Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          tPMOkGJZvWpFzhj8se6jznCWsnVtsKBeUVrFiHJRyh4=
Subject key identifier:   FB:12:CE:17:6C:31:8E:4A:17:AA:77:E9:A0:F7:16:90:7A:A1:B2:8C
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       019D28BBADB6928C4819FC50105448EDC7C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          052B
Signing time:             Thu 26 Mar 2026 06:01:21 +0000
Manifest this update:     Thu 26 Mar 2026 06:01:21 +0000
Manifest next update:     Fri 27 Mar 2026 06:01:21 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: Yow4pcEFl3V54NoPBlUYB2zT/ayvRufbLvy9Znf7EIo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:ad:b6:92:8c:48:19:fc:50:10:54:48:ed:c7:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Mar 26 06:01:21 2026 GMT
            Not After : Mar 27 06:01:21 2026 GMT
        Subject: CN=fb12ce176c318e4a17aa77e9a0f716907aa1b28c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c6:75:9a:43:df:e6:e6:9d:05:21:91:0d:39:
                    9c:8c:6c:db:ad:ca:ce:da:97:2a:ff:f0:02:d8:77:
                    d0:78:8c:c0:21:e7:db:5f:b9:39:fa:81:42:44:82:
                    7a:0c:d6:06:9c:0e:cd:a4:30:4a:ea:8d:a2:c8:96:
                    5a:c7:12:64:a2:8b:06:7f:d6:b5:95:47:34:08:24:
                    5e:34:e5:87:2c:49:d6:16:db:89:76:af:fa:01:1b:
                    cd:88:1c:77:fe:86:0f:2b:26:9b:d1:5a:d2:fe:2f:
                    21:4b:d8:8b:08:5f:b1:c8:db:34:d7:aa:8f:3d:3b:
                    68:61:42:d0:7d:22:8e:a5:8b:25:62:eb:f6:8a:8f:
                    a1:fe:ca:cf:43:73:51:08:41:1f:35:7c:3d:83:9c:
                    40:9e:e7:13:3e:c3:94:15:c8:ee:ca:32:57:fc:f4:
                    7d:fb:5e:8a:39:3f:96:65:f1:14:a1:d1:fb:98:09:
                    11:0d:99:16:b3:9e:2c:b7:2c:20:21:d8:33:97:fa:
                    85:57:37:62:3a:59:a0:9e:25:8f:8e:41:7c:66:8d:
                    e5:45:80:9d:50:a9:65:e2:c9:57:b7:51:9a:92:02:
                    6f:a3:6c:58:a6:4c:42:f4:72:df:a7:96:66:bc:e4:
                    6f:ac:f8:b7:fc:fd:4d:e3:b0:84:d2:37:63:73:3d:
                    91:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:12:CE:17:6C:31:8E:4A:17:AA:77:E9:A0:F7:16:90:7A:A1:B2:8C
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:a7:7b:f5:90:d8:bc:3f:55:96:47:f5:25:19:43:b3:94:b6:
         1c:38:aa:03:1c:bc:67:d9:b5:3c:7c:ed:c0:d7:16:09:56:0f:
         f4:31:85:be:f5:61:85:52:67:33:58:f9:9f:8c:d8:e0:41:57:
         d6:8b:7c:fa:bc:8c:f1:27:58:06:fc:9e:80:00:cb:86:71:ca:
         48:2e:5a:46:54:a7:7d:eb:f6:e8:6d:de:7b:67:a3:53:7f:b1:
         8e:7e:70:3b:53:3c:3e:99:46:0a:4f:ca:fd:98:ce:7d:52:c1:
         c7:1a:2f:8d:65:f6:92:50:42:90:eb:07:75:7f:62:6b:96:85:
         48:8d:16:3f:8f:bc:55:9e:0c:9e:5b:f4:44:f7:ee:88:5f:48:
         6f:da:83:25:6b:a8:a3:f6:c6:05:94:9a:fd:39:62:53:a6:1d:
         b9:73:88:c9:ef:b9:e8:9f:1e:43:a9:3e:7f:7b:81:b2:5e:d7:
         db:79:aa:65:6f:8b:26:a6:d2:a9:09:39:16:82:1e:dd:ca:4e:
         3f:d6:c1:db:eb:ee:9d:36:1d:ee:3b:f3:85:ba:d3:32:76:56:
         13:74:6a:fc:74:0e:23:6e:de:a1:7c:72:dc:86:6f:9c:62:65:
         0a:f8:a2:26:fa:6c:e4:5d:ec:ad:e0:97:85:6e:f6:aa:ae:7e:
         17:49:a7:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou622koxIGfxQEFRI7cfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjYwMzI2MDYwMTIxWhcNMjYwMzI3MDYwMTIxWjAzMTEwLwYDVQQD
EyhmYjEyY2UxNzZjMzE4ZTRhMTdhYTc3ZTlhMGY3MTY5MDdhYTFiMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsZ1mkPf5uadBSGRDTmcjGzbrcrO
2pcq//AC2HfQeIzAIefbX7k5+oFCRIJ6DNYGnA7NpDBK6o2iyJZaxxJkoosGf9a1
lUc0CCReNOWHLEnWFtuJdq/6ARvNiBx3/oYPKyab0VrS/i8hS9iLCF+xyNs016qP
PTtoYULQfSKOpYslYuv2io+h/srPQ3NRCEEfNXw9g5xAnucTPsOUFcjuyjJX/PR9
+16KOT+WZfEUodH7mAkRDZkWs54stywgIdgzl/qFVzdiOlmgniWPjkF8Zo3lRYCd
UKll4slXt1GakgJvo2xYpkxC9HLfp5ZmvORvrPi3/P1N47CE0jdjcz2R8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsSzhdsMY5KF6p36aD3FpB6obKMMB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADqd79ZDY
vD9Vlkf1JRlDs5S2HDiqAxy8Z9m1PHztwNcWCVYP9DGFvvVhhVJnM1j5n4zY4EFX
1ot8+ryM8SdYBvyegADLhnHKSC5aRlSnfev26G3ee2ejU3+xjn5wO1M8PplGCk/K
/ZjOfVLBxxovjWX2klBCkOsHdX9ia5aFSI0WP4+8VZ4Mnlv0RPfuiF9Ib9qDJWuo
o/bGBZSa/TliU6YduXOIye+56J8eQ6k+f3uBsl7X23mqZW+LJqbSqQk5FoIe3cpO
P9bB2+vunTYd7jvzhbrTMnZWE3Rq/HQOI27eoXxy3IZvnGJlCviiJvps5F3sreCX
hW72qq5+F0mnwQ==
-----END CERTIFICATE-----