Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
File:                     UDCmlphoVt51uCLWrpX-ATE4IK8.mft (raw, json)
Hash identifier:          /R779hNUVpjDAntKNprIr5/wMixAQyW//TKTskPcAzI=
Subject key identifier:   4B:9C:26:47:55:47:FE:33:27:3A:F9:B4:56:E2:41:43:11:0F:B5:27
Authority key identifier: 50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF
Certificate issuer:       /CN=5030a696986856de75b822d6ae95fe01313820af
Certificate serial:       019CAAC6DC7E4854D2EB04C65DFC08A3FCE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
Manifest number:          123E
Signing time:             Sun 01 Mar 2026 19:01:25 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:25 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:25 +0000
Files and hashes:         1: UDCmlphoVt51uCLWrpX-ATE4IK8.crl (hash: bxK+rJvvFOZn1YY+J/tDBnK+0SjXq82sV2rhwUfuL5s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:dc:7e:48:54:d2:eb:04:c6:5d:fc:08:a3:fc:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5030a696986856de75b822d6ae95fe01313820af
        Validity
            Not Before: Mar  1 19:01:25 2026 GMT
            Not After : Mar  2 19:01:25 2026 GMT
        Subject: CN=4b9c26475547fe33273af9b456e24143110fb527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:74:e4:10:05:9a:70:21:41:a8:61:60:f2:b7:
                    8b:d0:df:07:e7:08:65:72:2d:8c:06:8a:71:32:bf:
                    c9:2f:7a:78:6b:4f:c9:e3:2e:5e:96:c3:eb:a1:aa:
                    f2:ed:6b:61:39:38:18:c7:ea:08:24:88:f6:bd:e7:
                    d9:a2:f8:c5:44:0d:81:25:1f:06:5f:74:21:40:19:
                    93:a5:84:72:0a:32:14:af:59:df:a8:25:df:e4:1d:
                    29:d4:41:1b:71:21:9f:4b:e3:23:ad:51:ab:9f:17:
                    b6:de:ca:1b:74:22:e0:10:83:f7:94:bf:f3:9e:5c:
                    ba:61:17:11:9a:9e:43:8b:79:de:df:f5:fd:70:7f:
                    38:a7:59:33:b9:53:63:76:68:08:aa:14:32:b2:60:
                    8a:8f:c0:58:38:be:eb:ac:40:33:98:7b:5b:13:63:
                    10:17:65:30:08:52:55:8d:3f:69:a9:0c:13:5c:f6:
                    80:bf:21:c5:10:3e:0f:51:2a:c3:e3:36:1f:85:c2:
                    e3:5f:7e:0b:eb:5e:f4:3e:48:a3:b2:a8:20:dc:c0:
                    b7:47:33:85:fe:b6:6e:be:aa:fe:99:c0:73:74:38:
                    ab:3d:ce:79:b8:2a:1f:7b:b0:f6:66:32:c4:05:40:
                    ee:d7:6b:fd:7f:10:d1:76:49:83:8e:7d:f0:c6:18:
                    70:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:9C:26:47:55:47:FE:33:27:3A:F9:B4:56:E2:41:43:11:0F:B5:27
            X509v3 Authority Key Identifier:
                keyid:50:30:A6:96:98:68:56:DE:75:B8:22:D6:AE:95:FE:01:31:38:20:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UDCmlphoVt51uCLWrpX-ATE4IK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a31884-2952-4647-815e-e52525db12db/1/UDCmlphoVt51uCLWrpX-ATE4IK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:2d:38:f0:f6:85:5c:7b:73:4d:8f:68:e5:87:77:a3:7a:62:
         b0:15:3b:b5:80:85:f1:46:0e:cc:38:8f:69:f3:69:73:64:8c:
         ec:bd:28:93:ab:26:fb:2a:3a:fe:69:56:c1:a1:35:70:ed:3a:
         46:20:00:b8:23:3d:95:80:26:d0:08:85:63:10:d8:86:d4:e7:
         df:83:59:86:16:70:61:01:77:7e:9e:07:69:70:98:cb:a3:6e:
         25:69:ef:ea:bc:93:90:79:32:5e:34:26:7c:86:fd:ac:9b:57:
         94:21:34:4b:51:d3:7f:79:87:a4:b2:fd:76:45:75:be:1a:a8:
         11:5b:d1:9a:85:99:33:b6:ea:5c:c6:eb:0f:b1:ad:91:cb:10:
         80:71:9e:b3:20:c5:1a:da:5a:18:c8:77:30:e8:6b:ee:1e:a9:
         d0:96:3d:32:3f:a4:21:c3:ad:98:0b:a7:b1:11:6b:81:62:ea:
         37:8f:d8:7a:f2:8c:40:b6:fe:e1:fa:38:1f:1e:3e:e4:6a:83:
         fa:61:19:fe:5d:08:7c:55:6e:b8:ea:6a:f0:07:b4:d9:9e:e7:
         f6:ca:38:c1:bf:f1:1d:10:81:01:63:0c:01:b0:30:23:ce:02:
         d5:77:33:b2:c4:89:c9:0c:b0:b5:a2:9d:85:1c:c2:52:09:c0:
         6a:e1:66:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxtx+SFTS6wTGXfwIo/zjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMzBhNjk2OTg2ODU2ZGU3NWI4MjJkNmFlOTVmZTAxMzEz
ODIwYWYwHhcNMjYwMzAxMTkwMTI1WhcNMjYwMzAyMTkwMTI1WjAzMTEwLwYDVQQD
Eyg0YjljMjY0NzU1NDdmZTMzMjczYWY5YjQ1NmUyNDE0MzExMGZiNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nTkEAWacCFBqGFg8reL0N8H5whl
ci2MBopxMr/JL3p4a0/J4y5elsProary7WthOTgYx+oIJIj2vefZovjFRA2BJR8G
X3QhQBmTpYRyCjIUr1nfqCXf5B0p1EEbcSGfS+MjrVGrnxe23sobdCLgEIP3lL/z
nly6YRcRmp5Di3ne3/X9cH84p1kzuVNjdmgIqhQysmCKj8BYOL7rrEAzmHtbE2MQ
F2UwCFJVjT9pqQwTXPaAvyHFED4PUSrD4zYfhcLjX34L6170Pkijsqgg3MC3RzOF
/rZuvqr+mcBzdDirPc55uCofe7D2ZjLEBUDu12v9fxDRdkmDjn3wxhhwKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEucJkdVR/4zJzr5tFbiQUMRD7UnMB8GA1UdIwQY
MBaAFFAwppaYaFbedbgi1q6V/gExOCCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUt
ZTUyNTI1ZGIxMmRiLzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMzE4ODQtMjk1Mi00NjQ3LTgxNWUtZTUyNTI1ZGIxMmRi
LzEvVURDbWxwaG9WdDUxdUNMV3JwWC1BVEU0SUs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAri048PaF
XHtzTY9o5Yd3o3pisBU7tYCF8UYOzDiPafNpc2SM7L0ok6sm+yo6/mlWwaE1cO06
RiAAuCM9lYAm0AiFYxDYhtTn34NZhhZwYQF3fp4HaXCYy6NuJWnv6ryTkHkyXjQm
fIb9rJtXlCE0S1HTf3mHpLL9dkV1vhqoEVvRmoWZM7bqXMbrD7GtkcsQgHGesyDF
GtpaGMh3MOhr7h6p0JY9Mj+kIcOtmAunsRFrgWLqN4/YevKMQLb+4fo4Hx4+5GqD
+mEZ/l0IfFVuuOpq8Ae02Z7n9so4wb/xHRCBAWMMAbAwI84C1XczssSJyQywtaKd
hRzCUgnAauFmFw==
-----END CERTIFICATE-----