Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          l2LzDOX4T7mrCQ64U5AHqqVI5f5VQASOm9CWkpE2ar0=
Subject key identifier:   4D:59:2F:D9:27:9D:E5:7D:06:3C:A8:E3:85:E8:D0:A6:FC:65:01:5B
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       019D265F807A33EC259F8338E0AEB9336EF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          124B
Signing time:             Wed 25 Mar 2026 19:01:26 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:26 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:26 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: 8TiBkbBu347c8gkxOaGCiPM/jpmKUnD9P+HxDOZ+844=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:80:7a:33:ec:25:9f:83:38:e0:ae:b9:33:6e:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Mar 25 19:01:26 2026 GMT
            Not After : Mar 26 19:01:26 2026 GMT
        Subject: CN=4d592fd9279de57d063ca8e385e8d0a6fc65015b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:bd:be:5a:1c:de:d8:fc:f3:60:1e:4d:c7:fc:
                    77:47:f6:20:68:b9:50:21:43:89:e8:15:ea:a8:53:
                    8f:c0:3a:ae:a1:c3:71:59:a9:d4:bc:3c:dd:43:f2:
                    41:05:31:51:f0:15:11:85:c2:0f:9d:d7:ff:a1:ab:
                    b0:90:f2:35:6e:71:be:8a:45:8f:ca:0e:00:b6:0e:
                    d4:ea:34:f9:13:21:6a:07:dc:87:4d:cd:a1:13:6d:
                    d6:07:b2:96:f8:fb:f5:77:cd:7f:ec:31:1b:d9:91:
                    e5:ac:a1:49:d1:a0:2c:b5:e2:7b:8b:09:7a:af:cd:
                    b0:f6:73:1e:2c:42:4d:6b:54:a9:7f:17:18:3c:eb:
                    5c:08:35:55:6b:0e:9d:c6:17:57:52:3d:68:13:06:
                    48:70:1e:74:b9:70:17:fe:67:03:d5:09:2b:ee:14:
                    53:3f:af:ea:a4:f4:80:a8:7e:3c:4b:da:fb:ab:b5:
                    3a:10:44:fa:06:f8:bb:e7:e6:35:5b:34:41:41:d0:
                    4e:f5:df:11:b1:53:40:7b:ad:8d:3a:34:91:ce:43:
                    11:6b:19:2b:f6:b2:0d:f1:e0:d2:57:14:ad:fe:c1:
                    37:76:ce:b4:20:4f:48:8f:0c:1a:60:7a:a6:dd:ba:
                    b5:23:87:03:c2:aa:1a:bf:50:e5:2f:7a:6d:f8:66:
                    f6:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:59:2F:D9:27:9D:E5:7D:06:3C:A8:E3:85:E8:D0:A6:FC:65:01:5B
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:69:08:68:19:94:8f:02:69:13:d2:64:d3:b3:d2:db:a1:87:
         ae:79:76:6c:d2:06:4c:82:72:69:dd:fe:b9:7c:b4:73:71:66:
         5e:cb:a9:3e:58:50:d0:ce:a6:48:53:9e:b8:44:09:bf:56:59:
         7c:c0:94:fb:53:2d:b7:16:fd:c7:a1:0c:38:75:be:8e:5a:23:
         a0:3a:da:54:f5:54:44:24:e1:5b:b8:e8:38:18:0f:43:71:b6:
         38:2a:86:5b:47:51:4f:4a:5f:91:72:dc:6a:5a:45:01:b0:f6:
         89:53:32:4e:b3:2c:2a:0f:ee:bc:cf:2c:5c:b5:f2:87:de:af:
         65:a2:6e:72:69:47:9e:66:f6:7e:bc:00:2c:ee:d2:bb:3a:ec:
         15:4c:8c:54:be:c6:15:03:bf:ee:28:ee:29:e0:13:2e:e4:95:
         2b:f8:4d:3a:2a:78:89:5a:f9:d7:8c:09:be:88:1a:5a:bd:7b:
         ea:b5:00:15:11:c8:32:37:07:b1:47:5e:ae:45:82:43:a1:8a:
         c0:d8:84:24:2c:af:dc:27:a7:45:78:ee:44:10:bf:98:6e:4f:
         91:b0:74:f5:5d:6a:1c:e4:5d:b2:8a:09:7f:6a:21:4d:d1:4b:
         8c:cd:8f:54:12:70:7e:3c:79:36:41:f2:25:c2:8b:5a:84:81:
         73:8f:3f:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX4B6M+wln4M44K65M27xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjYwMzI1MTkwMTI2WhcNMjYwMzI2MTkwMTI2WjAzMTEwLwYDVQQD
Eyg0ZDU5MmZkOTI3OWRlNTdkMDYzY2E4ZTM4NWU4ZDBhNmZjNjUwMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL2+Whze2PzzYB5Nx/x3R/YgaLlQ
IUOJ6BXqqFOPwDquocNxWanUvDzdQ/JBBTFR8BURhcIPndf/oauwkPI1bnG+ikWP
yg4Atg7U6jT5EyFqB9yHTc2hE23WB7KW+Pv1d81/7DEb2ZHlrKFJ0aAsteJ7iwl6
r82w9nMeLEJNa1SpfxcYPOtcCDVVaw6dxhdXUj1oEwZIcB50uXAX/mcD1Qkr7hRT
P6/qpPSAqH48S9r7q7U6EET6Bvi75+Y1WzRBQdBO9d8RsVNAe62NOjSRzkMRaxkr
9rIN8eDSVxSt/sE3ds60IE9IjwwaYHqm3bq1I4cDwqoav1DlL3pt+Gb2BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1ZL9knneV9Bjyo44Xo0Kb8ZQFbMB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmkIaBmU
jwJpE9Jk07PS26GHrnl2bNIGTIJyad3+uXy0c3FmXsupPlhQ0M6mSFOeuEQJv1ZZ
fMCU+1Mttxb9x6EMOHW+jlojoDraVPVURCThW7joOBgPQ3G2OCqGW0dRT0pfkXLc
alpFAbD2iVMyTrMsKg/uvM8sXLXyh96vZaJucmlHnmb2frwALO7SuzrsFUyMVL7G
FQO/7ijuKeATLuSVK/hNOip4iVr514wJvogaWr176rUAFRHIMjcHsUderkWCQ6GK
wNiEJCyv3CenRXjuRBC/mG5PkbB09V1qHORdsooJf2ohTdFLjM2PVBJwfjx5NkHy
JcKLWoSBc48/bg==
-----END CERTIFICATE-----