Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          MXTYjMvTEzJRFmr5smSahkTjuqkOj+7mFkD3CHTyR7Q=
Subject key identifier:   B5:64:BA:C1:51:BE:91:EE:7F:57:AF:52:B0:76:F5:E8:97:08:DE:5F
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019D25F0FEC44C9C61F0E20C96EC8C09C702
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0B3C
Signing time:             Wed 25 Mar 2026 17:00:44 +0000
Manifest this update:     Wed 25 Mar 2026 17:00:44 +0000
Manifest next update:     Thu 26 Mar 2026 17:00:44 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: 8kV03IStGC0ZI+7RtipP35VcKbkm5PS2LrsuJtpAEFg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f0:fe:c4:4c:9c:61:f0:e2:0c:96:ec:8c:09:c7:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Mar 25 17:00:44 2026 GMT
            Not After : Mar 26 17:00:44 2026 GMT
        Subject: CN=b564bac151be91ee7f57af52b076f5e89708de5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:c8:68:fd:7c:2e:e9:2f:ce:cc:73:f9:5b:93:
                    8e:78:37:37:0a:58:04:85:e7:cf:73:70:dd:6d:d3:
                    bc:8c:ac:bc:eb:61:5b:20:e4:75:e8:fe:51:08:83:
                    00:d9:87:cd:0f:53:a3:78:d4:b9:82:99:33:82:91:
                    b5:94:f7:90:b2:fc:e2:cd:8d:07:a9:18:a4:51:79:
                    39:b0:96:58:e2:73:41:f1:d8:1e:a4:7b:6a:c5:a1:
                    57:64:79:76:3a:88:ac:19:51:d9:73:10:14:a7:ec:
                    2e:df:be:d2:18:ba:a9:7c:62:48:ad:4c:90:42:dd:
                    a5:f8:11:fc:2e:2f:14:34:78:05:33:c4:0b:d0:c4:
                    30:10:99:8d:8b:f2:de:3f:31:0b:21:fc:75:eb:17:
                    8c:60:1f:65:c1:7a:cb:d2:68:af:0c:b6:38:79:be:
                    be:13:4c:43:6c:34:cd:83:00:82:82:a4:f0:4e:2d:
                    38:60:16:24:e4:d0:dc:c1:bb:6b:f7:4c:bc:79:58:
                    fb:65:24:36:88:3f:eb:81:a0:2d:f7:7b:74:6e:a5:
                    68:c0:61:de:13:9c:10:dc:dc:07:39:43:5e:d7:4d:
                    50:0f:9e:1d:a1:b9:7a:b5:f9:32:30:13:21:a7:6f:
                    d1:c5:90:06:e8:37:1e:46:bc:9e:dd:a5:6b:a4:a9:
                    1b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:64:BA:C1:51:BE:91:EE:7F:57:AF:52:B0:76:F5:E8:97:08:DE:5F
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:df:d5:35:6d:fd:e3:14:c8:09:ac:84:74:fc:82:9d:05:d5:
         26:35:4e:07:8f:16:6c:e8:c4:87:a8:0c:f5:0e:49:f2:05:2e:
         c8:2f:15:b2:27:8a:81:28:6b:26:e6:e0:88:5c:c1:03:fb:10:
         2b:8f:c6:11:50:1f:0f:38:68:92:15:85:fe:f8:70:1d:06:cc:
         18:89:a9:31:51:c4:a9:f2:d4:ba:65:b2:6b:52:e9:f6:74:6b:
         59:09:ef:08:03:b4:43:0b:3b:46:86:89:13:3a:f4:2c:af:80:
         ef:81:65:e8:12:06:f5:3d:e2:b6:47:18:7a:05:93:e1:90:9b:
         2f:d4:24:dc:bb:1f:71:6f:d8:45:d2:2a:18:9e:0a:b0:21:ff:
         6d:e5:cb:09:80:ea:ca:25:49:68:85:21:aa:e8:b0:01:82:6b:
         82:ee:60:8c:2d:83:70:5c:98:d4:b1:09:38:40:1a:b1:e6:5c:
         f5:11:b4:82:fc:1c:15:7e:19:72:b2:5a:51:05:d2:65:2c:17:
         61:9c:5a:06:87:8c:7a:9a:61:84:86:0e:e9:00:f5:8e:6d:7d:
         34:39:89:ab:ec:54:c2:93:90:86:49:9a:2f:73:a6:b0:70:46:
         0c:85:27:10:35:60:9f:9e:1e:f1:fc:e9:fb:dd:46:4e:80:58:
         4e:15:09:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8P7ETJxh8OIMluyMCccCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjYwMzI1MTcwMDQ0WhcNMjYwMzI2MTcwMDQ0WjAzMTEwLwYDVQQD
EyhiNTY0YmFjMTUxYmU5MWVlN2Y1N2FmNTJiMDc2ZjVlODk3MDhkZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08ho/Xwu6S/OzHP5W5OOeDc3ClgE
hefPc3DdbdO8jKy862FbIOR16P5RCIMA2YfND1OjeNS5gpkzgpG1lPeQsvzizY0H
qRikUXk5sJZY4nNB8dgepHtqxaFXZHl2OoisGVHZcxAUp+wu377SGLqpfGJIrUyQ
Qt2l+BH8Li8UNHgFM8QL0MQwEJmNi/LePzELIfx16xeMYB9lwXrL0mivDLY4eb6+
E0xDbDTNgwCCgqTwTi04YBYk5NDcwbtr90y8eVj7ZSQ2iD/rgaAt93t0bqVowGHe
E5wQ3NwHOUNe101QD54dobl6tfkyMBMhp2/RxZAG6DceRrye3aVrpKkbrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVkusFRvpHuf1evUrB29eiXCN5fMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK9/VNW39
4xTICayEdPyCnQXVJjVOB48WbOjEh6gM9Q5J8gUuyC8VsieKgShrJubgiFzBA/sQ
K4/GEVAfDzhokhWF/vhwHQbMGImpMVHEqfLUumWya1Lp9nRrWQnvCAO0Qws7RoaJ
Ezr0LK+A74Fl6BIG9T3itkcYegWT4ZCbL9Qk3LsfcW/YRdIqGJ4KsCH/beXLCYDq
yiVJaIUhquiwAYJrgu5gjC2DcFyY1LEJOEAaseZc9RG0gvwcFX4ZcrJaUQXSZSwX
YZxaBoeMepphhIYO6QD1jm19NDmJq+xUwpOQhkmaL3OmsHBGDIUnEDVgn54e8fzp
+91GToBYThUJ4Q==
-----END CERTIFICATE-----