Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          7bfSySJO/1hAJ3evqPDheWowDMLOhfO5vTQIjtew78U=
Subject key identifier:   6E:9A:99:38:09:D6:7B:B7:8A:86:97:BF:97:F7:2C:D6:97:91:3E:C8
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       019D2884698F295B8CADFF64A923033E5964
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          05DB
Signing time:             Thu 26 Mar 2026 05:00:59 +0000
Manifest this update:     Thu 26 Mar 2026 05:00:59 +0000
Manifest next update:     Fri 27 Mar 2026 05:00:59 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: E6D1zMkZEg3+fUK7oFqteaurM6pWVx81LUpR/oCXn3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:84:69:8f:29:5b:8c:ad:ff:64:a9:23:03:3e:59:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Mar 26 05:00:59 2026 GMT
            Not After : Mar 27 05:00:59 2026 GMT
        Subject: CN=6e9a993809d67bb78a8697bf97f72cd697913ec8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b3:20:a7:03:83:72:71:de:04:f2:52:af:17:
                    96:c5:cc:d2:07:b5:3e:8c:a0:d5:34:ed:39:64:1c:
                    de:63:e3:5d:56:11:19:34:d4:eb:08:70:87:b2:2d:
                    af:f0:3e:6d:96:e6:98:35:cb:b1:3c:66:14:0f:95:
                    a8:22:30:f3:04:cf:48:5a:bd:63:4a:ea:4c:75:0d:
                    e9:c5:83:f0:48:0c:ad:aa:39:93:72:82:31:df:7c:
                    6e:88:39:48:bc:50:e6:fc:f6:4b:e6:5d:3a:eb:97:
                    5b:af:fc:c4:71:8f:eb:b5:30:41:2b:0a:25:28:b2:
                    f8:48:e1:9e:80:71:41:a2:e2:3a:4c:c6:24:19:c5:
                    e1:f3:fe:7e:6a:63:86:92:ee:33:51:03:55:29:e0:
                    84:f8:ce:2c:9b:fb:a3:60:81:71:b8:c2:39:08:f5:
                    7a:c7:a3:4d:a1:3d:53:a4:a9:cd:93:c9:0b:a5:d8:
                    04:af:a5:f3:d6:5e:5e:40:cc:f1:87:fa:92:57:54:
                    4c:63:71:2a:db:7f:4d:fc:30:9f:16:09:19:67:0e:
                    8b:db:7d:93:73:f4:1e:41:d0:c1:0a:b5:f0:cf:0c:
                    31:90:32:67:19:5e:b5:9f:95:a9:49:81:5d:42:0b:
                    d9:62:bb:38:c7:c6:af:c5:a0:16:df:4f:59:37:c9:
                    f5:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:9A:99:38:09:D6:7B:B7:8A:86:97:BF:97:F7:2C:D6:97:91:3E:C8
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:6a:27:d2:3f:e2:4b:e5:09:d0:a0:ed:a8:6f:15:87:00:65:
         05:5a:5b:15:cf:f3:a9:66:4d:b9:38:09:5c:cd:a2:5d:a0:a2:
         b9:92:df:e8:d2:ab:6e:f6:0b:87:74:30:db:92:35:b8:ac:4d:
         29:e4:c3:45:14:78:3e:a4:11:ca:0e:cb:8c:8a:7c:ba:f7:7f:
         8e:14:e4:02:d1:8f:82:f4:b8:46:76:69:d5:65:fb:5b:fe:73:
         bf:c4:36:ee:14:88:0b:23:20:7f:24:4f:51:18:52:80:37:55:
         e9:7b:f2:cc:ff:1e:63:b6:76:8b:d0:db:fb:d7:84:7c:ff:95:
         91:6c:4e:87:41:2c:9f:d2:b1:d7:ec:8d:b0:47:2d:97:fb:6e:
         c9:b8:7d:9c:49:d5:de:6d:de:49:91:69:49:ca:60:01:3d:33:
         6e:ae:fe:6e:73:f7:29:03:d4:fa:16:99:96:e8:06:ed:3c:c3:
         db:f4:cb:cb:f5:9a:3c:4c:f4:35:c9:5a:8d:45:42:2e:16:16:
         39:78:4f:ea:f6:30:2d:09:68:3f:80:17:1a:ca:31:9e:c3:de:
         d6:eb:a6:d8:11:79:6f:c6:a6:18:9f:d0:e9:5a:72:a7:7c:5f:
         e0:0f:d7:98:c9:9a:1e:a4:1a:66:46:f0:27:0a:0a:57:be:81:
         fa:eb:b6:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ohGmPKVuMrf9kqSMDPllkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjYwMzI2MDUwMDU5WhcNMjYwMzI3MDUwMDU5WjAzMTEwLwYDVQQD
Eyg2ZTlhOTkzODA5ZDY3YmI3OGE4Njk3YmY5N2Y3MmNkNjk3OTEzZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLMgpwODcnHeBPJSrxeWxczSB7U+
jKDVNO05ZBzeY+NdVhEZNNTrCHCHsi2v8D5tluaYNcuxPGYUD5WoIjDzBM9IWr1j
SupMdQ3pxYPwSAytqjmTcoIx33xuiDlIvFDm/PZL5l0665dbr/zEcY/rtTBBKwol
KLL4SOGegHFBouI6TMYkGcXh8/5+amOGku4zUQNVKeCE+M4sm/ujYIFxuMI5CPV6
x6NNoT1TpKnNk8kLpdgEr6Xz1l5eQMzxh/qSV1RMY3Eq239N/DCfFgkZZw6L232T
c/QeQdDBCrXwzwwxkDJnGV61n5WpSYFdQgvZYrs4x8avxaAW309ZN8n1BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6amTgJ1nu3ioaXv5f3LNaXkT7IMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWon0j/i
S+UJ0KDtqG8VhwBlBVpbFc/zqWZNuTgJXM2iXaCiuZLf6NKrbvYLh3Qw25I1uKxN
KeTDRRR4PqQRyg7LjIp8uvd/jhTkAtGPgvS4RnZp1WX7W/5zv8Q27hSICyMgfyRP
URhSgDdV6XvyzP8eY7Z2i9Db+9eEfP+VkWxOh0Esn9Kx1+yNsEctl/tuybh9nEnV
3m3eSZFpScpgAT0zbq7+bnP3KQPU+haZlugG7TzD2/TLy/WaPEz0NclajUVCLhYW
OXhP6vYwLQloP4AXGsoxnsPe1uum2BF5b8amGJ/Q6Vpyp3xf4A/XmMmaHqQaZkbw
JwoKV76B+uu2/Q==
-----END CERTIFICATE-----