Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
File:                     UtlINdtX9r4TjoZPWT7mrai4PtA.mft (raw, json)
Hash identifier:          hk2D3xRtKluzJO2iPACLU7inycHcAmGufsb7S5JVmXE=
Subject key identifier:   E4:D1:EB:49:23:F4:DD:C2:B6:BB:B6:A7:7F:BF:67:F4:D7:41:E8:D8
Authority key identifier: 52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0
Certificate issuer:       /CN=52d94835db57f6be138e864f593ee6ada8b83ed0
Certificate serial:       019D270416FBE696B782C6A9160BBFD370A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
Manifest number:          033A
Signing time:             Wed 25 Mar 2026 22:01:12 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:12 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:12 +0000
Files and hashes:         1: UtlINdtX9r4TjoZPWT7mrai4PtA.crl (hash: DJ0c0JL5x7VoXLrE8wqW4zv5yv0toKUwnbWEDTO66Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:16:fb:e6:96:b7:82:c6:a9:16:0b:bf:d3:70:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52d94835db57f6be138e864f593ee6ada8b83ed0
        Validity
            Not Before: Mar 25 22:01:12 2026 GMT
            Not After : Mar 26 22:01:12 2026 GMT
        Subject: CN=e4d1eb4923f4ddc2b6bbb6a77fbf67f4d741e8d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:17:2e:47:a2:d0:f6:ec:fe:8a:8a:57:0b:65:
                    ed:35:e5:9a:57:63:16:c7:ae:f4:47:29:c6:94:38:
                    4f:91:68:0b:18:ee:d6:67:34:53:23:80:09:96:68:
                    98:92:76:70:7e:a9:f0:58:8f:a7:5c:e5:84:93:6c:
                    83:ed:c5:b3:37:b7:72:75:e9:f5:31:7f:8d:bd:b3:
                    e3:88:c4:21:61:3d:23:33:7f:ed:44:b5:37:a4:cd:
                    e7:63:8a:c6:69:6f:9e:98:1b:d3:9b:52:c8:61:78:
                    ce:07:e2:00:fe:91:19:9f:03:29:08:51:85:75:88:
                    58:13:e0:f5:b3:57:34:cd:0b:c6:9d:f1:98:9b:c1:
                    6c:a6:71:d7:b9:9e:35:ea:f1:a2:bd:8d:e5:f3:02:
                    9e:bd:55:e0:ed:86:8d:6e:de:0a:65:20:88:82:0e:
                    a2:73:64:83:f2:e3:a6:40:b4:cc:88:c1:be:18:85:
                    a9:61:a2:9e:c5:1c:68:cb:d6:ee:dc:44:56:2e:b5:
                    31:06:11:34:60:9c:8f:32:2d:39:d1:41:49:97:0e:
                    42:4c:1a:1d:8f:5d:ff:54:b4:1b:0b:4d:48:aa:51:
                    24:f3:ad:c2:63:3c:12:5c:1f:79:a1:7c:94:2b:e1:
                    4a:25:c0:2a:3b:e8:de:ba:8d:46:f0:38:ed:3f:65:
                    9d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D1:EB:49:23:F4:DD:C2:B6:BB:B6:A7:7F:BF:67:F4:D7:41:E8:D8
            X509v3 Authority Key Identifier:
                keyid:52:D9:48:35:DB:57:F6:BE:13:8E:86:4F:59:3E:E6:AD:A8:B8:3E:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtlINdtX9r4TjoZPWT7mrai4PtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/6de2dc-ecd2-4af8-bb0a-3d08aabd5e9b/1/UtlINdtX9r4TjoZPWT7mrai4PtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:12:68:f9:7c:94:fe:ec:a8:98:d3:49:ae:ae:65:f6:d5:9e:
         c3:7b:9d:7f:ba:90:9a:2a:a3:2b:6a:11:69:88:dd:6c:3c:78:
         0e:6d:10:29:c4:b9:46:63:d7:1d:51:b5:d4:e1:2d:b3:6a:4c:
         17:91:c8:98:dc:32:06:fa:2a:43:c7:98:10:d5:77:61:e3:4f:
         2f:28:03:86:81:6a:0b:70:df:dd:7b:e6:5c:1a:b8:97:ea:3f:
         e0:83:de:e5:97:7b:4b:3a:06:f3:a9:9f:01:c7:41:2c:a5:89:
         f4:b2:c0:21:f9:30:e3:e9:c8:f3:f0:3f:b5:5a:54:c4:aa:11:
         5c:56:1b:0c:6a:f7:90:f2:90:17:8b:c7:11:46:82:dc:8d:da:
         bf:c9:b3:da:cb:18:95:18:b4:75:6c:68:89:93:b6:aa:32:6b:
         41:60:ad:29:98:74:04:15:91:b6:28:37:08:d9:67:83:77:ab:
         c5:8c:08:7c:78:8f:00:48:ee:71:ad:29:b9:d8:65:91:fd:81:
         bf:70:a3:6f:2b:40:e0:91:5c:8d:be:10:81:c2:8a:15:dd:6c:
         3c:0a:ad:54:73:5a:30:2d:e2:28:97:1a:f6:95:15:13:f5:db:
         10:be:e1:51:e1:53:9c:ac:66:27:ee:da:4a:bd:3c:d3:9e:20:
         cd:5f:02:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBBb75pa3gsapFgu/03CnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDk0ODM1ZGI1N2Y2YmUxMzhlODY0ZjU5M2VlNmFkYThi
ODNlZDAwHhcNMjYwMzI1MjIwMTEyWhcNMjYwMzI2MjIwMTEyWjAzMTEwLwYDVQQD
EyhlNGQxZWI0OTIzZjRkZGMyYjZiYmI2YTc3ZmJmNjdmNGQ3NDFlOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRcuR6LQ9uz+iopXC2XtNeWaV2MW
x670RynGlDhPkWgLGO7WZzRTI4AJlmiYknZwfqnwWI+nXOWEk2yD7cWzN7dyden1
MX+NvbPjiMQhYT0jM3/tRLU3pM3nY4rGaW+emBvTm1LIYXjOB+IA/pEZnwMpCFGF
dYhYE+D1s1c0zQvGnfGYm8FspnHXuZ416vGivY3l8wKevVXg7YaNbt4KZSCIgg6i
c2SD8uOmQLTMiMG+GIWpYaKexRxoy9bu3ERWLrUxBhE0YJyPMi050UFJlw5CTBod
j13/VLQbC01IqlEk863CYzwSXB95oXyUK+FKJcAqO+jeuo1G8DjtP2WdPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTR60kj9N3Ctru2p3+/Z/TXQejYMB8GA1UdIwQY
MBaAFFLZSDXbV/a+E46GT1k+5q2ouD7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEt
M2QwOGFhYmQ1ZTliLzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82ZGUyZGMtZWNkMi00YWY4LWJiMGEtM2QwOGFhYmQ1ZTli
LzEvVXRsSU5kdFg5cjRUam9aUFdUN21yYWk0UHRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMhJo+XyU
/uyomNNJrq5l9tWew3udf7qQmiqjK2oRaYjdbDx4Dm0QKcS5RmPXHVG11OEts2pM
F5HImNwyBvoqQ8eYENV3YeNPLygDhoFqC3Df3XvmXBq4l+o/4IPe5Zd7SzoG86mf
AcdBLKWJ9LLAIfkw4+nI8/A/tVpUxKoRXFYbDGr3kPKQF4vHEUaC3I3av8mz2ssY
lRi0dWxoiZO2qjJrQWCtKZh0BBWRtig3CNlng3erxYwIfHiPAEjuca0pudhlkf2B
v3CjbytA4JFcjb4QgcKKFd1sPAqtVHNaMC3iKJca9pUVE/XbEL7hUeFTnKxmJ+7a
Sr08054gzV8CEQ==
-----END CERTIFICATE-----