhh2ecxrR5bBqvG5UU=
Subject key identifier:   AE:4F:AD:47:E2:77:0F:24:85:76:07:37:15:54:D8:DB:AA:1D:80:ED
Authority key identifier: D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C
Certificate issuer:       /CN=d3051af8661e94252d175935d3797e9eca2cd80c
Certificate serial:       019E1CB47152B6FE7CE979781434EDE3FE8F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
Manifest number:          126D
Signing time:             Tue 12 May 2026 15:00:47 +0000
Manifest this update:     Tue 12 May 2026 15:00:47 +0000
Manifest next update:     Wed 13 May 2026 15:00:47 +0000
Files and hashes:         1: 0wUa-GYelCUtF1k103l-nsos2Aw.crl (hash: U8d9UnfK2ZCu7EHD1hb39Jf7/vT4JyCbQ3aKtBOjkms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:b4:71:52:b6:fe:7c:e9:79:78:14:34:ed:e3:fe:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3051af8661e94252d175935d3797e9eca2cd80c
        Validity
            Not Before: May 12 15:00:47 2026 GMT
            Not After : May 13 15:00:47 2026 GMT
        Subject: CN=ae4fad47e2770f24857607371554d8dbaa1d80ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:69:9c:b8:92:e6:b2:f0:49:07:f2:6b:a9:95:
                    d6:b6:04:55:28:10:69:fe:16:97:cc:5a:b3:3c:25:
                    75:54:3e:5b:d6:45:ec:b0:75:c0:12:7e:af:ef:fd:
                    5e:84:df:34:55:35:91:2b:22:01:f5:6e:f6:fc:12:
                    e9:d6:1f:28:9c:0d:3e:8a:0e:3f:10:23:ab:d7:e0:
                    39:56:c3:c9:5f:ad:2b:8c:22:f6:2c:99:54:9b:df:
                    0f:04:22:22:b9:96:5c:2c:c8:5a:c3:1f:c6:5b:45:
                    87:fa:a4:8b:46:27:bb:f8:d5:0a:7f:f6:59:22:7a:
                    59:b2:96:ce:c2:d9:2b:eb:d2:cf:54:e6:f4:db:6f:
                    ee:2b:b6:9c:0e:17:c1:b7:2e:26:6c:dc:6e:dd:4c:
                    fc:06:c3:e5:3c:c8:3e:ac:27:f5:a5:5c:a9:d0:86:
                    a7:da:d7:4e:6b:04:80:1a:84:aa:6d:47:bb:b5:1c:
                    4e:3d:07:13:3b:56:c0:d8:b2:0b:1b:7b:ec:d3:d1:
                    05:ed:b0:e8:b1:b6:e0:56:5b:73:1a:70:5e:06:71:
                    3d:43:dc:36:ff:b9:69:92:bf:49:57:1a:71:72:69:
                    4f:5f:ce:96:6b:30:67:f3:3c:58:15:7a:18:7d:1d:
                    23:9e:73:06:b7:1f:9b:b0:be:d2:3a:54:58:5c:9e:
                    70:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4F:AD:47:E2:77:0F:24:85:76:07:37:15:54:D8:DB:AA:1D:80:ED
            X509v3 Authority Key Identifier:
                keyid:D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:e0:98:b8:61:f5:72:31:5f:eb:a5:ee:e1:4c:05:af:91:f9:
         1e:d6:d0:30:95:f6:18:dd:1d:bb:4a:e5:8e:b8:41:78:dc:13:
         b0:bc:21:00:4f:31:a8:c7:e5:d1:59:7a:6f:41:25:57:9a:f3:
         b7:2b:35:ee:24:6d:f6:c4:ce:6b:e6:4c:89:12:7a:5f:2e:83:
         3b:48:ec:db:91:9b:1a:5b:a0:7b:75:9e:a4:b0:b1:f0:35:87:
         41:c5:46:ed:e9:ea:8a:eb:68:e0:46:3e:a1:62:27:1a:d6:15:
         17:61:51:e8:07:67:64:53:96:e4:70:41:fc:70:44:40:40:80:
         24:ab:95:11:39:74:3f:26:85:b0:36:bd:16:24:0d:34:45:2f:
         8e:76:f0:ac:ef:76:1a:12:94:bd:29:56:fc:8b:53:2c:83:7b:
         b5:07:9d:23:66:6b:b7:68:74:53:5e:23:c0:76:ae:3e:35:17:
         c4:53:9d:91:b2:fb:11:09:c8:8f:b4:c1:17:59:da:a5:36:e1:
         71:44:71:4f:d6:6b:c3:42:c8:f4:38:de:bb:19:6a:ce:30:ff:
         b6:1b:7c:10:86:58:58:21:f4:34:d7:ea:6c:44:ac:f3:1c:9b:
         ef:49:7a:ac:f5:aa:a3:85:e0:8b:f6:da:e3:58:cc:b2:e2:f7:
         5a:f0:41:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ctHFStv586Xl4FDTt4/6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDUxYWY4NjYxZTk0MjUyZDE3NTkzNWQzNzk3ZTllY2Ey
Y2Q4MGMwHhcNMjYwNTEyMTUwMDQ3WhcNMjYwNTEzMTUwMDQ3WjAzMTEwLwYDVQQD
EyhhZTRmYWQ0N2UyNzcwZjI0ODU3NjA3MzcxNTU0ZDhkYmFhMWQ4MGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GmcuJLmsvBJB/JrqZXWtgRVKBBp
/haXzFqzPCV1VD5b1kXssHXAEn6v7/1ehN80VTWRKyIB9W72/BLp1h8onA0+ig4/
ECOr1+A5VsPJX60rjCL2LJlUm98PBCIiuZZcLMhawx/GW0WH+qSLRie7+NUKf/ZZ
InpZspbOwtkr69LPVOb022/uK7acDhfBty4mbNxu3Uz8BsPlPMg+rCf1pVyp0Ian
2tdOawSAGoSqbUe7tRxOPQcTO1bA2LILG3vs09EF7bDosbbgVltzGnBeBnE9Q9w2
/7lpkr9JVxpxcmlPX86WazBn8zxYFXoYfR0jnnMGtx+bsL7SOlRYXJ5wtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5PrUfidw8khXYHNxVU2NuqHYDtMB8GA1UdIwQY
MBaAFNMFGvhmHpQlLRdZNdN5fp7KLNgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEt
YzI2YzNlMjNiYWY2LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEtYzI2YzNlMjNiYWY2
LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw+CYuGH1
cjFf66Xu4UwFr5H5HtbQMJX2GN0du0rljrhBeNwTsLwhAE8xqMfl0Vl6b0ElV5rz
tys17iRt9sTOa+ZMiRJ6Xy6DO0js25GbGluge3WepLCx8DWHQcVG7enqiuto4EY+
oWInGtYVF2FR6AdnZFOW5HBB/HBEQECAJKuVETl0PyaFsDa9FiQNNEUvjnbwrO92
GhKUvSlW/ItTLIN7tQedI2Zrt2h0U14jwHauPjUXxFOdkbL7EQnIj7TBF1napTbh
cURxT9Zrw0LI9DjeuxlqzjD/tht8EIZYWCH0NNfqbESs8xyb70l6rPWqo4Xgi/ba
41jMsuL3WvBBnw==
-----END CERTIFICATE-----