Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
File:                     UJFp9pOVg8wdvmUtulwMglBAoBI.mft (raw, json)
Hash identifier:          m1QMPaR84mOSvMEsPrx7mY3/O/3cfD+VtgWE4Ydbh34=
Subject key identifier:   3B:7D:04:3A:68:71:18:D1:A6:7E:70:B6:79:D2:2B:73:A9:68:6D:76
Authority key identifier: 50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12
Certificate issuer:       /CN=509169f6939583cc1dbe652dba5c0c825040a012
Certificate serial:       019CAB348E1E37206E4786688C6A4D0B3704
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
Manifest number:          04EA
Signing time:             Sun 01 Mar 2026 21:01:13 +0000
Manifest this update:     Sun 01 Mar 2026 21:01:13 +0000
Manifest next update:     Mon 02 Mar 2026 21:01:13 +0000
Files and hashes:         1: UJFp9pOVg8wdvmUtulwMglBAoBI.crl (hash: 3D9sv+MKW9/WIzEd4CfjdEvdvWv1PHdua3q8W3d+Yec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 21:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:8e:1e:37:20:6e:47:86:68:8c:6a:4d:0b:37:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=509169f6939583cc1dbe652dba5c0c825040a012
        Validity
            Not Before: Mar  1 21:01:13 2026 GMT
            Not After : Mar  2 21:01:13 2026 GMT
        Subject: CN=3b7d043a687118d1a67e70b679d22b73a9686d76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a7:e4:1c:8c:a3:b1:5a:c7:2b:1d:a5:a4:28:
                    68:54:0f:c5:48:e9:e7:d0:d9:4e:12:0b:41:dc:32:
                    64:50:e7:dc:a3:2a:7f:5b:e3:61:ec:cb:fe:6c:cc:
                    29:6b:d2:3c:aa:55:57:7c:cb:52:71:51:79:ca:64:
                    cf:f3:c9:a5:42:ea:5e:5d:a5:2b:c3:51:5e:20:39:
                    b7:0f:90:1b:9d:8c:ab:11:62:86:75:6e:80:47:10:
                    2e:80:59:4b:8e:b7:42:a0:eb:07:d4:12:85:c1:23:
                    55:db:98:c5:03:94:a1:65:8a:31:8d:20:04:db:e5:
                    f8:6f:bd:bf:80:07:51:b0:90:f9:c0:a5:88:b8:63:
                    db:1a:9b:8e:e8:49:28:e2:f6:a8:70:c6:73:61:d3:
                    03:00:8f:4f:35:53:3c:b5:0a:4d:5a:41:23:31:19:
                    5b:c7:92:4f:99:65:0b:79:62:43:3c:bf:ee:12:17:
                    cc:55:79:51:f3:ac:94:6c:5b:b2:46:14:d4:11:a7:
                    66:57:5b:bc:9d:03:96:b2:cf:2f:c4:6c:8f:b0:df:
                    83:5e:15:2d:e1:4b:9d:fc:77:c9:c6:06:9d:84:ae:
                    20:ff:9b:52:79:9f:b6:9f:dd:91:a6:58:ce:be:cc:
                    bf:c5:60:b2:0a:3c:d0:95:0e:39:70:1f:1b:b5:06:
                    10:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:7D:04:3A:68:71:18:D1:A6:7E:70:B6:79:D2:2B:73:A9:68:6D:76
            X509v3 Authority Key Identifier:
                keyid:50:91:69:F6:93:95:83:CC:1D:BE:65:2D:BA:5C:0C:82:50:40:A0:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJFp9pOVg8wdvmUtulwMglBAoBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/aca6e7-20d8-4f2d-adad-754413b98db2/1/UJFp9pOVg8wdvmUtulwMglBAoBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:92:41:ff:a0:79:69:08:16:bf:a1:be:d4:f5:8f:44:9c:2f:
         c5:a9:3b:d8:cf:97:43:21:68:a8:a2:2e:6b:f0:20:14:77:ed:
         3c:fe:ea:c9:b1:01:d3:ea:61:6c:8c:97:50:23:41:3e:84:91:
         25:a1:3b:ea:2f:a9:44:60:de:90:64:d6:79:52:77:1b:38:eb:
         5b:68:f3:03:7d:67:48:5d:99:89:10:da:4d:09:af:e6:da:2c:
         8a:e2:06:c0:2d:85:40:d0:40:af:e1:02:85:58:df:b0:eb:9b:
         3d:ec:cc:a4:60:95:5f:bf:1f:0d:25:4c:0a:7f:7f:55:eb:bf:
         2a:f6:5e:53:a6:47:9a:6d:75:b8:58:44:a1:55:55:05:bc:c1:
         c6:45:73:88:5f:0c:1c:6c:d3:fa:a6:3d:3e:f8:cc:89:81:e7:
         cf:7f:41:2d:38:70:b1:b7:88:10:44:cb:b3:8b:e9:4c:8b:23:
         1e:1e:a4:91:28:b0:ce:19:2d:33:e7:67:16:a5:76:9e:25:98:
         ad:81:8e:58:e6:91:a2:ae:4f:64:3e:c4:02:f5:d5:9b:6d:90:
         3e:e8:08:66:40:07:51:a0:f2:64:1b:d0:7a:00:3b:ee:54:67:
         93:86:f2:e5:22:a1:29:9f:6b:53:1d:81:89:0f:da:50:1f:bf:
         ec:1d:b3:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNI4eNyBuR4ZojGpNCzcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTE2OWY2OTM5NTgzY2MxZGJlNjUyZGJhNWMwYzgyNTA0
MGEwMTIwHhcNMjYwMzAxMjEwMTEzWhcNMjYwMzAyMjEwMTEzWjAzMTEwLwYDVQQD
EygzYjdkMDQzYTY4NzExOGQxYTY3ZTcwYjY3OWQyMmI3M2E5Njg2ZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6fkHIyjsVrHKx2lpChoVA/FSOnn
0NlOEgtB3DJkUOfcoyp/W+Nh7Mv+bMwpa9I8qlVXfMtScVF5ymTP88mlQupeXaUr
w1FeIDm3D5AbnYyrEWKGdW6ARxAugFlLjrdCoOsH1BKFwSNV25jFA5ShZYoxjSAE
2+X4b72/gAdRsJD5wKWIuGPbGpuO6Eko4vaocMZzYdMDAI9PNVM8tQpNWkEjMRlb
x5JPmWULeWJDPL/uEhfMVXlR86yUbFuyRhTUEadmV1u8nQOWss8vxGyPsN+DXhUt
4Uud/HfJxgadhK4g/5tSeZ+2n92RpljOvsy/xWCyCjzQlQ45cB8btQYQtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDt9BDpocRjRpn5wtnnSK3OpaG12MB8GA1UdIwQY
MBaAFFCRafaTlYPMHb5lLbpcDIJQQKASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQt
NzU0NDEzYjk4ZGIyLzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hY2E2ZTctMjBkOC00ZjJkLWFkYWQtNzU0NDEzYjk4ZGIy
LzEvVUpGcDlwT1ZnOHdkdm1VdHVsd01nbEJBb0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeJJB/6B5
aQgWv6G+1PWPRJwvxak72M+XQyFoqKIua/AgFHftPP7qybEB0+phbIyXUCNBPoSR
JaE76i+pRGDekGTWeVJ3GzjrW2jzA31nSF2ZiRDaTQmv5tosiuIGwC2FQNBAr+EC
hVjfsOubPezMpGCVX78fDSVMCn9/Veu/KvZeU6ZHmm11uFhEoVVVBbzBxkVziF8M
HGzT+qY9PvjMiYHnz39BLThwsbeIEETLs4vpTIsjHh6kkSiwzhktM+dnFqV2niWY
rYGOWOaRoq5PZD7EAvXVm22QPugIZkAHUaDyZBvQegA77lRnk4by5SKhKZ9rUx2B
iQ/aUB+/7B2zzA==
-----END CERTIFICATE-----