Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft
File:                     SPEmUDG2es3hHypnONAjRpnRgBc.mft (raw, json)
Hash identifier:          qbNoi0XuDeZluvFgTKLs4F0bm5LjPfBm5u7+Fx4mxdw=
Subject key identifier:   19:51:9D:6D:ED:C0:27:F5:5D:6F:17:29:DD:BE:79:91:B4:A9:6B:51
Authority key identifier: 48:F1:26:50:31:B6:7A:CD:E1:1F:2A:67:38:D0:23:46:99:D1:80:17
Certificate issuer:       /CN=48f1265031b67acde11f2a6738d0234699d18017
Certificate serial:       019D2703E6C861CC675A4235A96DA1F946C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SPEmUDG2es3hHypnONAjRpnRgBc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft
Manifest number:          029D
Signing time:             Wed 25 Mar 2026 22:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:00 +0000
Files and hashes:         1: SPEmUDG2es3hHypnONAjRpnRgBc.crl (hash: YAcQ0CaI6bivHwMt6/dyeENAZspgStQ4REO5DRalyT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SPEmUDG2es3hHypnONAjRpnRgBc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e6:c8:61:cc:67:5a:42:35:a9:6d:a1:f9:46:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=48f1265031b67acde11f2a6738d0234699d18017
        Validity
            Not Before: Mar 25 22:01:00 2026 GMT
            Not After : Mar 26 22:01:00 2026 GMT
        Subject: CN=19519d6dedc027f55d6f1729ddbe7991b4a96b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:d5:00:4b:8f:dc:17:3b:a7:29:35:3d:19:c5:
                    e6:ec:b1:36:ee:c3:a3:10:eb:0b:81:85:eb:8f:3a:
                    a1:c9:ac:2a:fb:5f:9b:30:b2:b2:0a:56:7e:8d:f2:
                    27:09:ca:b7:2d:3d:4f:c6:aa:0b:24:7f:c0:00:5a:
                    0e:c7:2e:64:0e:35:c5:b3:f1:b1:e3:31:15:4a:fa:
                    fc:50:f7:94:44:56:6b:bb:9f:cd:d9:35:a9:89:41:
                    6a:19:c8:14:21:ed:8e:f5:09:60:84:2f:fb:49:3c:
                    1e:8d:4f:1d:c1:e4:83:64:e2:98:f6:50:fd:08:43:
                    d9:2f:5b:83:b9:ee:c6:ac:fc:e2:a1:52:cd:71:57:
                    8e:3c:ad:f6:26:fe:9f:07:8c:5b:2b:c6:30:d2:68:
                    1c:af:ae:8c:2f:2e:6d:04:bb:16:99:5d:e1:24:b4:
                    90:ec:b7:55:90:bd:22:4d:0e:af:37:d9:fb:50:1d:
                    7d:03:7e:0a:e9:62:1d:87:7d:ee:2f:4d:93:b6:e6:
                    b7:e4:6e:1b:e2:3e:23:ac:2c:bc:86:b6:43:6b:9d:
                    b7:c4:5e:d2:d3:19:c9:37:71:b1:cd:44:1c:d3:47:
                    f2:bb:18:98:83:b1:ee:76:4d:e3:34:ef:dd:54:61:
                    e4:d5:72:b6:85:bb:f5:99:12:ad:ee:07:cc:a5:ec:
                    df:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:51:9D:6D:ED:C0:27:F5:5D:6F:17:29:DD:BE:79:91:B4:A9:6B:51
            X509v3 Authority Key Identifier:
                keyid:48:F1:26:50:31:B6:7A:CD:E1:1F:2A:67:38:D0:23:46:99:D1:80:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPEmUDG2es3hHypnONAjRpnRgBc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/30ba36-834e-4c04-a702-72ec3086f0e8/1/SPEmUDG2es3hHypnONAjRpnRgBc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:5d:63:ba:b2:c3:eb:d9:a8:ad:c1:2a:fd:6f:2f:08:61:57:
         08:8f:27:a5:0a:b5:29:33:78:65:47:0d:3f:88:2d:8f:0e:88:
         ea:48:15:ea:0a:c2:5e:31:1a:f6:65:19:28:52:2b:32:73:67:
         6a:f7:e5:1b:ed:5b:65:3f:91:46:98:49:77:9d:0a:9e:82:30:
         03:f1:c0:c1:66:14:ab:f0:86:68:b5:fd:d3:fa:44:1f:81:93:
         a9:5b:86:8d:67:fd:03:1e:ee:54:ad:d9:5c:d4:82:57:25:5d:
         39:07:c3:c4:2f:4d:37:e1:9a:1b:21:fb:a2:6c:75:6f:07:66:
         18:6d:3e:ae:9e:ee:4a:59:a1:f6:fc:ed:c5:cc:9f:b2:46:4e:
         d9:4e:48:f1:fb:bc:ad:66:d9:02:d5:7e:ed:30:02:6c:29:46:
         ba:b0:0e:9c:30:b7:af:96:1a:f0:5c:af:70:30:ca:39:ae:fb:
         9a:13:3e:ee:11:31:ca:2e:f8:b0:dc:12:18:3c:21:28:a5:7b:
         87:b8:2d:3b:0f:5f:04:77:a3:6d:80:95:06:12:c1:3e:94:d7:
         c8:87:cf:81:af:ea:a7:45:1f:97:30:f8:cd:ec:71:84:70:cf:
         bc:bf:65:ba:bd:9e:90:23:47:03:a1:2b:ed:93:53:00:d0:08:
         90:12:9d:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+bIYcxnWkI1qW2h+UbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjEyNjUwMzFiNjdhY2RlMTFmMmE2NzM4ZDAyMzQ2OTlk
MTgwMTcwHhcNMjYwMzI1MjIwMTAwWhcNMjYwMzI2MjIwMTAwWjAzMTEwLwYDVQQD
EygxOTUxOWQ2ZGVkYzAyN2Y1NWQ2ZjE3MjlkZGJlNzk5MWI0YTk2YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29UAS4/cFzunKTU9GcXm7LE27sOj
EOsLgYXrjzqhyawq+1+bMLKyClZ+jfInCcq3LT1PxqoLJH/AAFoOxy5kDjXFs/Gx
4zEVSvr8UPeURFZru5/N2TWpiUFqGcgUIe2O9QlghC/7STwejU8dweSDZOKY9lD9
CEPZL1uDue7GrPzioVLNcVeOPK32Jv6fB4xbK8Yw0mgcr66MLy5tBLsWmV3hJLSQ
7LdVkL0iTQ6vN9n7UB19A34K6WIdh33uL02Ttua35G4b4j4jrCy8hrZDa523xF7S
0xnJN3GxzUQc00fyuxiYg7Hudk3jNO/dVGHk1XK2hbv1mRKt7gfMpezfYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBlRnW3twCf1XW8XKd2+eZG0qWtRMB8GA1UdIwQY
MBaAFEjxJlAxtnrN4R8qZzjQI0aZ0YAXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BFbVVERzJlczNoSHlwbk9OQWpScG5SZ0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zMGJhMzYtODM0ZS00YzA0LWE3MDIt
NzJlYzMwODZmMGU4LzEvU1BFbVVERzJlczNoSHlwbk9OQWpScG5SZ0JjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zMGJhMzYtODM0ZS00YzA0LWE3MDItNzJlYzMwODZmMGU4
LzEvU1BFbVVERzJlczNoSHlwbk9OQWpScG5SZ0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEl1jurLD
69morcEq/W8vCGFXCI8npQq1KTN4ZUcNP4gtjw6I6kgV6grCXjEa9mUZKFIrMnNn
avflG+1bZT+RRphJd50KnoIwA/HAwWYUq/CGaLX90/pEH4GTqVuGjWf9Ax7uVK3Z
XNSCVyVdOQfDxC9NN+GaGyH7omx1bwdmGG0+rp7uSlmh9vztxcyfskZO2U5I8fu8
rWbZAtV+7TACbClGurAOnDC3r5Ya8FyvcDDKOa77mhM+7hExyi74sNwSGDwhKKV7
h7gtOw9fBHejbYCVBhLBPpTXyIfPga/qp0UflzD4zexxhHDPvL9lur2ekCNHA6Er
7ZNTANAIkBKd8g==
-----END CERTIFICATE-----