Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
File:                     UdspKXLBDGn5fs0k8vtptPZ3beg.mft (raw, json)
Hash identifier:          9Y5ykUwMzXdprwvO8TSu9m8hXoc0+8GHjGviXTobwNc=
Subject key identifier:   08:0D:B5:54:26:06:1F:3E:9C:B1:00:6B:DB:B0:34:03:7B:A2:EF:2F
Authority key identifier: 51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8
Certificate issuer:       /CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
Certificate serial:       019D28F32D41C7E24C7B7EB719A560F7D964
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 07:01:58 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:58 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:58 +0000
Files and hashes:         1: UdspKXLBDGn5fs0k8vtptPZ3beg.crl (hash: yalCaxwmVtPA/2zaTBmSAmEo9nEreElXgz4aGFPZoNM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:2d:41:c7:e2:4c:7b:7e:b7:19:a5:60:f7:d9:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51db292972c10c69f97ecd24f2fb69b4f6776de8
        Validity
            Not Before: Mar 26 07:01:58 2026 GMT
            Not After : Mar 27 07:01:58 2026 GMT
        Subject: CN=080db55426061f3e9cb1006bdbb034037ba2ef2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0b:6b:63:20:a9:f8:02:ef:ef:b2:e2:6e:9e:
                    b4:0d:d9:05:83:e3:42:71:b6:a5:39:ee:aa:de:22:
                    cd:9f:ca:c2:56:54:de:50:1a:26:68:e5:a9:f6:c6:
                    ce:e4:69:bb:f5:20:0d:b1:ff:c9:52:77:6c:06:03:
                    01:e6:97:25:9b:8a:17:5d:19:be:8d:ef:00:32:80:
                    9b:6e:8f:de:82:98:02:3d:9b:59:9c:22:1f:b4:7e:
                    3a:4b:b6:69:1f:6c:83:c4:e9:ba:87:bd:b1:c2:38:
                    ca:7c:82:65:08:76:1d:f0:62:7a:64:93:61:6f:5d:
                    ee:2e:07:0f:a6:ab:ea:9e:65:d7:2a:e6:96:6b:97:
                    64:13:b6:cc:a7:ee:29:01:9f:a5:3f:3b:ed:53:76:
                    9c:81:e2:ae:2c:40:8c:48:d0:ba:a3:33:a4:da:1b:
                    57:46:ee:d1:56:42:91:df:6e:a1:5c:2a:00:2c:ee:
                    16:86:14:6f:60:5c:0e:8b:20:b8:14:a4:14:00:43:
                    80:f4:5b:0a:e7:ec:db:fa:69:9d:51:ba:1a:b2:c4:
                    06:86:c7:b0:3d:c2:2b:84:00:58:a4:37:e2:a8:ac:
                    cf:d6:e2:c1:5d:db:a9:13:5c:96:75:4e:88:75:d4:
                    32:00:bd:85:b1:4d:d0:88:02:20:60:02:67:b1:5a:
                    85:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:0D:B5:54:26:06:1F:3E:9C:B1:00:6B:DB:B0:34:03:7B:A2:EF:2F
            X509v3 Authority Key Identifier:
                keyid:51:DB:29:29:72:C1:0C:69:F9:7E:CD:24:F2:FB:69:B4:F6:77:6D:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UdspKXLBDGn5fs0k8vtptPZ3beg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/0bc955-25de-4798-b3ce-6eaf9dabae0f/1/UdspKXLBDGn5fs0k8vtptPZ3beg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:96:13:46:67:80:26:91:a3:59:ea:4d:63:50:02:16:6f:55:
         57:71:37:ee:2f:90:cc:19:23:7f:54:1f:14:36:88:55:2e:48:
         b9:f3:98:58:65:f7:be:ea:ca:51:d8:b5:dd:ce:98:ad:3f:de:
         3b:30:bc:ae:9d:34:5b:6e:ec:f2:2f:04:df:c9:e4:96:60:e0:
         26:bc:d5:bc:a3:fe:18:c3:ee:b2:08:4c:4f:41:1a:87:44:e1:
         fa:e5:71:88:05:d7:7c:7e:60:91:f2:91:eb:8a:38:af:c0:42:
         ab:68:e1:bd:80:09:d1:68:44:31:16:a1:43:a9:a1:3b:1b:07:
         7a:04:b7:95:ef:cb:61:93:6b:ad:a8:da:8d:9d:77:92:b5:ad:
         75:a2:01:12:97:85:b5:94:7b:5a:e2:53:84:89:9a:11:11:01:
         33:13:72:44:f7:0c:03:09:79:5a:22:b6:52:b5:d0:81:c7:36:
         5b:12:44:b5:1c:38:2a:c3:83:3f:5d:80:e3:ef:07:3e:9a:cf:
         88:3b:8d:7b:2f:18:78:d3:ad:75:a0:90:35:3f:9b:b4:c5:d3:
         eb:a0:cf:35:6a:8a:19:98:3a:1a:ad:76:cd:3b:67:ed:b7:39:
         59:32:e3:c2:94:2d:fb:ea:59:ef:bb:7c:2f:dd:cb:52:8c:73:
         6d:2a:fd:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8y1Bx+JMe363GaVg99lkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZGIyOTI5NzJjMTBjNjlmOTdlY2QyNGYyZmI2OWI0ZjY3
NzZkZTgwHhcNMjYwMzI2MDcwMTU4WhcNMjYwMzI3MDcwMTU4WjAzMTEwLwYDVQQD
EygwODBkYjU1NDI2MDYxZjNlOWNiMTAwNmJkYmIwMzQwMzdiYTJlZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwtrYyCp+ALv77Libp60DdkFg+NC
cbalOe6q3iLNn8rCVlTeUBomaOWp9sbO5Gm79SANsf/JUndsBgMB5pclm4oXXRm+
je8AMoCbbo/egpgCPZtZnCIftH46S7ZpH2yDxOm6h72xwjjKfIJlCHYd8GJ6ZJNh
b13uLgcPpqvqnmXXKuaWa5dkE7bMp+4pAZ+lPzvtU3acgeKuLECMSNC6ozOk2htX
Ru7RVkKR326hXCoALO4WhhRvYFwOiyC4FKQUAEOA9FsK5+zb+mmdUboassQGhsew
PcIrhABYpDfiqKzP1uLBXdupE1yWdU6IddQyAL2FsU3QiAIgYAJnsVqF9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgNtVQmBh8+nLEAa9uwNAN7ou8vMB8GA1UdIwQY
MBaAFFHbKSlywQxp+X7NJPL7abT2d23oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2Ut
NmVhZjlkYWJhZTBmLzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8wYmM5NTUtMjVkZS00Nzk4LWIzY2UtNmVhZjlkYWJhZTBm
LzEvVWRzcEtYTEJER241ZnMwazh2dHB0UFozYmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAypYTRmeA
JpGjWepNY1ACFm9VV3E37i+QzBkjf1QfFDaIVS5IufOYWGX3vurKUdi13c6YrT/e
OzC8rp00W27s8i8E38nklmDgJrzVvKP+GMPusghMT0Eah0Th+uVxiAXXfH5gkfKR
64o4r8BCq2jhvYAJ0WhEMRahQ6mhOxsHegS3le/LYZNrrajajZ13krWtdaIBEpeF
tZR7WuJThImaEREBMxNyRPcMAwl5WiK2UrXQgcc2WxJEtRw4KsODP12A4+8HPprP
iDuNey8YeNOtdaCQNT+btMXT66DPNWqKGZg6Gq12zTtn7bc5WTLjwpQt++pZ77t8
L93LUoxzbSr9Yw==
-----END CERTIFICATE-----