Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          2ZrDwvTLtjS1k6Hncz6WdhONnytuN5yTx4Wv2aVnrVc=
Subject key identifier:   FE:23:7C:37:6F:A5:DF:BA:FC:38:0E:06:BB:30:CC:2C:9B:88:AD:5F
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       019D2703D846C8231D30AB4A58BD78079A0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          0C0B
Signing time:             Wed 25 Mar 2026 22:00:56 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:56 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:56 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: tci94UqfN4M+sIvpG5cvzwszV1FISDlwLEGSHTAkQdA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d8:46:c8:23:1d:30:ab:4a:58:bd:78:07:9a:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: Mar 25 22:00:56 2026 GMT
            Not After : Mar 26 22:00:56 2026 GMT
        Subject: CN=fe237c376fa5dfbafc380e06bb30cc2c9b88ad5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:5b:66:fd:f5:04:51:98:9b:34:96:e5:5f:63:
                    5b:24:1a:fe:3d:3a:69:fe:ab:49:af:d2:28:12:b8:
                    f2:62:3e:80:ec:1a:ce:7e:f7:72:b7:2e:d9:7a:ac:
                    7d:34:a0:0b:0b:a6:e6:df:bd:42:fa:ea:fc:df:c7:
                    23:8c:b9:f1:3a:1a:82:c0:0f:77:6a:9b:92:93:61:
                    0a:7e:56:9a:9c:65:dc:50:fc:21:79:24:a3:f9:f4:
                    d2:15:d7:be:0c:53:b2:16:a0:59:ca:65:dc:10:f1:
                    56:39:7b:9d:5a:8a:04:3d:74:62:1c:5c:e1:38:a0:
                    2f:3b:5a:a2:d7:05:14:ea:80:1f:13:4c:7b:29:87:
                    e2:0f:86:87:62:a7:5e:8a:a1:05:fa:29:2e:78:17:
                    b0:58:9f:df:b3:f9:3a:c9:8e:6d:51:87:19:0e:20:
                    ae:b2:80:73:6a:e1:3b:55:21:47:42:5e:88:0d:19:
                    0d:a4:00:06:03:8e:72:d7:57:8b:3f:3e:b8:d5:a5:
                    6d:fc:ab:19:05:bb:3a:ab:dc:99:ae:1e:25:c6:77:
                    9d:02:f7:4d:3f:1f:d5:8f:fd:86:5f:db:30:37:79:
                    a7:6a:ec:6a:92:8a:96:2e:54:34:c4:b4:44:8f:f6:
                    4e:a7:35:30:5d:f7:e5:3b:3c:7f:99:3b:6d:92:04:
                    5d:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:23:7C:37:6F:A5:DF:BA:FC:38:0E:06:BB:30:CC:2C:9B:88:AD:5F
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:4c:e3:e0:00:e2:f3:62:0c:aa:f0:03:97:f0:6f:3b:81:6f:
         ff:6d:d3:fd:f5:21:be:5d:d8:74:8b:47:82:c9:3f:92:b3:43:
         33:c7:e3:68:2b:23:e5:f3:d6:2d:59:dd:7c:24:ab:94:ba:95:
         86:a2:08:c8:16:7a:b9:80:88:1d:91:f6:bb:53:d2:01:17:66:
         d6:ef:4f:70:84:b8:79:0e:95:7a:a9:5f:e2:e9:b3:28:c5:44:
         38:01:49:4f:92:50:c6:76:69:f1:06:f6:ea:b0:32:27:86:61:
         99:1b:a6:2f:8c:e9:a2:f3:11:08:3c:9e:f0:b2:d7:22:a9:57:
         15:de:ac:da:87:fb:01:54:a5:a6:09:0b:cd:b4:d0:80:53:50:
         b6:25:d9:85:99:39:1d:6d:70:0a:61:ef:a3:56:60:16:45:59:
         23:67:b0:ee:a1:55:7c:ee:da:b5:3e:8b:b1:6a:01:2a:c2:fc:
         14:e9:61:9c:9c:0b:4f:ed:e6:7a:63:e4:f2:93:70:6c:61:a6:
         13:7d:4b:10:f5:b8:fa:ed:e4:00:11:94:01:d0:1b:a8:a0:ad:
         a9:69:b9:78:d0:10:a3:0d:00:1e:b5:47:27:2a:09:f4:d0:36:
         16:26:62:c5:94:c9:f5:d8:b8:fc:68:2f:ba:dc:20:80:f3:d1:
         c8:d8:47:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9hGyCMdMKtKWL14B5oPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjYwMzI1MjIwMDU2WhcNMjYwMzI2MjIwMDU2WjAzMTEwLwYDVQQD
EyhmZTIzN2MzNzZmYTVkZmJhZmMzODBlMDZiYjMwY2MyYzliODhhZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31tm/fUEUZibNJblX2NbJBr+PTpp
/qtJr9IoErjyYj6A7BrOfvdyty7Zeqx9NKALC6bm371C+ur838cjjLnxOhqCwA93
apuSk2EKflaanGXcUPwheSSj+fTSFde+DFOyFqBZymXcEPFWOXudWooEPXRiHFzh
OKAvO1qi1wUU6oAfE0x7KYfiD4aHYqdeiqEF+ikueBewWJ/fs/k6yY5tUYcZDiCu
soBzauE7VSFHQl6IDRkNpAAGA45y11eLPz641aVt/KsZBbs6q9yZrh4lxnedAvdN
Px/Vj/2GX9swN3mnauxqkoqWLlQ0xLREj/ZOpzUwXfflOzx/mTttkgRdlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4jfDdvpd+6/DgOBrswzCybiK1fMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkzj4ADi
82IMqvADl/BvO4Fv/23T/fUhvl3YdItHgsk/krNDM8fjaCsj5fPWLVndfCSrlLqV
hqIIyBZ6uYCIHZH2u1PSARdm1u9PcIS4eQ6Veqlf4umzKMVEOAFJT5JQxnZp8Qb2
6rAyJ4ZhmRumL4zpovMRCDye8LLXIqlXFd6s2of7AVSlpgkLzbTQgFNQtiXZhZk5
HW1wCmHvo1ZgFkVZI2ew7qFVfO7atT6LsWoBKsL8FOlhnJwLT+3memPk8pNwbGGm
E31LEPW4+u3kABGUAdAbqKCtqWm5eNAQow0AHrVHJyoJ9NA2FiZixZTJ9di4/Ggv
utwggPPRyNhHSg==
-----END CERTIFICATE-----