Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
File:                     DAHrsNsEzE1pGCs47A30sIkiJ40.mft (raw, json)
Hash identifier:          NTV/9+VEsp9wArEGmh5w8upf+6o7KdCgzpouPMAwvO0=
Subject key identifier:   66:D3:E8:56:3F:E6:31:E1:AA:1A:B1:EC:14:B0:D4:31:BB:0F:7B:52
Authority key identifier: 0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D
Certificate issuer:       /CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
Certificate serial:       019D27046D708081FF95803425C81DF9B3F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
Manifest number:          1881
Signing time:             Wed 25 Mar 2026 22:01:34 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:34 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:34 +0000
Files and hashes:         1: DAHrsNsEzE1pGCs47A30sIkiJ40.crl (hash: KZ4p6cc2pqpFqrTQ3RL/ij91UD0D64BWdlZTMlU8mMo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:6d:70:80:81:ff:95:80:34:25:c8:1d:f9:b3:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
        Validity
            Not Before: Mar 25 22:01:34 2026 GMT
            Not After : Mar 26 22:01:34 2026 GMT
        Subject: CN=66d3e8563fe631e1aa1ab1ec14b0d431bb0f7b52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:bc:61:d5:08:79:6f:9c:40:d0:bd:c1:7f:83:
                    d4:8e:62:da:6e:84:f3:c8:67:7c:8c:ee:41:6d:9c:
                    b1:52:6b:9f:8b:16:02:3a:6d:f9:99:f6:57:29:e6:
                    81:1b:4a:70:5e:c1:51:c1:39:a0:3c:de:f6:85:de:
                    a9:1c:d6:85:2e:8b:f3:05:38:a9:14:4f:e2:e4:87:
                    e6:1b:af:3e:a5:e1:38:0a:78:ec:9f:b5:d4:b4:5d:
                    c0:d0:db:4c:a0:ad:07:fd:85:d9:e9:76:17:eb:2c:
                    d0:6d:2c:cf:49:93:60:d9:14:8d:5d:3e:77:0d:18:
                    a6:2e:ad:f3:c5:b0:4b:c1:de:da:54:3b:7d:3d:81:
                    ca:66:73:11:c9:da:66:61:f5:33:d2:45:66:53:02:
                    da:87:9e:9a:10:10:82:13:e6:75:55:ff:ea:16:97:
                    9d:5d:62:44:d7:45:68:33:94:b1:48:3f:80:37:12:
                    8a:2f:cb:10:56:ba:c9:12:db:68:82:75:c9:65:a8:
                    8c:33:ba:4c:f4:4d:db:62:30:3c:51:bd:04:ac:5e:
                    1b:0a:3b:82:6a:36:30:e2:40:f8:db:0c:41:0e:39:
                    c8:b0:89:0c:00:03:46:09:83:55:74:10:8f:82:74:
                    26:5d:98:48:a4:c2:94:c4:97:64:43:a7:21:a2:82:
                    ed:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D3:E8:56:3F:E6:31:E1:AA:1A:B1:EC:14:B0:D4:31:BB:0F:7B:52
            X509v3 Authority Key Identifier:
                keyid:0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:d2:52:a7:c3:f3:1a:b9:b6:b4:8f:74:e1:b1:4a:3d:60:0b:
         a6:e2:cb:42:3f:85:2c:b4:56:08:f7:d1:50:0d:9b:f3:57:b5:
         4a:b0:2b:95:86:a2:a0:41:51:d1:b9:6d:69:a1:28:56:8e:25:
         3e:7e:79:b0:a8:9e:d1:dd:27:b3:d2:3a:bd:23:5a:6e:1f:f6:
         46:1e:06:77:66:50:f8:02:da:77:d4:cf:c8:07:44:78:e3:85:
         26:36:c0:1d:b9:7a:80:02:e7:29:2b:f0:f3:24:3b:a1:53:da:
         20:16:0e:b0:a5:15:81:7d:2a:be:8d:98:3c:e9:12:ab:b4:50:
         f7:e6:71:db:3d:b7:9b:1f:30:ea:5d:10:01:d5:f2:77:f8:be:
         a0:24:76:81:a9:47:39:03:4b:4b:93:38:16:21:0e:0d:ca:2c:
         a0:e0:bb:dd:e4:8a:99:ee:9e:12:36:3c:90:9e:65:bd:0a:39:
         0a:ad:e1:8d:69:f7:28:03:9c:d4:28:54:e5:e2:25:7c:70:81:
         a3:3b:f3:84:36:81:b4:bd:fe:e3:e3:f3:a1:bb:40:5b:78:eb:
         ae:af:96:19:9c:e3:42:26:1b:66:e2:da:0d:7f:09:a1:da:44:
         f7:de:26:bd:86:df:34:53:98:59:bc:bb:21:f0:d7:82:49:db:
         52:0e:7b:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBG1wgIH/lYA0Jcgd+bP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDFlYmIwZGIwNGNjNGQ2OTE4MmIzOGVjMGRmNGIwODky
MjI3OGQwHhcNMjYwMzI1MjIwMTM0WhcNMjYwMzI2MjIwMTM0WjAzMTEwLwYDVQQD
Eyg2NmQzZTg1NjNmZTYzMWUxYWExYWIxZWMxNGIwZDQzMWJiMGY3YjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLxh1Qh5b5xA0L3Bf4PUjmLaboTz
yGd8jO5BbZyxUmufixYCOm35mfZXKeaBG0pwXsFRwTmgPN72hd6pHNaFLovzBTip
FE/i5IfmG68+peE4Cnjsn7XUtF3A0NtMoK0H/YXZ6XYX6yzQbSzPSZNg2RSNXT53
DRimLq3zxbBLwd7aVDt9PYHKZnMRydpmYfUz0kVmUwLah56aEBCCE+Z1Vf/qFped
XWJE10VoM5SxSD+ANxKKL8sQVrrJEttognXJZaiMM7pM9E3bYjA8Ub0ErF4bCjuC
ajYw4kD42wxBDjnIsIkMAANGCYNVdBCPgnQmXZhIpMKUxJdkQ6chooLt2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbT6FY/5jHhqhqx7BSw1DG7D3tSMB8GA1UdIwQY
MBaAFAwB67DbBMxNaRgrOOwN9LCJIieNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2Yt
YTEwMzg3NGU3YzRmLzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2YtYTEwMzg3NGU3YzRm
LzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAadJSp8Pz
Grm2tI904bFKPWALpuLLQj+FLLRWCPfRUA2b81e1SrArlYaioEFR0bltaaEoVo4l
Pn55sKie0d0ns9I6vSNabh/2Rh4Gd2ZQ+ALad9TPyAdEeOOFJjbAHbl6gALnKSvw
8yQ7oVPaIBYOsKUVgX0qvo2YPOkSq7RQ9+Zx2z23mx8w6l0QAdXyd/i+oCR2galH
OQNLS5M4FiEODcosoOC73eSKme6eEjY8kJ5lvQo5Cq3hjWn3KAOc1ChU5eIlfHCB
ozvzhDaBtL3+4+PzobtAW3jrrq+WGZzjQiYbZuLaDX8JodpE994mvYbfNFOYWby7
IfDXgknbUg57og==
-----END CERTIFICATE-----