Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          uwhJlS6XIg6k0Akhpqfs7rQxY3MxFv6QpMpySWDKQp4=
Subject key identifier:   A3:3B:70:83:B2:D9:42:A9:98:80:5F:1A:8D:F1:23:0A:3F:56:C7:0C
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       019D2772BC8432EF334F0EB1934BB8D511C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          16A7
Signing time:             Thu 26 Mar 2026 00:02:03 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:03 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:03 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: ki3hyMKO+2euVkRzz8x7UiODlgK1DTASeF9v7sZPirk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:bc:84:32:ef:33:4f:0e:b1:93:4b:b8:d5:11:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Mar 26 00:02:03 2026 GMT
            Not After : Mar 27 00:02:03 2026 GMT
        Subject: CN=a33b7083b2d942a998805f1a8df1230a3f56c70c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:75:dc:45:1c:a0:c7:af:31:72:1a:60:82:c5:
                    b4:46:c7:cb:13:5e:05:82:52:bd:d9:12:55:ab:ae:
                    36:68:b1:ef:2a:14:72:f7:45:5c:75:30:b7:36:71:
                    d9:c6:8c:d6:10:bc:1f:15:cb:ba:84:e7:82:c8:31:
                    ab:a2:51:8c:09:84:58:4a:3f:1a:f0:d1:b5:2a:bf:
                    69:66:68:74:f0:a8:2f:e2:ef:63:7d:b6:fd:d1:41:
                    fd:3f:6c:5f:09:6a:c5:f0:e7:f4:11:94:bc:95:5a:
                    4f:0c:a5:60:a2:a8:17:d5:26:7f:93:55:b5:1e:7e:
                    c4:e2:64:8c:df:8b:70:fc:98:d2:d1:b5:ab:77:08:
                    5b:26:20:14:3b:43:27:58:c6:94:ea:71:34:5a:da:
                    0b:bf:dc:33:2d:35:3c:15:46:84:f1:fe:9e:fd:b6:
                    e9:60:2e:11:38:74:ef:6f:e4:9a:18:60:35:5c:6d:
                    05:01:2f:47:c2:c9:95:3f:ea:e1:cf:c7:80:6e:bf:
                    fd:e9:33:ed:58:e1:a7:a9:8a:d7:3d:df:90:54:48:
                    73:8c:9d:4e:f6:9b:c9:e4:f0:d5:f1:ea:93:f8:05:
                    c1:df:6f:7c:dc:78:86:16:71:56:ce:21:0f:12:88:
                    25:69:03:95:6a:11:cd:1c:a0:a3:cd:69:d0:aa:37:
                    54:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:3B:70:83:B2:D9:42:A9:98:80:5F:1A:8D:F1:23:0A:3F:56:C7:0C
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:2d:f6:4e:4e:f7:e4:6c:82:c6:82:7a:2b:34:48:7d:d4:81:
         69:28:5f:e1:e8:80:c0:f2:72:f3:5b:70:24:c9:6c:d4:0a:0f:
         4b:26:19:52:d2:33:9b:07:98:6b:91:af:e7:85:22:7e:c4:f3:
         a1:94:4e:a7:86:34:93:89:4c:5d:d7:9b:c9:b9:6e:b0:87:22:
         1c:5e:b7:23:99:a0:a3:d8:b8:bb:e0:60:4a:18:12:32:11:35:
         80:8e:bb:a7:8c:ff:b5:d2:3d:bb:58:96:b8:24:ed:5b:71:ff:
         45:ad:ca:20:e2:07:19:93:da:7e:ef:1b:7f:4f:75:24:54:07:
         0e:08:fe:b5:7f:37:30:c1:8b:e0:71:f4:ea:ac:29:79:78:98:
         c1:5f:78:6f:38:9a:2a:c2:44:24:ed:26:68:9f:e6:82:e9:7e:
         69:49:f5:32:6e:48:75:86:9c:6c:3b:bd:68:ee:3c:df:fb:02:
         8f:42:67:e3:49:2a:60:d4:c8:0f:c6:be:a6:fa:80:e8:ce:86:
         07:f0:46:0d:a5:14:f0:26:bc:dc:a5:72:09:aa:67:40:eb:d8:
         1d:28:30:72:da:34:e8:48:5f:89:dd:a8:52:6d:92:02:bd:42:
         8d:d5:f3:d7:5e:61:68:81:7d:c4:d5:3a:de:7a:e3:38:4f:e0:
         c3:11:0f:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncryEMu8zTw6xk0u41RHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjYwMzI2MDAwMjAzWhcNMjYwMzI3MDAwMjAzWjAzMTEwLwYDVQQD
EyhhMzNiNzA4M2IyZDk0MmE5OTg4MDVmMWE4ZGYxMjMwYTNmNTZjNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXXcRRygx68xchpggsW0RsfLE14F
glK92RJVq642aLHvKhRy90VcdTC3NnHZxozWELwfFcu6hOeCyDGrolGMCYRYSj8a
8NG1Kr9pZmh08Kgv4u9jfbb90UH9P2xfCWrF8Of0EZS8lVpPDKVgoqgX1SZ/k1W1
Hn7E4mSM34tw/JjS0bWrdwhbJiAUO0MnWMaU6nE0WtoLv9wzLTU8FUaE8f6e/bbp
YC4ROHTvb+SaGGA1XG0FAS9HwsmVP+rhz8eAbr/96TPtWOGnqYrXPd+QVEhzjJ1O
9pvJ5PDV8eqT+AXB32983HiGFnFWziEPEoglaQOVahHNHKCjzWnQqjdUJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKM7cIOy2UKpmIBfGo3xIwo/VscMMB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJi32Tk73
5GyCxoJ6KzRIfdSBaShf4eiAwPJy81twJMls1AoPSyYZUtIzmweYa5Gv54UifsTz
oZROp4Y0k4lMXdebyblusIciHF63I5mgo9i4u+BgShgSMhE1gI67p4z/tdI9u1iW
uCTtW3H/Ra3KIOIHGZPafu8bf091JFQHDgj+tX83MMGL4HH06qwpeXiYwV94bzia
KsJEJO0maJ/mgul+aUn1Mm5IdYacbDu9aO483/sCj0Jn40kqYNTID8a+pvqA6M6G
B/BGDaUU8Ca83KVyCapnQOvYHSgwcto06Ehfid2oUm2SAr1CjdXz115haIF9xNU6
3nrjOE/gwxEPCg==
-----END CERTIFICATE-----