Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          Obk1EG/ZCXX9MjRhEk/9SqrQlTlV+8UDDcGbMzHk3qo=
Subject key identifier:   0E:4C:13:46:14:27:6F:F0:C6:2B:15:02:AF:BD:0E:83:E5:2D:B6:BD
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       019D9AAC007477E9973F7D0A9D26408B7CAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          0566
Signing time:             Fri 17 Apr 2026 09:00:56 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:56 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:56 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: vDaLkkCtpNe96oNjowwTkplDgabCXQfipLudtd0AlKo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ac:00:74:77:e9:97:3f:7d:0a:9d:26:40:8b:7c:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Apr 17 09:00:56 2026 GMT
            Not After : Apr 18 09:00:56 2026 GMT
        Subject: CN=0e4c134614276ff0c62b1502afbd0e83e52db6bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d6:5f:7b:a3:7a:5a:02:08:f5:93:32:6d:10:
                    59:33:c1:3c:2b:e3:ed:06:bd:5f:39:a1:e1:a7:6b:
                    87:a9:40:0e:26:ab:53:ac:57:41:2b:5f:d3:21:cb:
                    84:89:ad:4b:dd:10:7e:92:33:94:33:fa:10:ea:51:
                    06:9c:b3:15:18:ef:27:74:63:bf:c3:e2:0d:69:67:
                    76:d3:6e:cc:4a:94:90:ad:21:0e:d2:b3:af:48:82:
                    c2:97:36:e1:6a:82:ed:e7:45:e6:94:22:26:43:11:
                    f3:79:61:6f:ef:44:dc:04:c9:d4:80:39:19:9f:ca:
                    7f:cc:94:7c:7f:cd:d9:4e:91:0d:37:04:99:ef:13:
                    5c:a4:08:ef:12:19:7c:56:b2:54:06:ae:32:42:bd:
                    70:90:9b:d1:f1:a5:8e:2f:c0:84:e1:0e:c6:66:0f:
                    39:f2:41:ad:64:68:cd:c8:c8:d7:f9:ea:2c:83:3a:
                    c6:75:b6:c8:d5:b6:d7:b5:40:f1:e2:e5:d4:bc:bd:
                    d5:7b:b6:49:00:ed:f8:6f:77:40:67:05:b4:40:ed:
                    8d:d0:ae:b4:21:45:aa:59:c5:c5:6e:b8:c7:7d:45:
                    f7:11:45:79:eb:dc:4b:66:c5:16:a6:d3:0c:1c:be:
                    a0:50:60:86:ac:76:2b:03:06:5e:2b:0d:26:52:85:
                    9e:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:4C:13:46:14:27:6F:F0:C6:2B:15:02:AF:BD:0E:83:E5:2D:B6:BD
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:92:62:b0:83:a6:e8:06:6e:68:e4:bd:25:45:34:2d:67:eb:
         9c:f7:eb:36:7a:c5:2c:33:79:cb:32:b6:47:70:f9:3f:42:b1:
         aa:e2:6a:9e:57:07:46:a3:72:20:9d:d4:c6:a0:70:e4:5d:4e:
         ee:6f:a0:2a:dc:4c:04:64:ca:ab:50:d2:65:5e:9d:e3:4a:9e:
         a6:91:17:51:a3:5a:f1:78:dc:58:26:b8:c9:9e:ca:78:29:17:
         6c:f2:80:30:d8:93:7e:25:42:63:2f:57:46:a2:e1:80:8b:e0:
         71:d5:aa:cc:ba:fb:35:ec:99:ff:ef:9b:b1:9f:ea:76:27:a6:
         e4:38:27:cb:e5:df:09:69:be:99:4d:cb:e6:7b:99:b4:58:3a:
         99:15:50:00:79:87:b9:67:4d:8d:12:8a:b1:27:d7:9e:93:c0:
         e9:d4:4d:66:9d:84:7d:1c:4f:fb:c3:24:8a:dd:93:25:ca:f8:
         07:a4:dc:c8:a5:c4:42:9c:e9:df:1e:ed:89:30:a3:9c:78:75:
         02:7e:73:c8:f4:b4:0e:0f:dd:8f:7d:64:dd:c7:36:51:c2:a0:
         db:ef:35:fb:e1:88:c5:9e:aa:90:5c:68:0c:f3:6c:d7:00:81:
         1b:22:de:fb:55:6c:ef:8b:1d:18:00:1d:5c:7d:5b:3b:d0:55:
         45:3c:18:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2arAB0d+mXP30KnSZAi3yuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjYwNDE3MDkwMDU2WhcNMjYwNDE4MDkwMDU2WjAzMTEwLwYDVQQD
EygwZTRjMTM0NjE0Mjc2ZmYwYzYyYjE1MDJhZmJkMGU4M2U1MmRiNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNZfe6N6WgII9ZMybRBZM8E8K+Pt
Br1fOaHhp2uHqUAOJqtTrFdBK1/TIcuEia1L3RB+kjOUM/oQ6lEGnLMVGO8ndGO/
w+INaWd2027MSpSQrSEO0rOvSILClzbhaoLt50XmlCImQxHzeWFv70TcBMnUgDkZ
n8p/zJR8f83ZTpENNwSZ7xNcpAjvEhl8VrJUBq4yQr1wkJvR8aWOL8CE4Q7GZg85
8kGtZGjNyMjX+eosgzrGdbbI1bbXtUDx4uXUvL3Ve7ZJAO34b3dAZwW0QO2N0K60
IUWqWcXFbrjHfUX3EUV569xLZsUWptMMHL6gUGCGrHYrAwZeKw0mUoWe7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5ME0YUJ2/wxisVAq+9DoPlLba9MB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhpJisIOm
6AZuaOS9JUU0LWfrnPfrNnrFLDN5yzK2R3D5P0KxquJqnlcHRqNyIJ3UxqBw5F1O
7m+gKtxMBGTKq1DSZV6d40qeppEXUaNa8XjcWCa4yZ7KeCkXbPKAMNiTfiVCYy9X
RqLhgIvgcdWqzLr7NeyZ/++bsZ/qdiem5Dgny+XfCWm+mU3L5nuZtFg6mRVQAHmH
uWdNjRKKsSfXnpPA6dRNZp2EfRxP+8Mkit2TJcr4B6TcyKXEQpzp3x7tiTCjnHh1
An5zyPS0Dg/dj31k3cc2UcKg2+81++GIxZ6qkFxoDPNs1wCBGyLe+1Vs74sdGAAd
XH1bO9BVRTwYwg==
-----END CERTIFICATE-----