Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
File:                     dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json)
Hash identifier:          AS6hFFj4X6RYY2iApmcRCCvSF5G0ZBO8ZdlCu1Hmdrc=
Subject key identifier:   36:3B:70:D0:01:F3:79:DD:E7:5E:9C:FE:82:14:90:68:F3:E8:06:01
Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15
Certificate issuer:       /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
Certificate serial:       019D98F4D1D914128BC669FA80C4002FA6EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
Manifest number:          0F32
Signing time:             Fri 17 Apr 2026 01:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:14 +0000
Files and hashes:         1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: avnIvR7nsQxNDd+0gurah4+UdI7l5mj0pXWkSxnP1II=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d1:d9:14:12:8b:c6:69:fa:80:c4:00:2f:a6:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
        Validity
            Not Before: Apr 17 01:01:14 2026 GMT
            Not After : Apr 18 01:01:14 2026 GMT
        Subject: CN=363b70d001f379dde75e9cfe82149068f3e80601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8f:65:5f:8c:ca:c1:a2:01:b9:91:b3:66:9b:
                    22:c5:a4:f1:7e:7c:74:e9:46:77:05:62:30:07:0d:
                    d4:5a:2f:28:e4:fc:a0:49:e7:7c:dc:82:3e:06:96:
                    d7:94:1e:08:0d:ee:42:a2:b9:37:a1:ec:33:9a:69:
                    12:3d:7c:f0:23:07:c8:9e:ce:e9:89:d9:07:6e:9c:
                    75:40:82:85:ca:bf:69:4d:64:59:b6:65:33:47:99:
                    2a:80:be:df:7a:a9:c9:03:81:03:04:01:d2:7d:8d:
                    06:70:c9:36:36:c5:99:9e:46:c0:5c:ce:72:5a:3d:
                    79:d0:0b:65:36:6a:dc:b9:c6:33:58:85:6f:f6:7d:
                    a4:db:99:6b:2d:73:bb:11:3e:0c:b4:43:a2:90:53:
                    62:c7:ad:49:ca:9f:a6:c9:20:b0:f9:01:56:86:c4:
                    32:25:83:c8:38:c3:05:2a:63:0d:54:17:0d:ae:5a:
                    c2:14:ea:4f:d1:6c:f9:93:19:7d:8d:31:4c:b6:92:
                    2d:7d:72:da:a9:b1:bc:75:68:dc:9f:fa:ee:69:33:
                    2b:2a:65:e1:26:57:03:2a:6c:72:69:cc:12:6c:bf:
                    c7:56:fb:1c:59:92:28:b6:06:5a:76:ea:cc:1c:ed:
                    d4:0f:51:0e:65:69:69:dc:d0:40:ee:fe:e9:a9:b7:
                    78:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:3B:70:D0:01:F3:79:DD:E7:5E:9C:FE:82:14:90:68:F3:E8:06:01
            X509v3 Authority Key Identifier:
                keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:3a:80:40:3b:4d:62:d9:e1:e9:24:0b:46:8d:67:5a:15:79:
         f3:e5:6c:6b:7a:45:39:a2:3e:00:0d:a5:0d:6e:f1:fa:fd:a6:
         47:7f:9a:ac:b2:cf:44:73:5b:b5:77:e5:b8:c9:5f:cf:98:bf:
         7d:b2:0f:4a:1b:b7:c7:57:c4:4a:25:90:9b:a9:3a:39:43:e3:
         b5:f3:e0:f9:c4:8f:2e:17:46:b3:64:ba:1b:e2:ef:85:0b:84:
         36:ac:39:f3:41:e1:c7:a3:d0:0a:d4:4b:f6:0e:76:b3:d6:db:
         6b:4a:43:3f:a9:36:3e:c8:6d:f9:61:2d:0b:42:14:5c:7e:54:
         0b:4d:d0:a5:3a:4a:1d:57:f4:f0:66:da:2e:16:b2:cb:ad:65:
         9f:e4:5a:53:7f:e4:2d:b1:9e:ce:a3:e4:4b:48:7d:67:75:a2:
         b6:bd:bf:72:1e:8a:6a:62:97:45:7b:52:ef:67:46:62:cf:58:
         03:32:d2:97:59:43:e5:cf:c1:1c:49:22:2e:09:e5:90:b0:f9:
         90:ba:99:94:f2:05:86:f9:5d:3f:78:a2:d7:9f:33:43:cf:53:
         ff:b9:7b:8e:76:29:ec:02:b6:59:fe:39:cf:fe:87:f8:08:40:
         d1:ca:cd:ce:64:fc:f8:93:2a:ed:10:b4:1e:ba:82:48:62:88:
         20:f2:84:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NHZFBKLxmn6gMQAL6buMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy
ZWQ2MTUwHhcNMjYwNDE3MDEwMTE0WhcNMjYwNDE4MDEwMTE0WjAzMTEwLwYDVQQD
EygzNjNiNzBkMDAxZjM3OWRkZTc1ZTljZmU4MjE0OTA2OGYzZTgwNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI9lX4zKwaIBuZGzZpsixaTxfnx0
6UZ3BWIwBw3UWi8o5PygSed83II+BpbXlB4IDe5Cork3oewzmmkSPXzwIwfIns7p
idkHbpx1QIKFyr9pTWRZtmUzR5kqgL7feqnJA4EDBAHSfY0GcMk2NsWZnkbAXM5y
Wj150AtlNmrcucYzWIVv9n2k25lrLXO7ET4MtEOikFNix61Jyp+mySCw+QFWhsQy
JYPIOMMFKmMNVBcNrlrCFOpP0Wz5kxl9jTFMtpItfXLaqbG8dWjcn/ruaTMrKmXh
JlcDKmxyacwSbL/HVvscWZIotgZadurMHO3UD1EOZWlp3NBA7v7pqbd4owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDY7cNAB83nd516c/oIUkGjz6AYBMB8GA1UdIwQY
MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt
MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk
LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASzqAQDtN
Ytnh6SQLRo1nWhV58+Vsa3pFOaI+AA2lDW7x+v2mR3+arLLPRHNbtXfluMlfz5i/
fbIPShu3x1fESiWQm6k6OUPjtfPg+cSPLhdGs2S6G+LvhQuENqw580Hhx6PQCtRL
9g52s9bba0pDP6k2Psht+WEtC0IUXH5UC03QpTpKHVf08GbaLhayy61ln+RaU3/k
LbGezqPkS0h9Z3Witr2/ch6KamKXRXtS72dGYs9YAzLSl1lD5c/BHEkiLgnlkLD5
kLqZlPIFhvldP3ii158zQ89T/7l7jnYp7AK2Wf45z/6H+AhA0crNzmT8+JMq7RC0
HrqCSGKIIPKEVw==
-----END CERTIFICATE-----