Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
File:                     UW2UBk9zhVXozjZaGVfWnnaICcQ.mft (raw, json)
Hash identifier:          I/7HdLmIHWPeXDNzgxux8N05SaruCR/nH6IuObeutf0=
Subject key identifier:   AE:86:F0:69:F9:81:10:D1:6C:B9:B5:0C:55:C7:A0:B0:63:75:23:B4
Authority key identifier: 51:6D:94:06:4F:73:85:55:E8:CE:36:5A:19:57:D6:9E:76:88:09:C4
Certificate issuer:       /CN=516d94064f738555e8ce365a1957d69e768809c4
Certificate serial:       019D27044067A26B4F14F5D669DE8603F6CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
Manifest number:          0867
Signing time:             Wed 25 Mar 2026 22:01:23 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:23 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:23 +0000
Files and hashes:         1: UW2UBk9zhVXozjZaGVfWnnaICcQ.crl (hash: ZUDDgtllV8QLshnMmkwYUFTOUJrS+lfgRdbxt3FnTYw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:40:67:a2:6b:4f:14:f5:d6:69:de:86:03:f6:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=516d94064f738555e8ce365a1957d69e768809c4
        Validity
            Not Before: Mar 25 22:01:23 2026 GMT
            Not After : Mar 26 22:01:23 2026 GMT
        Subject: CN=ae86f069f98110d16cb9b50c55c7a0b0637523b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e2:77:67:5c:42:fb:63:5f:11:45:c2:fb:2b:
                    95:4d:2b:98:2e:9d:fe:cd:01:9d:5b:d0:26:63:93:
                    d9:7c:9d:21:79:81:4d:9f:f6:46:2d:8c:8f:f9:21:
                    66:d6:b3:36:98:1c:32:dc:3f:b0:96:d5:40:c9:5a:
                    5e:e6:37:d1:6b:8c:39:91:c4:09:39:30:86:9e:a6:
                    3a:a8:10:40:24:a2:4e:63:30:a3:a8:6e:2b:d1:c0:
                    cd:1c:bd:a5:93:56:98:e8:27:3e:e5:3e:67:54:b8:
                    26:9b:70:8c:81:98:21:91:53:26:ff:a3:d5:8e:58:
                    cb:c5:c5:47:a0:50:b3:9b:db:b1:c2:02:86:74:2f:
                    75:4a:55:9d:f2:95:e2:23:6f:9f:28:2d:be:53:45:
                    28:cd:ac:94:77:ad:1b:32:0c:a2:a7:86:d4:0a:22:
                    cd:bd:fa:36:7c:98:8c:e1:fe:e4:9b:f9:5a:fb:0a:
                    c2:99:bd:ec:77:02:c4:86:30:22:30:f3:49:d3:d6:
                    27:17:38:fd:93:cf:e1:df:40:f7:57:44:e8:93:94:
                    a9:1f:96:d2:33:05:89:e2:15:fb:14:4a:37:70:3d:
                    ec:7f:86:14:09:f4:19:d7:57:b0:5f:0c:72:05:41:
                    ed:a3:bc:28:b8:f2:28:57:ef:07:d7:74:25:8b:a3:
                    ba:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:86:F0:69:F9:81:10:D1:6C:B9:B5:0C:55:C7:A0:B0:63:75:23:B4
            X509v3 Authority Key Identifier:
                keyid:51:6D:94:06:4F:73:85:55:E8:CE:36:5A:19:57:D6:9E:76:88:09:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:47:0f:f3:9e:fa:63:81:0c:69:d9:63:7a:14:c0:c0:6c:a8:
         84:63:4a:33:63:39:f9:84:ff:72:33:54:b1:ad:17:50:7c:b9:
         8d:aa:8a:31:ff:75:0a:b0:74:16:c7:84:92:c9:81:3e:d0:d8:
         71:11:7b:c1:a5:f9:87:ad:91:b0:34:0b:6d:cf:9b:32:99:64:
         84:81:a7:63:15:66:6e:7a:64:86:fc:52:9c:5a:d9:4e:15:ca:
         ea:9f:a4:83:52:f6:1b:47:8c:59:33:03:ae:0e:80:cd:49:b8:
         df:55:5f:e6:34:c4:0b:80:68:34:d3:ad:80:68:e2:ed:e5:24:
         75:64:0f:93:aa:c7:f0:62:4e:85:8a:f7:c9:9f:e7:a2:17:26:
         88:2b:9f:b3:74:77:f6:6d:3f:93:9e:59:48:a4:e7:49:44:19:
         19:b9:a3:8c:d3:15:c9:2c:42:3e:4b:f8:94:bf:a4:de:b5:04:
         2e:16:4d:46:2b:76:20:30:b5:42:3c:61:4d:b1:e9:dd:4f:2b:
         bb:75:6b:7d:00:5f:76:9e:66:4c:ee:e2:85:bf:55:6b:76:b4:
         9e:82:0c:31:97:a6:de:c0:72:7d:01:10:4f:b5:dc:7e:f6:55:
         c9:96:e7:ce:23:f0:9e:ad:11:1d:e5:10:fa:d8:11:b1:e3:f9:
         95:1c:5a:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBEBnomtPFPXWad6GA/bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNmQ5NDA2NGY3Mzg1NTVlOGNlMzY1YTE5NTdkNjllNzY4
ODA5YzQwHhcNMjYwMzI1MjIwMTIzWhcNMjYwMzI2MjIwMTIzWjAzMTEwLwYDVQQD
EyhhZTg2ZjA2OWY5ODExMGQxNmNiOWI1MGM1NWM3YTBiMDYzNzUyM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOJ3Z1xC+2NfEUXC+yuVTSuYLp3+
zQGdW9AmY5PZfJ0heYFNn/ZGLYyP+SFm1rM2mBwy3D+wltVAyVpe5jfRa4w5kcQJ
OTCGnqY6qBBAJKJOYzCjqG4r0cDNHL2lk1aY6Cc+5T5nVLgmm3CMgZghkVMm/6PV
jljLxcVHoFCzm9uxwgKGdC91SlWd8pXiI2+fKC2+U0UozayUd60bMgyip4bUCiLN
vfo2fJiM4f7km/la+wrCmb3sdwLEhjAiMPNJ09YnFzj9k8/h30D3V0Tok5SpH5bS
MwWJ4hX7FEo3cD3sf4YUCfQZ11ewXwxyBUHto7wouPIoV+8H13Qli6O6EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK6G8Gn5gRDRbLm1DFXHoLBjdSO0MB8GA1UdIwQY
MBaAFFFtlAZPc4VV6M42WhlX1p52iAnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9iODE4OTUtYzYwNS00MWUyLWIyODMt
YzA1NjVmYTg0MGQ0LzEvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9iODE4OTUtYzYwNS00MWUyLWIyODMtYzA1NjVmYTg0MGQ0
LzEvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAckcP8576
Y4EMadljehTAwGyohGNKM2M5+YT/cjNUsa0XUHy5jaqKMf91CrB0FseEksmBPtDY
cRF7waX5h62RsDQLbc+bMplkhIGnYxVmbnpkhvxSnFrZThXK6p+kg1L2G0eMWTMD
rg6AzUm431Vf5jTEC4BoNNOtgGji7eUkdWQPk6rH8GJOhYr3yZ/nohcmiCufs3R3
9m0/k55ZSKTnSUQZGbmjjNMVySxCPkv4lL+k3rUELhZNRit2IDC1QjxhTbHp3U8r
u3VrfQBfdp5mTO7ihb9Va3a0noIMMZem3sByfQEQT7XcfvZVyZbnziPwnq0RHeUQ
+tgRseP5lRxaXQ==
-----END CERTIFICATE-----