Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          Ci0oGsis4bvQiaO7D1Ku/FjrrIWBgQ2oSS4ekNnVYd8=
Subject key identifier:   AD:92:3D:85:40:A6:65:A8:D8:7D:36:C6:C5:5A:9C:2B:67:2A:A2:73
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019D981879446FADA7B3812469109B031188
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          05ED
Signing time:             Thu 16 Apr 2026 21:00:33 +0000
Manifest this update:     Thu 16 Apr 2026 21:00:33 +0000
Manifest next update:     Fri 17 Apr 2026 21:00:33 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: C3emICcg7Ok5y9EZ6AJmfNVvTN4oX81QIoADQ8i7eSo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 21:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:18:79:44:6f:ad:a7:b3:81:24:69:10:9b:03:11:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Apr 16 21:00:33 2026 GMT
            Not After : Apr 17 21:00:33 2026 GMT
        Subject: CN=ad923d8540a665a8d87d36c6c55a9c2b672aa273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f8:70:06:b5:ca:1b:e9:68:ac:e0:17:db:8a:
                    b3:bf:d8:d7:f6:d9:05:89:93:09:b0:5a:3e:10:9d:
                    c6:c1:28:61:e7:03:9f:fe:95:f1:49:51:fc:16:e9:
                    c6:ff:49:ec:83:5e:14:61:14:e2:37:39:1b:66:d0:
                    99:2f:66:d4:74:f0:48:1f:03:e6:94:ee:23:fc:a4:
                    88:7c:f5:3d:a2:6a:fa:4f:67:09:ff:4c:f2:73:80:
                    d5:1c:a2:dd:4b:36:60:d5:d4:17:ce:c2:05:05:21:
                    a9:3d:87:ea:e5:d1:80:5b:6d:d1:74:ac:89:bf:1e:
                    df:79:3e:32:8c:f8:11:29:7f:09:0e:83:7a:ef:01:
                    0d:23:a2:b4:7b:fa:0f:a5:7b:b7:14:19:86:47:47:
                    7e:31:39:8e:9a:92:72:e8:09:7b:20:ec:5a:25:41:
                    c5:07:b3:67:ae:7e:4d:69:f5:6e:2a:65:96:6c:39:
                    6e:69:9b:16:f3:06:a6:89:80:fb:56:27:fb:df:f0:
                    71:7c:57:a4:df:71:bc:ff:fd:54:bf:40:c4:5c:de:
                    95:d3:9b:bb:81:42:ad:f4:32:b9:18:64:18:7b:a8:
                    57:39:34:06:15:32:4b:0e:98:d3:2b:fe:a4:41:7d:
                    03:03:72:79:57:da:9d:c2:65:18:a6:62:04:d6:f6:
                    8e:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:92:3D:85:40:A6:65:A8:D8:7D:36:C6:C5:5A:9C:2B:67:2A:A2:73
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:5b:34:ec:a8:e3:7f:34:6d:7f:75:56:57:da:71:86:3f:11:
         4e:4f:37:0a:00:10:79:bd:de:46:8b:94:65:3c:e4:f9:e9:e1:
         1c:fe:58:02:45:d8:a3:38:54:e4:6f:aa:d1:88:5a:bf:82:56:
         11:a1:e5:43:8b:a1:38:67:c6:0e:96:0d:11:c0:8e:da:20:4a:
         f5:67:01:55:c5:9d:26:86:b8:b9:6e:c2:4c:be:14:55:93:01:
         83:ba:c0:16:24:0e:85:8b:b5:f2:7b:ca:71:49:d9:a6:d2:23:
         f8:50:db:64:34:cd:01:73:45:46:e9:76:b4:0a:b2:03:23:44:
         80:8c:8e:6f:a5:7c:60:d2:82:f8:d9:64:e0:78:de:1a:7a:66:
         ac:e1:65:4c:96:4b:6b:a5:d5:bb:69:1a:fb:20:31:6a:c4:1b:
         7d:ee:00:39:11:51:be:99:b3:a2:76:6d:d2:ab:ad:e1:9f:37:
         48:fd:2d:ba:1a:0f:bd:51:24:e1:96:44:d0:e7:42:ca:03:9a:
         e2:e9:f1:14:38:f7:60:47:0f:38:61:4a:46:b7:62:ad:a1:12:
         79:4b:03:3f:2d:f2:eb:57:a6:e0:5c:37:94:3c:3e:af:35:ee:
         30:4f:b2:03:3e:fd:ef:d2:a0:ec:d2:5b:be:a1:e3:52:aa:0a:
         02:2a:fe:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGHlEb62ns4EkaRCbAxGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjYwNDE2MjEwMDMzWhcNMjYwNDE3MjEwMDMzWjAzMTEwLwYDVQQD
EyhhZDkyM2Q4NTQwYTY2NWE4ZDg3ZDM2YzZjNTVhOWMyYjY3MmFhMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfhwBrXKG+lorOAX24qzv9jX9tkF
iZMJsFo+EJ3GwShh5wOf/pXxSVH8FunG/0nsg14UYRTiNzkbZtCZL2bUdPBIHwPm
lO4j/KSIfPU9omr6T2cJ/0zyc4DVHKLdSzZg1dQXzsIFBSGpPYfq5dGAW23RdKyJ
vx7feT4yjPgRKX8JDoN67wENI6K0e/oPpXu3FBmGR0d+MTmOmpJy6Al7IOxaJUHF
B7Nnrn5NafVuKmWWbDluaZsW8wamiYD7Vif73/BxfFek33G8//1Uv0DEXN6V05u7
gUKt9DK5GGQYe6hXOTQGFTJLDpjTK/6kQX0DA3J5V9qdwmUYpmIE1vaOAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2SPYVApmWo2H02xsVanCtnKqJzMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS1s07Kjj
fzRtf3VWV9pxhj8RTk83CgAQeb3eRouUZTzk+enhHP5YAkXYozhU5G+q0Yhav4JW
EaHlQ4uhOGfGDpYNEcCO2iBK9WcBVcWdJoa4uW7CTL4UVZMBg7rAFiQOhYu18nvK
cUnZptIj+FDbZDTNAXNFRul2tAqyAyNEgIyOb6V8YNKC+Nlk4HjeGnpmrOFlTJZL
a6XVu2ka+yAxasQbfe4AORFRvpmzonZt0qut4Z83SP0tuhoPvVEk4ZZE0OdCygOa
4unxFDj3YEcPOGFKRrdiraESeUsDPy3y61em4Fw3lDw+rzXuME+yAz7979Kg7NJb
vqHjUqoKAir+DQ==
-----END CERTIFICATE-----