Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
File:                     UEwHY-3Lox64nwmD3djdGIkYwu4.mft (raw, json)
Hash identifier:          NMvWcQh8IT57EJXhUkkBEdwAAU7Si8lUd9wdF1OeClE=
Subject key identifier:   C5:41:50:31:15:76:8A:13:18:E4:29:15:8D:F2:21:68:4D:EF:B0:F0
Authority key identifier: 50:4C:07:63:ED:CB:A3:1E:B8:9F:09:83:DD:D8:DD:18:89:18:C2:EE
Certificate issuer:       /CN=504c0763edcba31eb89f0983ddd8dd188918c2ee
Certificate serial:       019D27A94CA1B7883471752E7D07934004ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
Manifest number:          0BAF
Signing time:             Thu 26 Mar 2026 01:01:39 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:39 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:39 +0000
Files and hashes:         1: UEwHY-3Lox64nwmD3djdGIkYwu4.crl (hash: PTmYD69gUDWaqxqN6YY/3MIWJJJeIaaE2Ups8/usJoA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:4c:a1:b7:88:34:71:75:2e:7d:07:93:40:04:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=504c0763edcba31eb89f0983ddd8dd188918c2ee
        Validity
            Not Before: Mar 26 01:01:39 2026 GMT
            Not After : Mar 27 01:01:39 2026 GMT
        Subject: CN=c541503115768a1318e429158df221684defb0f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:40:12:39:98:2d:b6:66:ea:4b:39:7f:87:66:
                    97:b1:40:b2:c6:ef:8d:e1:08:05:f2:95:4d:66:b7:
                    08:cf:dd:5f:06:ef:76:47:df:4a:a9:61:a9:ac:cc:
                    a4:ea:0a:8c:42:4e:b4:5e:3b:f8:1d:10:69:79:fa:
                    1c:e4:eb:c4:2b:bc:f9:8a:aa:46:80:e4:b7:1a:a2:
                    f0:b1:b9:c7:c2:02:f5:7f:a8:c2:6f:b5:e6:f6:c2:
                    a8:d8:2d:dc:d1:c7:4c:bf:75:5d:47:a1:64:a2:5c:
                    1a:5b:3a:f8:90:4e:e0:cb:23:32:4c:dd:b9:6c:3c:
                    a4:ec:99:a5:e6:e8:fc:da:cd:28:4e:97:86:b1:47:
                    35:bc:7c:31:3f:b7:9d:48:a7:02:c8:e4:5e:14:9a:
                    7a:ce:be:c8:8c:b0:e3:d4:d3:27:98:2e:ba:12:51:
                    b0:b4:5d:fd:93:52:dd:f6:01:87:24:9f:71:88:bb:
                    98:60:e9:2d:8d:5f:60:79:d1:0e:e1:9f:a4:36:1e:
                    ec:0b:a9:7b:61:4e:2d:f9:c8:82:dc:7b:4e:2a:9a:
                    01:06:80:9c:16:61:5e:aa:cb:ff:79:b4:0c:f5:76:
                    d4:1d:ab:0c:48:d9:75:b7:9c:b2:7e:7a:6e:64:2a:
                    14:9a:87:13:ca:85:da:99:66:85:1c:0b:e6:f6:e6:
                    0c:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:41:50:31:15:76:8A:13:18:E4:29:15:8D:F2:21:68:4D:EF:B0:F0
            X509v3 Authority Key Identifier:
                keyid:50:4C:07:63:ED:CB:A3:1E:B8:9F:09:83:DD:D8:DD:18:89:18:C2:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UEwHY-3Lox64nwmD3djdGIkYwu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/e19a3f-05ac-4dca-a895-8662c71186c6/1/UEwHY-3Lox64nwmD3djdGIkYwu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:40:85:de:c6:74:09:ba:20:e7:23:2c:a9:41:e8:92:b8:00:
         eb:e0:69:b7:b1:82:69:1a:c0:0c:66:52:9d:41:b8:67:16:99:
         b8:18:77:e5:92:29:79:a8:32:1d:e8:c0:d3:47:7b:98:fd:73:
         a2:fe:eb:90:10:d1:b0:7e:36:47:3c:c2:20:01:c0:fb:f0:0d:
         ad:9d:5c:0f:40:c5:47:a8:2c:ba:7e:1f:46:13:4f:91:ab:e3:
         78:a9:d3:19:ef:dd:71:85:ae:c5:a8:cf:99:00:05:d3:5f:51:
         4f:7a:25:8f:ff:25:a6:cc:4e:e5:ad:01:d3:98:32:78:90:e0:
         77:fa:e2:05:f2:6b:c3:d0:80:08:6d:b9:19:35:12:8c:3f:cd:
         c1:76:5a:84:9e:03:c7:93:e3:e9:75:40:6f:63:9f:4c:7d:b7:
         dd:19:5f:ed:15:02:6c:29:16:0c:23:f2:01:ea:48:4a:ec:ff:
         91:45:75:0b:b9:b1:8b:26:c5:c3:4e:cd:1e:bd:e2:e8:a1:dd:
         87:e4:97:f8:5f:a5:b4:b7:42:5e:70:f8:64:80:7d:b3:21:9a:
         6c:77:9e:ba:66:2a:19:f2:c1:55:db:19:e8:dd:5b:22:7e:4c:
         0b:2e:de:d0:2f:a8:59:34:44:20:11:17:81:d2:29:e5:5a:c2:
         69:97:e1:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqUyht4g0cXUufQeTQATtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNGMwNzYzZWRjYmEzMWViODlmMDk4M2RkZDhkZDE4ODkx
OGMyZWUwHhcNMjYwMzI2MDEwMTM5WhcNMjYwMzI3MDEwMTM5WjAzMTEwLwYDVQQD
EyhjNTQxNTAzMTE1NzY4YTEzMThlNDI5MTU4ZGYyMjE2ODRkZWZiMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEASOZgttmbqSzl/h2aXsUCyxu+N
4QgF8pVNZrcIz91fBu92R99KqWGprMyk6gqMQk60Xjv4HRBpefoc5OvEK7z5iqpG
gOS3GqLwsbnHwgL1f6jCb7Xm9sKo2C3c0cdMv3VdR6FkolwaWzr4kE7gyyMyTN25
bDyk7Jml5uj82s0oTpeGsUc1vHwxP7edSKcCyOReFJp6zr7IjLDj1NMnmC66ElGw
tF39k1Ld9gGHJJ9xiLuYYOktjV9gedEO4Z+kNh7sC6l7YU4t+ciC3HtOKpoBBoCc
FmFeqsv/ebQM9XbUHasMSNl1t5yyfnpuZCoUmocTyoXamWaFHAvm9uYM2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVBUDEVdooTGOQpFY3yIWhN77DwMB8GA1UdIwQY
MBaAFFBMB2Pty6MeuJ8Jg93Y3RiJGMLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lMTlhM2YtMDVhYy00ZGNhLWE4OTUt
ODY2MmM3MTE4NmM2LzEvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lMTlhM2YtMDVhYy00ZGNhLWE4OTUtODY2MmM3MTE4NmM2
LzEvVUV3SFktM0xveDY0bndtRDNkamRHSWtZd3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUCF3sZ0
Cbog5yMsqUHokrgA6+Bpt7GCaRrADGZSnUG4ZxaZuBh35ZIpeagyHejA00d7mP1z
ov7rkBDRsH42RzzCIAHA+/ANrZ1cD0DFR6gsun4fRhNPkavjeKnTGe/dcYWuxajP
mQAF019RT3olj/8lpsxO5a0B05gyeJDgd/riBfJrw9CACG25GTUSjD/NwXZahJ4D
x5Pj6XVAb2OfTH233Rlf7RUCbCkWDCPyAepISuz/kUV1C7mxiybFw07NHr3i6KHd
h+SX+F+ltLdCXnD4ZIB9syGabHeeumYqGfLBVdsZ6N1bIn5MCy7e0C+oWTREIBEX
gdIp5VrCaZfhnA==
-----END CERTIFICATE-----