Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
File:                     0_ULT8CViQuDHAPZliXA7lQZ01o.mft (raw, json)
Hash identifier:          fvnOt5Bbri078/Zxz3NkStovHSFRmOiK6F+2j3uS6LE=
Subject key identifier:   C7:97:40:0A:F1:14:8F:E9:12:56:04:97:50:6E:14:63:31:49:19:2D
Authority key identifier: D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A
Certificate issuer:       /CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
Certificate serial:       019E1D231703E43E513921C5D39D501C41C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
Manifest number:          17B7
Signing time:             Tue 12 May 2026 17:01:39 +0000
Manifest this update:     Tue 12 May 2026 17:01:39 +0000
Manifest next update:     Wed 13 May 2026 17:01:39 +0000
Files and hashes:         1: 0_ULT8CViQuDHAPZliXA7lQZ01o.crl (hash: rpWUdfNa5u+nXe7F/T6wf9EfLkUMajpJ4Y6J8WCBdzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:23:17:03:e4:3e:51:39:21:c5:d3:9d:50:1c:41:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3f50b4fc095890b831c03d99625c0ee5419d35a
        Validity
            Not Before: May 12 17:01:39 2026 GMT
            Not After : May 13 17:01:39 2026 GMT
        Subject: CN=c797400af1148fe912560497506e14633149192d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7e:03:46:ad:9c:3e:23:df:98:7d:91:46:31:
                    77:03:6a:be:82:46:30:4b:a6:53:48:4b:cc:07:55:
                    08:0a:b0:14:a6:c1:6a:77:68:8c:6d:e9:bb:ce:ec:
                    2c:9d:cf:d9:fb:49:20:e3:c9:d9:d1:9f:08:aa:22:
                    aa:20:94:46:d8:97:e7:4f:dc:0c:79:5d:75:a1:84:
                    94:d8:b0:fb:79:78:5c:7b:d9:ea:fb:b7:90:71:9c:
                    34:15:69:ed:e3:2d:fd:eb:0d:6f:4d:6a:ad:77:ed:
                    83:b8:a7:c8:3d:5c:46:65:20:b5:f9:3a:a6:5c:b5:
                    ac:ba:b3:0a:2d:04:7c:7f:96:d9:bb:9f:30:7e:2f:
                    e0:90:e3:f2:d4:93:3d:0f:e8:00:5d:3a:0e:b5:ca:
                    57:29:8d:8d:65:5a:4b:b2:a5:dc:39:22:27:36:96:
                    c8:1c:c6:6e:54:58:49:c6:ad:bd:0d:f9:70:43:6e:
                    5d:2d:0f:76:d3:41:0c:40:c6:0c:d1:f2:71:50:9f:
                    ff:87:28:de:82:3b:4d:88:2d:17:ff:4f:c8:4f:95:
                    4e:df:49:ff:7b:ff:32:fd:5c:47:86:02:cf:51:b8:
                    d9:37:4b:d1:f6:40:18:e2:29:fc:09:33:0a:48:aa:
                    7e:bc:c4:ec:72:a7:15:3f:ab:88:79:2b:5a:9b:fa:
                    6a:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:97:40:0A:F1:14:8F:E9:12:56:04:97:50:6E:14:63:31:49:19:2D
            X509v3 Authority Key Identifier:
                keyid:D3:F5:0B:4F:C0:95:89:0B:83:1C:03:D9:96:25:C0:EE:54:19:D3:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0_ULT8CViQuDHAPZliXA7lQZ01o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/3b3037-62bd-4b4d-af4d-77e3217cd39f/1/0_ULT8CViQuDHAPZliXA7lQZ01o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:4c:eb:18:cf:39:f0:00:11:7f:26:f7:91:3f:0e:54:84:9f:
         99:28:6d:07:d0:83:bf:f5:97:be:09:4e:35:ca:9e:8d:93:8b:
         3c:0b:2f:d6:47:57:5a:03:01:8a:0e:33:13:21:a4:72:ee:86:
         76:3b:53:f1:ed:9f:68:e3:e4:db:97:9e:76:14:3d:c2:97:bf:
         4f:db:16:80:7f:a0:0f:8f:0d:bb:ed:62:00:da:95:61:ed:14:
         c8:2d:73:cb:05:f7:31:95:bb:d6:80:09:50:f5:98:60:cf:2b:
         bb:e9:bd:b8:a6:c6:11:43:37:61:35:84:8a:b9:8e:80:67:ab:
         f0:09:77:36:6d:91:e0:e8:f2:7c:bb:39:96:7e:4c:96:37:fb:
         5d:a4:9d:19:ff:4d:56:0c:f1:75:25:21:92:b8:f8:fc:1a:c0:
         c4:93:b9:a7:eb:d6:3a:43:f3:18:56:c4:19:84:55:89:a8:d9:
         13:63:bd:74:ad:d4:1e:00:f0:91:9a:d2:6c:98:78:0a:ef:2f:
         63:85:74:40:d9:96:33:90:32:33:48:cf:c1:eb:f4:40:b0:95:
         4a:99:c0:e9:2c:df:e7:1a:0e:a0:62:70:e8:94:39:0a:fe:b1:
         72:ae:0d:eb:4e:97:10:a2:45:da:0d:57:b2:34:5f:0c:20:c5:
         f1:0b:a5:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dIxcD5D5ROSHF051QHEHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZjUwYjRmYzA5NTg5MGI4MzFjMDNkOTk2MjVjMGVlNTQx
OWQzNWEwHhcNMjYwNTEyMTcwMTM5WhcNMjYwNTEzMTcwMTM5WjAzMTEwLwYDVQQD
EyhjNzk3NDAwYWYxMTQ4ZmU5MTI1NjA0OTc1MDZlMTQ2MzMxNDkxOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH4DRq2cPiPfmH2RRjF3A2q+gkYw
S6ZTSEvMB1UICrAUpsFqd2iMbem7zuwsnc/Z+0kg48nZ0Z8IqiKqIJRG2JfnT9wM
eV11oYSU2LD7eXhce9nq+7eQcZw0FWnt4y396w1vTWqtd+2DuKfIPVxGZSC1+Tqm
XLWsurMKLQR8f5bZu58wfi/gkOPy1JM9D+gAXToOtcpXKY2NZVpLsqXcOSInNpbI
HMZuVFhJxq29DflwQ25dLQ9200EMQMYM0fJxUJ//hyjegjtNiC0X/0/IT5VO30n/
e/8y/VxHhgLPUbjZN0vR9kAY4in8CTMKSKp+vMTscqcVP6uIeStam/pquQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMeXQArxFI/pElYEl1BuFGMxSRktMB8GA1UdIwQY
MBaAFNP1C0/AlYkLgxwD2ZYlwO5UGdNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQt
NzdlMzIxN2NkMzlmLzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8zYjMwMzctNjJiZC00YjRkLWFmNGQtNzdlMzIxN2NkMzlm
LzEvMF9VTFQ4Q1ZpUXVESEFQWmxpWEE3bFFaMDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0zrGM85
8AARfyb3kT8OVISfmShtB9CDv/WXvglONcqejZOLPAsv1kdXWgMBig4zEyGkcu6G
djtT8e2faOPk25eedhQ9wpe/T9sWgH+gD48Nu+1iANqVYe0UyC1zywX3MZW71oAJ
UPWYYM8ru+m9uKbGEUM3YTWEirmOgGer8Al3Nm2R4OjyfLs5ln5Mljf7XaSdGf9N
VgzxdSUhkrj4/BrAxJO5p+vWOkPzGFbEGYRViajZE2O9dK3UHgDwkZrSbJh4Cu8v
Y4V0QNmWM5AyM0jPwev0QLCVSpnA6Szf5xoOoGJw6JQ5Cv6xcq4N606XEKJF2g1X
sjRfDCDF8Qulyg==
-----END CERTIFICATE-----