Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          oHQNtCxFM7AlCkiBjLurI4CGIX5GGJb2MGgK44WXJ4c=
Subject key identifier:   C6:94:6E:B3:42:14:62:2C:6F:17:51:99:E1:F5:0E:DB:9D:C0:A0:8B
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       019D265F533217BDB6D6AD1233DCCD14C6B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          127E
Signing time:             Wed 25 Mar 2026 19:01:14 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:14 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:14 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: O+vjs97OFvEkLGNGHQxlLuwmAsB5f5ZLv029vyUiuYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:53:32:17:bd:b6:d6:ad:12:33:dc:cd:14:c6:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: Mar 25 19:01:14 2026 GMT
            Not After : Mar 26 19:01:14 2026 GMT
        Subject: CN=c6946eb34214622c6f175199e1f50edb9dc0a08b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3c:47:3f:85:db:62:ba:2e:38:19:8d:8c:e6:
                    64:0e:41:61:6f:05:7c:d6:7f:2c:6b:81:8b:88:f4:
                    d2:6b:c2:06:6d:44:a9:03:53:4d:1a:96:93:bc:6e:
                    ea:dc:28:18:29:00:25:65:14:90:60:23:2a:68:e7:
                    d1:1d:e6:fa:c7:8f:87:19:73:48:2f:ce:2c:34:48:
                    c2:ae:4b:9d:7a:62:bd:58:7b:0a:e1:38:b9:aa:9f:
                    1b:a0:ba:4a:de:df:da:de:9f:a0:59:95:9e:f0:21:
                    de:c6:ce:ac:3d:13:1b:59:f3:67:25:b5:a1:4e:59:
                    d3:ee:23:dd:a0:b9:d7:09:41:a9:67:a2:02:5e:77:
                    0f:47:b7:79:95:c3:a5:bc:1e:08:6e:bf:49:8a:3e:
                    2a:ee:bc:3f:c8:fa:44:14:e9:76:f1:4e:4e:d0:73:
                    60:77:7d:93:a9:9d:e6:7e:24:c0:43:da:2b:5f:3b:
                    17:2f:d3:3e:43:9f:08:0c:db:e8:c5:67:06:0b:67:
                    41:d2:87:7c:08:94:bb:78:09:3f:42:d8:c8:43:d5:
                    43:e1:53:0e:a4:a0:17:0c:02:27:14:a5:a0:e8:90:
                    ae:c3:a7:38:e4:ef:91:64:0e:cb:06:3d:4b:e8:10:
                    e7:66:30:8d:a0:60:10:3a:07:f2:ab:b3:e1:7d:a6:
                    22:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:94:6E:B3:42:14:62:2C:6F:17:51:99:E1:F5:0E:DB:9D:C0:A0:8B
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:dc:bc:5d:e8:18:45:29:28:b9:f5:21:36:5d:23:47:bb:c4:
         b5:22:b0:fa:12:3e:1f:72:53:2f:08:e7:f8:19:15:dd:e0:70:
         23:55:ef:2f:2c:c8:85:86:e1:ac:5f:6b:76:43:94:4c:5a:81:
         a9:8c:a1:db:34:eb:85:57:85:81:c0:ba:2e:e5:c0:41:02:ca:
         65:a7:c4:e7:93:ec:45:de:0a:83:c6:13:96:74:f3:b4:6b:73:
         d8:5c:aa:f5:7c:ce:7d:8c:31:06:91:e8:f6:e1:17:cd:8e:c5:
         f2:95:aa:0e:3b:5c:61:8a:bd:86:49:71:5b:1a:f1:fa:ff:2a:
         03:49:ed:f4:4d:a1:6b:cf:ad:ee:43:b9:22:3b:56:68:44:0f:
         1a:71:7a:3f:db:8f:0d:f9:4a:6f:a8:f5:76:62:69:3f:be:5d:
         9d:ad:81:01:ba:2a:cd:43:b5:c3:b7:50:08:2f:ad:df:63:24:
         af:2f:3b:b9:0e:eb:a4:9a:ab:60:47:33:ac:88:82:7c:27:99:
         7e:20:24:fe:fb:88:5e:87:00:e4:fc:ee:ef:49:18:f6:91:f0:
         3b:ca:4a:94:ca:27:8d:ab:7d:f5:a0:d6:8d:d3:82:e3:f2:89:
         bb:f4:c8:d2:39:70:f8:3d:14:2e:0f:28:4b:88:63:55:99:83:
         f1:2e:85:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX1MyF7221q0SM9zNFMa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjYwMzI1MTkwMTE0WhcNMjYwMzI2MTkwMTE0WjAzMTEwLwYDVQQD
EyhjNjk0NmViMzQyMTQ2MjJjNmYxNzUxOTllMWY1MGVkYjlkYzBhMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzxHP4XbYrouOBmNjOZkDkFhbwV8
1n8sa4GLiPTSa8IGbUSpA1NNGpaTvG7q3CgYKQAlZRSQYCMqaOfRHeb6x4+HGXNI
L84sNEjCrkudemK9WHsK4Ti5qp8boLpK3t/a3p+gWZWe8CHexs6sPRMbWfNnJbWh
TlnT7iPdoLnXCUGpZ6ICXncPR7d5lcOlvB4Ibr9Jij4q7rw/yPpEFOl28U5O0HNg
d32TqZ3mfiTAQ9orXzsXL9M+Q58IDNvoxWcGC2dB0od8CJS7eAk/QtjIQ9VD4VMO
pKAXDAInFKWg6JCuw6c45O+RZA7LBj1L6BDnZjCNoGAQOgfyq7PhfaYiqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMaUbrNCFGIsbxdRmeH1DtudwKCLMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNy8XegY
RSkoufUhNl0jR7vEtSKw+hI+H3JTLwjn+BkV3eBwI1XvLyzIhYbhrF9rdkOUTFqB
qYyh2zTrhVeFgcC6LuXAQQLKZafE55PsRd4Kg8YTlnTztGtz2Fyq9XzOfYwxBpHo
9uEXzY7F8pWqDjtcYYq9hklxWxrx+v8qA0nt9E2ha8+t7kO5IjtWaEQPGnF6P9uP
DflKb6j1dmJpP75dna2BAboqzUO1w7dQCC+t32Mkry87uQ7rpJqrYEczrIiCfCeZ
fiAk/vuIXocA5Pzu70kY9pHwO8pKlMonjat99aDWjdOC4/KJu/TI0jlw+D0ULg8o
S4hjVZmD8S6FnQ==
-----END CERTIFICATE-----