Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          i5oltit3IQ/U+wsO5kCn/EmRTwM6/XaHwHPtM91kl4s=
Subject key identifier:   E5:74:20:26:9E:93:04:FF:8B:85:09:4C:1C:2E:4B:98:E1:C0:87:C2
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       019E1D90D8888B4C200269C93AD5C95D9286
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          12CB
Signing time:             Tue 12 May 2026 19:01:32 +0000
Manifest this update:     Tue 12 May 2026 19:01:32 +0000
Manifest next update:     Wed 13 May 2026 19:01:32 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: r7LPdw6ER7xKBUdpK0cG1jz4sSaYRehylnYqdo8gS0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:90:d8:88:8b:4c:20:02:69:c9:3a:d5:c9:5d:92:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: May 12 19:01:32 2026 GMT
            Not After : May 13 19:01:32 2026 GMT
        Subject: CN=e57420269e9304ff8b85094c1c2e4b98e1c087c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e4:00:a4:aa:7a:86:97:92:7c:c5:0e:2c:10:
                    0f:2b:5f:27:e8:d4:96:27:01:f2:f5:3f:78:8c:7f:
                    7e:3f:78:91:bc:6f:4b:20:9f:0f:56:be:e9:09:56:
                    88:21:4c:5e:e1:7b:b0:df:fb:72:d3:34:46:33:82:
                    c3:8c:dc:7b:a0:d3:de:d6:64:fc:19:c9:eb:ba:e5:
                    b9:44:29:03:33:49:4d:6e:19:76:62:ad:68:42:d5:
                    c9:7c:c5:01:1f:6e:10:a0:41:cd:88:49:ad:ec:cf:
                    18:02:e3:2c:5b:18:ea:94:73:8b:c6:96:77:55:a5:
                    32:4c:f9:3e:50:2c:16:e4:39:12:68:3b:ab:f9:cf:
                    f9:e2:05:35:90:14:e2:8e:fb:da:f3:af:5f:10:16:
                    d4:af:b9:75:64:14:12:0f:77:60:44:b9:55:32:83:
                    48:ff:74:51:d3:9a:d1:10:59:0a:33:f0:3d:fd:d8:
                    75:e3:d5:53:5f:5c:ec:3b:cb:74:d2:8e:f3:dd:c9:
                    3e:7e:eb:64:35:64:38:14:4d:0b:8a:2c:19:57:10:
                    2c:ba:45:f8:89:4b:10:c4:2d:b9:ba:69:fd:b2:89:
                    80:15:f9:46:3a:81:f2:e2:91:91:cc:13:1c:03:c9:
                    d7:c1:f8:d2:f8:b2:0d:1c:f2:75:28:f7:28:00:c1:
                    a4:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:74:20:26:9E:93:04:FF:8B:85:09:4C:1C:2E:4B:98:E1:C0:87:C2
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:0a:85:0a:79:07:c3:59:f2:9d:e6:bc:8c:57:5e:f4:98:2c:
         49:39:cd:69:86:b6:18:8b:9d:19:b6:45:cb:fd:4c:93:87:98:
         65:a0:97:e6:6f:31:9b:52:00:ca:e0:6b:6f:19:46:e1:52:15:
         32:42:8b:64:4d:4c:4a:0b:7f:88:b1:69:fd:70:b3:95:87:64:
         59:fb:88:7f:72:37:6c:1a:7d:60:b5:60:00:73:e0:41:fe:23:
         9f:41:ee:ce:c5:6d:14:f7:0c:0c:77:8d:ac:cb:b9:f5:8a:63:
         64:51:18:92:3f:6d:01:28:16:45:40:65:31:71:60:18:d8:f8:
         1c:40:ec:5d:6b:c6:d6:2c:18:dc:73:72:ce:ee:8a:4e:3a:66:
         e7:4e:f0:a7:76:05:70:ce:36:02:2c:45:26:d9:9a:8b:92:9d:
         bb:ed:cf:d1:b6:df:0d:d2:5f:3a:01:ef:cd:fc:a7:70:bd:ae:
         0f:77:b8:71:11:19:b2:c3:54:06:f9:c8:52:13:9d:b3:3e:9c:
         31:18:00:9a:9d:a8:44:93:db:f2:fa:99:08:ff:24:26:1b:0a:
         b7:e2:2e:5c:4c:66:a5:c9:6e:4b:3b:a9:74:d5:61:99:bb:7f:
         0a:de:f8:2c:ff:a7:9d:7c:aa:6d:dc:e0:3c:76:7f:d4:93:30:
         f0:52:53:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4dkNiIi0wgAmnJOtXJXZKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjYwNTEyMTkwMTMyWhcNMjYwNTEzMTkwMTMyWjAzMTEwLwYDVQQD
EyhlNTc0MjAyNjllOTMwNGZmOGI4NTA5NGMxYzJlNGI5OGUxYzA4N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuQApKp6hpeSfMUOLBAPK18n6NSW
JwHy9T94jH9+P3iRvG9LIJ8PVr7pCVaIIUxe4Xuw3/ty0zRGM4LDjNx7oNPe1mT8
GcnruuW5RCkDM0lNbhl2Yq1oQtXJfMUBH24QoEHNiEmt7M8YAuMsWxjqlHOLxpZ3
VaUyTPk+UCwW5DkSaDur+c/54gU1kBTijvva869fEBbUr7l1ZBQSD3dgRLlVMoNI
/3RR05rREFkKM/A9/dh149VTX1zsO8t00o7z3ck+futkNWQ4FE0LiiwZVxAsukX4
iUsQxC25umn9somAFflGOoHy4pGRzBMcA8nXwfjS+LINHPJ1KPcoAMGkBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOV0ICaekwT/i4UJTBwuS5jhwIfCMB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqgqFCnkH
w1nynea8jFde9JgsSTnNaYa2GIudGbZFy/1Mk4eYZaCX5m8xm1IAyuBrbxlG4VIV
MkKLZE1MSgt/iLFp/XCzlYdkWfuIf3I3bBp9YLVgAHPgQf4jn0HuzsVtFPcMDHeN
rMu59YpjZFEYkj9tASgWRUBlMXFgGNj4HEDsXWvG1iwY3HNyzu6KTjpm507wp3YF
cM42AixFJtmai5Kdu+3P0bbfDdJfOgHvzfyncL2uD3e4cREZssNUBvnIUhOdsz6c
MRgAmp2oRJPb8vqZCP8kJhsKt+IuXExmpcluSzupdNVhmbt/Ct74LP+nnXyqbdzg
PHZ/1JMw8FJTYA==
-----END CERTIFICATE-----