Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          xydaymS7ipFmLEjOVbRbaOnIgAki9nc12rWM94N75qQ=
Subject key identifier:   16:F4:D7:3D:58:3D:AF:B9:41:72:B1:07:1B:A2:9C:34:0F:E1:CD:98
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019D26287AC19CF0A776014E0236244E544B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          05B2
Signing time:             Wed 25 Mar 2026 18:01:20 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:20 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:20 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: w+4YhK0m3HEsTps2koYAwYo3eOTscv4De8fmZ5hqZzo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:7a:c1:9c:f0:a7:76:01:4e:02:36:24:4e:54:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Mar 25 18:01:20 2026 GMT
            Not After : Mar 26 18:01:20 2026 GMT
        Subject: CN=16f4d73d583dafb94172b1071ba29c340fe1cd98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:49:59:e5:c3:d2:90:69:fc:84:50:29:79:ff:
                    98:3b:3b:b1:a9:e9:2e:55:68:5b:8b:9e:46:f7:57:
                    77:f4:52:6d:f4:eb:47:a1:23:ce:8c:33:99:90:5a:
                    b6:d9:38:ee:a8:45:91:2b:55:f6:10:e5:d8:8d:0e:
                    07:82:42:48:1a:81:f3:79:c6:2f:21:35:b2:51:06:
                    72:12:9e:e5:fe:1b:b2:2b:a7:74:40:7b:3c:cf:2f:
                    6b:ce:65:db:69:98:86:28:60:cf:e6:6e:a2:e3:6b:
                    de:eb:c6:b5:c4:68:40:e8:eb:72:9e:24:17:5a:73:
                    e1:1d:72:1c:5f:20:f2:79:85:ea:c1:9a:fd:f8:7b:
                    a1:bf:42:13:eb:7b:16:6d:9c:a2:aa:79:7a:30:f1:
                    f2:05:c6:87:1b:f2:a9:22:45:66:ac:e6:b2:c4:5f:
                    73:7e:e8:83:fa:cd:82:01:e8:2e:17:6b:89:1a:8e:
                    7d:4e:6a:1d:d2:01:0e:f8:51:c5:6b:39:1d:86:f4:
                    ca:5e:98:10:78:f4:12:79:86:eb:55:67:89:c5:a9:
                    34:3f:7a:1d:17:a2:28:61:58:fa:1d:df:9c:74:84:
                    76:80:20:4e:2c:d2:c8:07:d9:78:f7:af:21:d0:77:
                    bb:c9:fd:4c:3c:01:eb:64:0d:c9:7c:ef:86:b9:d4:
                    62:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:F4:D7:3D:58:3D:AF:B9:41:72:B1:07:1B:A2:9C:34:0F:E1:CD:98
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:25:b6:95:a7:e9:5e:3d:a4:96:89:09:47:6d:d5:fa:76:ca:
         c0:bb:a0:58:2d:8b:d0:bf:10:01:a6:60:e4:53:81:91:bb:ee:
         c5:e3:fc:07:0c:57:2e:67:30:eb:cb:83:8a:e9:2d:62:4c:60:
         c5:c0:05:bd:1a:ec:76:46:a6:3d:b0:46:b6:29:4b:6d:24:61:
         07:6d:7d:17:1a:95:b1:3b:4e:5f:51:74:31:eb:74:ee:8c:e1:
         88:fc:2e:b2:9d:0e:a1:4f:53:9e:f7:84:e6:f3:5a:fe:ac:a9:
         70:59:b8:6b:05:79:fa:4a:b9:6e:c6:c0:a8:3c:a6:cc:89:b1:
         e9:b5:76:11:55:38:d8:91:d3:97:6d:c2:2b:eb:57:bc:33:26:
         c1:73:77:87:02:05:fd:06:cc:19:24:b6:cd:f9:ca:f5:7a:87:
         d3:30:82:da:3a:ae:bf:37:19:df:71:30:86:e9:8a:f6:bd:9e:
         74:c2:48:32:4c:ee:e8:e1:4f:a5:95:59:de:99:8b:ed:0e:19:
         f6:e5:f2:b2:bf:d0:74:61:10:f2:d7:a2:89:f5:0b:50:12:1d:
         bf:05:24:e8:1e:4f:17:58:21:08:ae:03:22:bf:5d:fb:bf:68:
         e7:f8:4c:94:94:c7:9b:83:57:c2:a2:fa:8a:09:3d:ee:96:a1:
         83:48:41:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKHrBnPCndgFOAjYkTlRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjYwMzI1MTgwMTIwWhcNMjYwMzI2MTgwMTIwWjAzMTEwLwYDVQQD
EygxNmY0ZDczZDU4M2RhZmI5NDE3MmIxMDcxYmEyOWMzNDBmZTFjZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUlZ5cPSkGn8hFApef+YOzuxqeku
VWhbi55G91d39FJt9OtHoSPOjDOZkFq22TjuqEWRK1X2EOXYjQ4HgkJIGoHzecYv
ITWyUQZyEp7l/huyK6d0QHs8zy9rzmXbaZiGKGDP5m6i42ve68a1xGhA6OtyniQX
WnPhHXIcXyDyeYXqwZr9+Huhv0IT63sWbZyiqnl6MPHyBcaHG/KpIkVmrOayxF9z
fuiD+s2CAeguF2uJGo59Tmod0gEO+FHFazkdhvTKXpgQePQSeYbrVWeJxak0P3od
F6IoYVj6Hd+cdIR2gCBOLNLIB9l4968h0He7yf1MPAHrZA3JfO+GudRiHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBb01z1YPa+5QXKxBxuinDQP4c2YMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQSW2lafp
Xj2klokJR23V+nbKwLugWC2L0L8QAaZg5FOBkbvuxeP8BwxXLmcw68uDiuktYkxg
xcAFvRrsdkamPbBGtilLbSRhB219FxqVsTtOX1F0Met07ozhiPwusp0OoU9TnveE
5vNa/qypcFm4awV5+kq5bsbAqDymzImx6bV2EVU42JHTl23CK+tXvDMmwXN3hwIF
/QbMGSS2zfnK9XqH0zCC2jquvzcZ33EwhumK9r2edMJIMkzu6OFPpZVZ3pmL7Q4Z
9uXysr/QdGEQ8teiifULUBIdvwUk6B5PF1ghCK4DIr9d+79o5/hMlJTHm4NXwqL6
igk97pahg0hBqA==
-----END CERTIFICATE-----