Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          uZgsss8AdqkOPvYUA96yrdz4XfyOCskVM+VgQ6q16sg=
Subject key identifier:   65:B1:BC:77:B7:0D:9C:30:7F:41:AC:34:1D:23:EC:EF:BD:DA:86:D4
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       019DA3E6AACDEA770A147E3DA7CA357294A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          12BF
Signing time:             Sun 19 Apr 2026 04:01:36 +0000
Manifest this update:     Sun 19 Apr 2026 04:01:36 +0000
Manifest next update:     Mon 20 Apr 2026 04:01:36 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: yN4sy/3lDph8bzWli2xIuiuWBEHBxFpMZoYKm0JZmTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:e6:aa:cd:ea:77:0a:14:7e:3d:a7:ca:35:72:94:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: Apr 19 04:01:36 2026 GMT
            Not After : Apr 20 04:01:36 2026 GMT
        Subject: CN=65b1bc77b70d9c307f41ac341d23ecefbdda86d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f2:0f:9c:a4:4c:31:63:f7:c2:06:b5:a5:09:
                    99:ad:5e:6c:8d:2c:f2:d5:d7:1b:25:49:a1:df:61:
                    d7:f5:50:24:79:fb:ca:6e:d7:7e:1c:63:c8:10:bf:
                    ab:d9:27:6e:8e:f6:87:e2:5d:22:ee:2d:b6:4f:8e:
                    0b:ee:00:23:fc:4b:84:c4:39:ad:71:e3:1c:b2:2b:
                    8f:8c:85:d7:46:a6:4f:ee:92:79:03:31:bc:1f:6f:
                    10:53:a5:8c:f1:b8:fd:aa:b1:a7:96:7f:06:e7:ba:
                    c0:a3:a3:bc:a3:be:38:de:ec:a2:02:ec:c8:f7:fe:
                    35:79:c9:3f:2d:41:57:3c:d1:28:90:22:87:2b:ec:
                    a6:d9:8a:80:35:2a:a6:f4:f4:74:62:48:99:17:8b:
                    d6:29:60:af:f2:cd:c5:28:38:61:04:08:c7:0f:b4:
                    c7:69:46:89:58:77:fb:5a:f9:7e:6b:77:b4:d8:5b:
                    5a:a0:ed:b5:6b:50:ec:27:8b:8f:c7:00:0c:37:74:
                    b8:65:5d:f9:2b:fd:3f:30:7f:04:e0:c3:5a:2c:75:
                    0b:b4:cc:db:e7:91:f3:e8:40:fb:18:9e:d7:e8:c7:
                    fc:5b:fa:bf:03:29:13:5f:d8:8f:31:d0:2e:69:16:
                    12:09:5a:85:5f:52:59:69:ea:61:67:42:4e:31:a6:
                    09:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:B1:BC:77:B7:0D:9C:30:7F:41:AC:34:1D:23:EC:EF:BD:DA:86:D4
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:5e:fa:4c:fb:49:1c:cc:48:3d:2a:7c:f9:08:d2:89:13:0d:
         16:36:86:0f:3a:e0:7c:3d:4c:c5:62:64:22:c2:1a:ae:de:fa:
         0e:8d:44:f5:ee:7a:95:24:19:39:90:0a:42:7c:28:29:56:0a:
         7d:aa:bd:81:19:1f:48:2d:69:15:28:98:71:0a:da:6a:a7:57:
         43:13:b6:92:68:e9:f1:dd:05:0e:e4:dc:d2:cf:d2:63:0d:cc:
         8d:c8:d7:d9:f5:2a:c4:2a:a7:b2:d4:85:7c:48:c3:db:ba:ef:
         65:20:0f:ae:c7:7e:7e:71:b9:e1:9f:56:8b:1f:55:c0:dc:10:
         82:91:2e:b0:72:51:9f:c0:d7:95:ee:40:50:dc:9c:e8:c3:8c:
         f6:27:d1:5a:8c:e1:b9:4d:43:03:a8:80:1e:06:a4:d4:4e:42:
         ce:5b:04:fb:8f:11:f9:ea:c4:51:85:f2:4e:e6:a2:40:d0:f7:
         4f:29:d4:05:0e:cc:f8:ad:9a:44:f8:43:8b:24:1d:3d:13:88:
         53:ef:c9:83:4b:31:d7:60:87:6f:c7:4d:af:b2:5c:7e:46:32:
         1f:0a:a0:6b:89:95:bb:6a:57:7a:94:3b:14:82:51:cc:e6:7f:
         ed:1c:44:44:99:63:a3:92:b1:c6:a2:f4:59:b9:68:b2:38:3a:
         e2:64:21:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2j5qrN6ncKFH49p8o1cpSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjYwNDE5MDQwMTM2WhcNMjYwNDIwMDQwMTM2WjAzMTEwLwYDVQQD
Eyg2NWIxYmM3N2I3MGQ5YzMwN2Y0MWFjMzQxZDIzZWNlZmJkZGE4NmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/IPnKRMMWP3wga1pQmZrV5sjSzy
1dcbJUmh32HX9VAkefvKbtd+HGPIEL+r2SdujvaH4l0i7i22T44L7gAj/EuExDmt
ceMcsiuPjIXXRqZP7pJ5AzG8H28QU6WM8bj9qrGnln8G57rAo6O8o7443uyiAuzI
9/41eck/LUFXPNEokCKHK+ym2YqANSqm9PR0YkiZF4vWKWCv8s3FKDhhBAjHD7TH
aUaJWHf7Wvl+a3e02FtaoO21a1DsJ4uPxwAMN3S4ZV35K/0/MH8E4MNaLHULtMzb
55Hz6ED7GJ7X6Mf8W/q/AykTX9iPMdAuaRYSCVqFX1JZaephZ0JOMaYJVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWxvHe3DZwwf0GsNB0j7O+92obUMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ176TPtJ
HMxIPSp8+QjSiRMNFjaGDzrgfD1MxWJkIsIart76Do1E9e56lSQZOZAKQnwoKVYK
faq9gRkfSC1pFSiYcQraaqdXQxO2kmjp8d0FDuTc0s/SYw3MjcjX2fUqxCqnstSF
fEjD27rvZSAPrsd+fnG54Z9Wix9VwNwQgpEusHJRn8DXle5AUNyc6MOM9ifRWozh
uU1DA6iAHgak1E5CzlsE+48R+erEUYXyTuaiQND3TynUBQ7M+K2aRPhDiyQdPROI
U+/Jg0sx12CHb8dNr7JcfkYyHwqga4mVu2pXepQ7FIJRzOZ/7RxERJljo5KxxqL0
Wblosjg64mQhjA==
-----END CERTIFICATE-----