Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
File:                     UGG999pVZ22XGIK-7pAhvF-zFy0.mft (raw, json)
Hash identifier:          B27kPBadXoPMGYm+/ywlHY8b8WNwKe+h9g63Lhoo6Lo=
Subject key identifier:   31:64:AA:C5:44:43:3B:44:39:9E:1C:53:9B:FA:4F:BB:C9:C0:92:DB
Authority key identifier: 50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D
Certificate issuer:       /CN=5061bdf7da55676d971882beee9021bc5fb3172d
Certificate serial:       019D9BBE5358C32759348BBD253CA0F03A2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
Manifest number:          0B79
Signing time:             Fri 17 Apr 2026 14:00:34 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:34 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:34 +0000
Files and hashes:         1: UGG999pVZ22XGIK-7pAhvF-zFy0.crl (hash: x0Z+NLFVYuPLJ8vJyR3fC5BtZVw0JelOjVpm9C5bpzw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:53:58:c3:27:59:34:8b:bd:25:3c:a0:f0:3a:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5061bdf7da55676d971882beee9021bc5fb3172d
        Validity
            Not Before: Apr 17 14:00:34 2026 GMT
            Not After : Apr 18 14:00:34 2026 GMT
        Subject: CN=3164aac544433b44399e1c539bfa4fbbc9c092db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:e6:a4:d8:26:da:6d:1c:c9:ea:a7:d2:01:9a:
                    fa:87:b4:3b:2a:92:22:8f:8c:13:7f:8b:e2:62:00:
                    e9:95:1f:78:4a:08:67:17:2b:2c:6c:da:79:de:ff:
                    63:7e:22:4f:ad:e0:0f:16:4c:ad:de:58:8b:3c:fd:
                    ab:35:99:3c:c6:d8:27:4f:b1:28:84:b1:7d:3b:16:
                    8b:b8:88:88:52:14:6c:17:d9:1d:58:6a:5e:b6:39:
                    be:13:55:e3:ec:37:e1:8e:d3:88:80:28:d1:2d:e8:
                    eb:df:c0:50:56:5f:2d:6f:7d:7e:b0:af:51:17:a9:
                    27:69:58:0e:d4:aa:22:dc:a5:c3:4d:88:ec:9d:08:
                    73:cb:65:d0:ca:61:5a:27:2c:90:3a:5e:71:63:2b:
                    f1:2a:d9:ef:cc:8f:ce:ae:78:64:d6:38:97:7f:42:
                    27:7a:87:57:e4:23:e3:6f:71:1e:c6:87:54:a7:92:
                    aa:1a:e7:92:79:9a:fb:44:d3:de:10:16:fd:17:a2:
                    72:fd:6b:50:d2:41:05:b9:12:90:49:9f:75:94:44:
                    f4:1f:f6:2c:22:6c:75:87:0b:8f:ca:b0:59:5b:b5:
                    78:da:dc:7f:9c:06:bd:a5:0c:5a:f5:fb:c6:00:0d:
                    3c:05:69:77:20:ea:98:cf:ed:c8:69:37:f1:23:43:
                    b2:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:64:AA:C5:44:43:3B:44:39:9E:1C:53:9B:FA:4F:BB:C9:C0:92:DB
            X509v3 Authority Key Identifier:
                keyid:50:61:BD:F7:DA:55:67:6D:97:18:82:BE:EE:90:21:BC:5F:B3:17:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UGG999pVZ22XGIK-7pAhvF-zFy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/6278c4-64df-4f8f-ad34-68384ffd6e6f/1/UGG999pVZ22XGIK-7pAhvF-zFy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:06:17:4f:dd:11:c8:4d:3c:11:ac:50:65:34:65:05:4f:cf:
         be:48:2c:f3:8b:59:50:af:bf:6d:16:98:6e:27:e5:94:8d:e9:
         53:c7:b8:0f:a8:32:50:87:76:d5:b2:5e:6a:cd:2b:67:f3:a7:
         5b:4b:2c:0b:90:96:0e:12:b8:10:b8:ca:35:fa:7e:ad:d3:ad:
         9c:e5:00:f8:4b:21:84:ee:0e:7e:3f:8d:cd:36:b3:23:74:9b:
         21:4d:c2:40:58:e5:41:47:9e:fc:a7:47:42:f5:fc:ee:20:1b:
         fb:f2:12:d8:de:cb:16:5a:87:1c:d0:d2:8c:d6:d3:91:95:c5:
         9a:5a:01:1a:3c:cc:02:ef:8a:c2:70:48:55:52:d9:66:4a:6c:
         0f:82:c6:e8:5e:4a:1c:b0:8f:34:d9:09:44:3a:81:d5:5f:80:
         3d:33:4c:72:0d:7d:fe:08:1c:c8:ca:42:1c:b8:ff:75:ce:4d:
         6a:6b:27:09:60:4b:92:cf:41:ba:b4:ef:f5:d1:fb:f6:07:47:
         7a:f4:3b:1d:8b:38:1f:73:31:28:dd:a8:63:2e:4c:ce:23:b3:
         84:f5:ae:44:37:d3:e8:ca:b6:0d:6b:f5:46:ba:b0:69:fc:07:
         88:c5:59:27:88:a0:90:cf:18:57:4b:19:53:58:31:69:c3:6c:
         54:4d:d7:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvlNYwydZNIu9JTyg8DorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNjFiZGY3ZGE1NTY3NmQ5NzE4ODJiZWVlOTAyMWJjNWZi
MzE3MmQwHhcNMjYwNDE3MTQwMDM0WhcNMjYwNDE4MTQwMDM0WjAzMTEwLwYDVQQD
EygzMTY0YWFjNTQ0NDMzYjQ0Mzk5ZTFjNTM5YmZhNGZiYmM5YzA5MmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouak2CbabRzJ6qfSAZr6h7Q7KpIi
j4wTf4viYgDplR94SghnFyssbNp53v9jfiJPreAPFkyt3liLPP2rNZk8xtgnT7Eo
hLF9OxaLuIiIUhRsF9kdWGpetjm+E1Xj7DfhjtOIgCjRLejr38BQVl8tb31+sK9R
F6knaVgO1Koi3KXDTYjsnQhzy2XQymFaJyyQOl5xYyvxKtnvzI/Ornhk1jiXf0In
eodX5CPjb3EexodUp5KqGueSeZr7RNPeEBb9F6Jy/WtQ0kEFuRKQSZ91lET0H/Ys
Imx1hwuPyrBZW7V42tx/nAa9pQxa9fvGAA08BWl3IOqYz+3IaTfxI0OylQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFkqsVEQztEOZ4cU5v6T7vJwJLbMB8GA1UdIwQY
MBaAFFBhvffaVWdtlxiCvu6QIbxfsxctMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQt
NjgzODRmZmQ2ZTZmLzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82Mjc4YzQtNjRkZi00ZjhmLWFkMzQtNjgzODRmZmQ2ZTZm
LzEvVUdHOTk5cFZaMjJYR0lLLTdwQWh2Ri16RnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEgYXT90R
yE08EaxQZTRlBU/Pvkgs84tZUK+/bRaYbifllI3pU8e4D6gyUId21bJeas0rZ/On
W0ssC5CWDhK4ELjKNfp+rdOtnOUA+EshhO4Ofj+NzTazI3SbIU3CQFjlQUee/KdH
QvX87iAb+/IS2N7LFlqHHNDSjNbTkZXFmloBGjzMAu+KwnBIVVLZZkpsD4LG6F5K
HLCPNNkJRDqB1V+APTNMcg19/ggcyMpCHLj/dc5NamsnCWBLks9BurTv9dH79gdH
evQ7HYs4H3MxKN2oYy5MziOzhPWuRDfT6Mq2DWv1RrqwafwHiMVZJ4igkM8YV0sZ
U1gxacNsVE3XPg==
-----END CERTIFICATE-----