Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
File:                     0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json)
Hash identifier:          nKfKnuRhjF2PJaAiLykh0XOciMijVyx27VYftSQJ/mU=
Subject key identifier:   65:64:61:0E:CA:EE:8D:92:C9:FC:2D:A0:36:FB:D1:F8:BF:E3:61:2A
Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A
Certificate issuer:       /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
Certificate serial:       019D27DF9E923A9FB7F1BE7106972F77334C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
Manifest number:          1738
Signing time:             Thu 26 Mar 2026 02:00:59 +0000
Manifest this update:     Thu 26 Mar 2026 02:00:59 +0000
Manifest next update:     Fri 27 Mar 2026 02:00:59 +0000
Files and hashes:         1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: notFMPPEGSpxVQ2t2d6fMxMockLCA+vmhL66T+G1jp0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:9e:92:3a:9f:b7:f1:be:71:06:97:2f:77:33:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
        Validity
            Not Before: Mar 26 02:00:59 2026 GMT
            Not After : Mar 27 02:00:59 2026 GMT
        Subject: CN=6564610ecaee8d92c9fc2da036fbd1f8bfe3612a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:4b:6f:de:ef:24:12:16:b7:21:df:18:31:c4:
                    67:a6:52:31:dd:34:68:1c:d6:44:1c:47:6a:3b:c6:
                    5c:1c:ff:81:8e:3f:03:41:c7:cd:ae:6a:35:49:0b:
                    96:e6:32:4a:36:10:ba:c0:31:54:56:6f:e1:0c:4c:
                    2d:04:09:a7:dc:a5:33:6a:87:64:1a:c5:ae:7c:33:
                    59:df:6f:85:f1:09:12:9d:e6:aa:42:88:28:cf:48:
                    9c:22:d9:57:5f:a6:c4:97:80:03:3f:34:ec:8f:52:
                    a6:fc:03:2a:e4:40:7a:51:1d:a1:72:4e:21:17:f7:
                    00:fa:f6:dd:c3:43:1a:3c:d9:0f:aa:51:37:ca:fe:
                    dd:d3:f1:20:3c:13:b7:f7:7c:6a:2a:71:89:c1:ad:
                    fc:93:17:e1:3e:57:e9:bb:04:79:33:a1:26:c1:f3:
                    4e:9c:cd:c6:48:78:e3:d0:3e:c4:fc:2d:e4:67:9b:
                    3a:75:72:51:64:76:3a:f3:e2:a9:82:92:27:ab:62:
                    4e:42:0c:cc:87:c8:ad:0e:dd:4b:f6:89:8c:23:57:
                    80:03:6e:5b:06:01:15:42:6e:d0:b8:09:f5:1a:50:
                    77:67:99:75:7c:9e:96:a2:31:fa:c1:49:ce:1d:91:
                    d7:77:99:c4:59:3c:5c:2a:67:f7:c0:a6:ac:e6:5f:
                    fc:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:64:61:0E:CA:EE:8D:92:C9:FC:2D:A0:36:FB:D1:F8:BF:E3:61:2A
            X509v3 Authority Key Identifier:
                keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:49:65:90:df:98:2c:40:b6:ad:06:5d:5d:5e:a4:0b:e3:0d:
         1d:e9:9a:6c:2a:9a:2a:64:d2:67:99:d8:dc:32:cc:15:e2:99:
         0a:d1:47:a6:b9:40:fa:26:6f:28:cc:4d:26:fa:85:ca:eb:1c:
         3b:5a:ea:99:88:fc:9d:63:8d:36:41:4d:f6:23:92:07:bb:84:
         ce:22:09:1b:16:67:33:8f:00:d9:a2:a8:44:54:ce:22:9f:ac:
         bd:9d:2b:42:81:0b:8b:67:e5:b2:02:7a:21:b1:e6:73:79:77:
         6b:33:dc:6c:61:15:0d:3c:47:75:f9:a8:0f:14:20:22:fa:f8:
         5a:31:66:17:bc:b8:bf:04:3a:42:f6:f8:dd:48:83:14:0f:68:
         64:1b:9d:7c:44:2d:4e:db:97:a3:90:fe:93:7d:6c:2c:2a:9d:
         be:87:ee:77:50:24:fe:9b:96:4c:d0:d2:1a:dc:cc:f6:e2:79:
         ed:85:f8:cd:71:59:8d:f9:79:fe:d6:90:77:f7:94:79:3b:55:
         ca:06:ed:10:b2:02:ba:10:d8:74:da:67:df:35:03:ae:7f:fc:
         99:99:a2:70:0e:de:96:1e:7e:3d:bc:f8:df:47:6e:28:34:f0:
         c1:cb:e1:e0:49:ca:ad:39:bd:ad:94:4f:74:5b:f2:cb:98:bf:
         f6:31:16:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n356SOp+38b5xBpcvdzNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx
OWQzNWEwHhcNMjYwMzI2MDIwMDU5WhcNMjYwMzI3MDIwMDU5WjAzMTEwLwYDVQQD
Eyg2NTY0NjEwZWNhZWU4ZDkyYzlmYzJkYTAzNmZiZDFmOGJmZTM2MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Utv3u8kEha3Id8YMcRnplIx3TRo
HNZEHEdqO8ZcHP+Bjj8DQcfNrmo1SQuW5jJKNhC6wDFUVm/hDEwtBAmn3KUzaodk
GsWufDNZ32+F8QkSneaqQogoz0icItlXX6bEl4ADPzTsj1Km/AMq5EB6UR2hck4h
F/cA+vbdw0MaPNkPqlE3yv7d0/EgPBO393xqKnGJwa38kxfhPlfpuwR5M6EmwfNO
nM3GSHjj0D7E/C3kZ5s6dXJRZHY68+KpgpInq2JOQgzMh8itDt1L9omMI1eAA25b
BgEVQm7QuAn1GlB3Z5l1fJ6WojH6wUnOHZHXd5nEWTxcKmf3wKas5l/8FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVkYQ7K7o2SyfwtoDb70fi/42EqMB8GA1UdIwQY
MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt
NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm
LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEllkN+Y
LEC2rQZdXV6kC+MNHemabCqaKmTSZ5nY3DLMFeKZCtFHprlA+iZvKMxNJvqFyusc
O1rqmYj8nWONNkFN9iOSB7uEziIJGxZnM48A2aKoRFTOIp+svZ0rQoELi2flsgJ6
IbHmc3l3azPcbGEVDTxHdfmoDxQgIvr4WjFmF7y4vwQ6Qvb43UiDFA9oZBudfEQt
TtuXo5D+k31sLCqdvofud1Ak/puWTNDSGtzM9uJ57YX4zXFZjfl5/taQd/eUeTtV
ygbtELICuhDYdNpn3zUDrn/8mZmicA7elh5+Pbz430duKDTwwcvh4EnKrTm9rZRP
dFvyy5i/9jEWqw==
-----END CERTIFICATE-----