Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          QBcbGL+ULvKydNoWJ963/ju9+Cz+DtVWHunVZu2Dr9U=
Subject key identifier:   5B:FF:59:15:4E:6A:82:72:1B:EF:14:CD:B3:FD:63:EB:49:7F:91:1A
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019D2704DC5F45DF2E08791ABD2E2FC15E31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0912
Signing time:             Wed 25 Mar 2026 22:02:03 +0000
Manifest this update:     Wed 25 Mar 2026 22:02:03 +0000
Manifest next update:     Thu 26 Mar 2026 22:02:03 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: So53OCL1YnnIT9ksOz41XZnFnQWXRgT8jubCZ7KrB9M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:02:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:dc:5f:45:df:2e:08:79:1a:bd:2e:2f:c1:5e:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Mar 25 22:02:03 2026 GMT
            Not After : Mar 26 22:02:03 2026 GMT
        Subject: CN=5bff59154e6a82721bef14cdb3fd63eb497f911a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ed:0b:f2:ca:63:88:ac:56:e6:6a:97:78:2f:
                    a6:5e:48:6d:49:e3:6b:89:8e:58:8a:e2:9e:52:4b:
                    36:8a:96:6f:5a:c8:98:f1:0b:28:49:c9:7d:35:be:
                    ee:7d:42:0e:d5:77:e0:9e:cd:08:7d:78:43:28:c1:
                    81:7d:45:65:14:28:0f:33:1d:0f:ac:7c:8f:71:54:
                    66:0c:67:e2:be:95:04:c5:a5:97:b7:57:fa:c4:4b:
                    be:7e:d0:63:d6:db:0b:95:e5:ef:c3:fd:b0:44:c0:
                    35:5c:7e:aa:66:44:a8:30:84:d8:e3:37:7c:a4:8f:
                    f1:93:03:67:5a:ec:ed:d7:5f:48:f1:8c:42:9d:be:
                    cd:22:62:5c:44:a2:52:f2:1f:69:36:a7:96:ea:95:
                    5b:85:5c:8c:d7:17:06:5b:e6:da:d7:44:bc:bf:18:
                    c4:0e:06:a3:73:90:ac:fa:f1:fe:3d:82:23:de:93:
                    6f:b0:2b:67:78:01:6d:4b:4e:08:64:00:90:b7:a4:
                    e2:67:97:35:fe:64:12:6b:79:5c:3e:33:40:d1:2f:
                    61:b6:bf:eb:4d:76:ee:02:7f:e7:22:ba:3f:a3:fa:
                    78:b2:ed:ab:7e:e2:f5:1e:1d:00:a0:4c:6f:a7:5a:
                    43:6e:c2:8d:e0:9a:7a:17:07:fb:48:74:c6:a0:d3:
                    14:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:FF:59:15:4E:6A:82:72:1B:EF:14:CD:B3:FD:63:EB:49:7F:91:1A
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:48:b5:1d:e6:85:e1:c7:59:a1:b0:4d:fc:de:51:92:b2:97:
         6b:68:78:57:84:6d:28:db:ea:36:d9:d3:07:20:ef:9d:09:5b:
         d8:b5:b6:9a:87:f7:03:a2:d9:42:bb:cd:a4:0a:9e:b1:ee:60:
         c2:e9:b5:5d:d5:3d:2c:b6:6c:81:cc:57:d0:f5:4d:16:5c:b7:
         84:94:6b:2e:dd:cf:26:39:33:3c:7d:2c:20:4c:3b:44:71:5c:
         80:d5:37:6c:65:a1:4f:bb:2f:0e:fd:c4:8a:1e:76:e1:da:56:
         40:58:d2:7d:5b:90:35:0d:19:46:a5:8a:1e:7a:23:c6:38:cc:
         a2:d2:33:dc:ee:a3:80:f5:50:f7:47:b4:70:5f:26:da:14:7e:
         2b:2c:db:54:b4:34:ed:85:5d:f8:22:e0:d1:a3:92:f6:2f:55:
         7d:65:58:ad:e5:07:b6:ae:6a:b3:17:7e:63:4e:6d:4e:21:15:
         9b:d1:4e:68:c7:8e:8e:a5:98:fd:5d:85:28:d4:a6:4b:50:ab:
         3b:e3:23:79:0b:47:3e:af:53:64:29:64:1a:15:e0:12:67:02:
         4e:e2:0d:e3:83:25:05:9e:46:4a:18:11:69:6e:46:97:61:e0:
         3f:05:a0:67:e4:8c:b4:59:81:89:0e:5a:a2:5e:d7:7e:b3:38:
         ce:38:cc:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBNxfRd8uCHkavS4vwV4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwMzI1MjIwMjAzWhcNMjYwMzI2MjIwMjAzWjAzMTEwLwYDVQQD
Eyg1YmZmNTkxNTRlNmE4MjcyMWJlZjE0Y2RiM2ZkNjNlYjQ5N2Y5MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu0L8spjiKxW5mqXeC+mXkhtSeNr
iY5YiuKeUks2ipZvWsiY8QsoScl9Nb7ufUIO1Xfgns0IfXhDKMGBfUVlFCgPMx0P
rHyPcVRmDGfivpUExaWXt1f6xEu+ftBj1tsLleXvw/2wRMA1XH6qZkSoMITY4zd8
pI/xkwNnWuzt119I8YxCnb7NImJcRKJS8h9pNqeW6pVbhVyM1xcGW+ba10S8vxjE
Dgajc5Cs+vH+PYIj3pNvsCtneAFtS04IZACQt6TiZ5c1/mQSa3lcPjNA0S9htr/r
TXbuAn/nIro/o/p4su2rfuL1Hh0AoExvp1pDbsKN4Jp6Fwf7SHTGoNMUMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFv/WRVOaoJyG+8UzbP9Y+tJf5EaMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKEi1HeaF
4cdZobBN/N5RkrKXa2h4V4RtKNvqNtnTByDvnQlb2LW2mof3A6LZQrvNpAqese5g
wum1XdU9LLZsgcxX0PVNFly3hJRrLt3PJjkzPH0sIEw7RHFcgNU3bGWhT7svDv3E
ih524dpWQFjSfVuQNQ0ZRqWKHnojxjjMotIz3O6jgPVQ90e0cF8m2hR+KyzbVLQ0
7YVd+CLg0aOS9i9VfWVYreUHtq5qsxd+Y05tTiEVm9FOaMeOjqWY/V2FKNSmS1Cr
O+MjeQtHPq9TZClkGhXgEmcCTuIN44MlBZ5GShgRaW5Gl2HgPwWgZ+SMtFmBiQ5a
ol7XfrM4zjjMNw==
-----END CERTIFICATE-----