Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
File:                     ucN059N57ajbliAKTu_lvBwok58.mft (raw, json)
Hash identifier:          lH1p+cVcil0WObfNgpnnptAGjc6exnQ3LWnpofYHJlQ=
Subject key identifier:   AD:7B:F7:41:50:A9:36:E9:EE:FF:0F:1E:5A:C0:6B:D3:44:F5:05:BD
Authority key identifier: B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F
Certificate issuer:       /CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
Certificate serial:       019D2704C05262E723B19B1644ABC7FE03C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
Manifest number:          0F3D
Signing time:             Wed 25 Mar 2026 22:01:55 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:55 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:55 +0000
Files and hashes:         1: ucN059N57ajbliAKTu_lvBwok58.crl (hash: VaYtD9O7YKJ2zJXMZUn9a//WmZopw7pNvJ1hP1YGrDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:c0:52:62:e7:23:b1:9b:16:44:ab:c7:fe:03:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9c374e7d379eda8db96200a4eefe5bc1c28939f
        Validity
            Not Before: Mar 25 22:01:55 2026 GMT
            Not After : Mar 26 22:01:55 2026 GMT
        Subject: CN=ad7bf74150a936e9eeff0f1e5ac06bd344f505bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:8a:5b:16:35:0e:71:c8:1e:95:fd:c3:a0:44:
                    53:12:c5:ab:82:36:a3:0e:41:7f:a4:38:22:72:9c:
                    c9:ee:e5:bb:20:66:bb:c0:e6:d8:db:d3:b5:a6:d3:
                    cb:22:16:8f:d8:3d:89:0f:5c:a5:0a:c4:b9:d8:d2:
                    70:06:ad:53:8d:ea:3c:cf:2b:49:47:de:82:dd:db:
                    fc:60:b0:50:1b:18:2f:70:7d:ba:7f:60:14:c4:78:
                    38:7f:9e:5b:6c:ef:dc:44:fc:2a:ab:76:dc:73:ab:
                    16:75:83:5f:bd:49:09:45:e6:ee:99:19:77:b7:18:
                    b8:b0:ef:28:58:b8:1f:4a:67:d5:84:59:d7:02:8f:
                    eb:88:6b:a6:ae:87:8d:04:8d:50:4b:a4:5b:d6:d2:
                    14:75:22:34:2c:44:54:ea:55:84:50:29:5e:65:be:
                    57:3f:b5:77:db:09:5b:d2:9e:38:6a:96:7b:bc:a7:
                    f7:f7:21:4f:f9:7d:97:3f:b1:d9:02:36:73:73:ec:
                    da:ab:6e:fe:79:c8:f1:af:bd:f0:05:f4:7d:85:9f:
                    68:e1:39:51:85:3d:6b:0a:10:ab:0d:27:af:ca:24:
                    b1:e5:b8:8b:3e:b3:af:a3:b1:a7:a7:43:31:e0:8b:
                    b1:19:a8:e0:6a:ed:42:c2:14:d1:e9:09:50:6e:97:
                    f1:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:7B:F7:41:50:A9:36:E9:EE:FF:0F:1E:5A:C0:6B:D3:44:F5:05:BD
            X509v3 Authority Key Identifier:
                keyid:B9:C3:74:E7:D3:79:ED:A8:DB:96:20:0A:4E:EF:E5:BC:1C:28:93:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucN059N57ajbliAKTu_lvBwok58.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/7a53ec-56d7-45cd-bab8-b32adf61ab47/1/ucN059N57ajbliAKTu_lvBwok58.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:53:2c:55:77:96:91:35:31:98:dc:56:39:d5:5b:df:88:9d:
         3c:b1:59:08:37:de:9f:c4:88:de:4f:b7:45:3d:94:a6:f9:48:
         37:b9:e5:5b:34:1f:40:70:e3:d2:80:79:e4:9c:74:00:8b:6f:
         a3:8c:1f:97:06:5b:a6:57:74:10:fe:97:69:f2:91:dc:32:77:
         fb:09:83:76:4b:b5:36:96:e7:77:6e:d9:f9:b7:c6:1d:06:6b:
         fa:7d:f6:f9:dc:87:e5:54:d3:55:08:74:a9:0b:a2:a4:12:ba:
         7c:24:43:93:91:2c:48:2a:77:9e:a0:a8:e6:57:b3:f5:05:d8:
         32:86:f1:b6:d4:d6:f4:77:a6:8d:85:ff:ce:c9:55:30:d3:3b:
         a3:67:25:58:c0:e8:d0:12:1e:81:8a:59:c7:f5:66:da:de:aa:
         64:78:07:15:67:69:b4:e2:6b:66:45:c5:1c:c0:db:e1:d5:27:
         a3:4b:a3:db:07:66:62:de:a9:55:90:80:8b:00:7a:ef:7c:f9:
         fd:e8:ac:b5:3f:67:8e:88:35:de:39:25:03:71:3a:e0:a6:0e:
         a0:77:e1:7f:dd:ae:e6:8e:cc:48:32:70:7d:a9:20:a9:90:08:
         9c:25:42:45:16:bb:0c:6c:bb:40:b1:c4:98:87:ed:e8:9a:fe:
         0d:39:89:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBMBSYucjsZsWRKvH/gPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YzM3NGU3ZDM3OWVkYThkYjk2MjAwYTRlZWZlNWJjMWMy
ODkzOWYwHhcNMjYwMzI1MjIwMTU1WhcNMjYwMzI2MjIwMTU1WjAzMTEwLwYDVQQD
EyhhZDdiZjc0MTUwYTkzNmU5ZWVmZjBmMWU1YWMwNmJkMzQ0ZjUwNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmopbFjUOccgelf3DoERTEsWrgjaj
DkF/pDgicpzJ7uW7IGa7wObY29O1ptPLIhaP2D2JD1ylCsS52NJwBq1Tjeo8zytJ
R96C3dv8YLBQGxgvcH26f2AUxHg4f55bbO/cRPwqq3bcc6sWdYNfvUkJRebumRl3
txi4sO8oWLgfSmfVhFnXAo/riGumroeNBI1QS6Rb1tIUdSI0LERU6lWEUCleZb5X
P7V32wlb0p44apZ7vKf39yFP+X2XP7HZAjZzc+zaq27+ecjxr73wBfR9hZ9o4TlR
hT1rChCrDSevyiSx5biLPrOvo7Gnp0Mx4IuxGajgau1CwhTR6QlQbpfxsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1790FQqTbp7v8PHlrAa9NE9QW9MB8GA1UdIwQY
MBaAFLnDdOfTee2o25YgCk7v5bwcKJOfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgt
YjMyYWRmNjFhYjQ3LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83YTUzZWMtNTZkNy00NWNkLWJhYjgtYjMyYWRmNjFhYjQ3
LzEvdWNOMDU5TjU3YWpibGlBS1R1X2x2QndvazU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc1MsVXeW
kTUxmNxWOdVb34idPLFZCDfen8SI3k+3RT2UpvlIN7nlWzQfQHDj0oB55Jx0AItv
o4wflwZbpld0EP6XafKR3DJ3+wmDdku1Npbnd27Z+bfGHQZr+n32+dyH5VTTVQh0
qQuipBK6fCRDk5EsSCp3nqCo5lez9QXYMobxttTW9HemjYX/zslVMNM7o2clWMDo
0BIegYpZx/Vm2t6qZHgHFWdptOJrZkXFHMDb4dUno0uj2wdmYt6pVZCAiwB673z5
/eistT9njog13jklA3E64KYOoHfhf92u5o7MSDJwfakgqZAInCVCRRa7DGy7QLHE
mIft6Jr+DTmJ6Q==
-----END CERTIFICATE-----