Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          /9LQB5MDzzuOH3+fx9x86t1XT3e4WpYn4CUj0nrPqN4=
Subject key identifier:   A4:47:69:0F:F7:AE:49:D2:6A:79:AB:9C:F3:6E:94:36:7A:6D:F0:D4
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       019D2703CED37F460C4EEFCC5547159C2F31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          0919
Signing time:             Wed 25 Mar 2026 22:00:54 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:54 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:54 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: 7PJzyPCBRr9DH5F70GXMnzVZyPBDsgDXM1pN7mn6Uws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ce:d3:7f:46:0c:4e:ef:cc:55:47:15:9c:2f:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: Mar 25 22:00:54 2026 GMT
            Not After : Mar 26 22:00:54 2026 GMT
        Subject: CN=a447690ff7ae49d26a79ab9cf36e94367a6df0d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:56:52:fa:64:ff:bb:68:df:7b:d7:29:05:f2:
                    c2:59:44:26:cc:b4:ac:10:8f:04:32:39:89:5f:ec:
                    75:b5:78:63:23:17:2f:e3:28:4f:ad:4d:80:fd:f8:
                    14:76:f0:2b:54:9b:96:9b:93:52:51:6d:44:4c:73:
                    47:1c:3e:ca:59:b0:58:1a:72:38:cb:b8:ff:6b:e0:
                    b6:ab:a9:6c:1f:9d:d2:29:41:0b:ef:b3:b7:4d:33:
                    2f:fb:5b:d4:f0:29:f9:33:58:f7:cd:02:6b:78:c0:
                    f8:fb:03:75:f6:d0:e2:3f:bf:cf:dd:90:46:e9:20:
                    00:44:39:00:90:d0:dd:1d:71:35:67:38:34:76:69:
                    e7:74:fe:99:29:7d:c6:bc:0c:f5:24:79:a7:98:dd:
                    45:a0:c5:88:d0:80:f2:8d:ec:81:85:a3:e3:9b:ec:
                    4c:6d:51:f9:19:6c:e7:74:45:95:09:62:88:1f:29:
                    df:95:75:75:b6:58:32:1c:18:af:09:82:95:da:f2:
                    ce:18:c0:67:05:8b:10:d8:d2:9f:26:af:a4:8b:9d:
                    19:b7:2b:88:e3:e9:a3:61:c1:9c:30:aa:8a:41:3d:
                    16:0a:f5:21:e3:1f:76:7e:f4:18:24:ad:0d:f6:74:
                    28:a9:8a:9d:6d:61:dd:e2:73:4f:ac:9d:bf:af:bf:
                    b9:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:47:69:0F:F7:AE:49:D2:6A:79:AB:9C:F3:6E:94:36:7A:6D:F0:D4
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:ac:39:11:33:43:5f:f8:08:e2:76:2a:13:93:0a:97:a8:d3:
         ef:ca:16:0d:7f:c4:e1:f9:96:13:b7:0d:d9:25:d8:23:34:5f:
         b0:c9:15:ea:7c:4b:55:55:d7:cf:6f:45:c7:a4:2f:b3:84:2a:
         9a:f5:29:45:68:1c:7a:21:b1:38:18:8a:89:28:36:cf:ce:33:
         74:3a:21:18:d2:13:bc:70:cc:93:77:bb:b5:50:5f:84:e8:71:
         09:00:8b:46:2d:a9:3b:7f:62:1b:26:ae:17:dc:81:56:5e:97:
         82:79:50:83:84:33:25:cd:58:65:4e:88:fe:4f:e1:76:e0:c1:
         f2:10:e7:16:2c:d3:a9:69:10:4c:26:2a:35:8f:e3:d9:d6:3e:
         03:e6:04:18:3f:db:74:fc:f5:82:99:c3:39:17:9f:34:d7:e0:
         e2:fe:d3:0f:e7:6b:5b:92:49:1c:62:26:19:ed:34:30:c2:55:
         17:be:be:d8:1f:b8:4d:08:d8:c3:de:fa:a3:21:4d:e2:70:d8:
         fb:0e:8a:70:c0:de:d1:5f:09:15:68:77:62:9e:91:e3:8d:e8:
         31:cb:23:38:27:60:a3:b7:02:93:45:4e:51:e0:d6:66:09:f5:
         2a:64:73:2f:ae:c6:c5:11:c2:14:5c:12:39:4e:a1:bd:9c:0d:
         a0:53:54:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA87Tf0YMTu/MVUcVnC8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjYwMzI1MjIwMDU0WhcNMjYwMzI2MjIwMDU0WjAzMTEwLwYDVQQD
EyhhNDQ3NjkwZmY3YWU0OWQyNmE3OWFiOWNmMzZlOTQzNjdhNmRmMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlZS+mT/u2jfe9cpBfLCWUQmzLSs
EI8EMjmJX+x1tXhjIxcv4yhPrU2A/fgUdvArVJuWm5NSUW1ETHNHHD7KWbBYGnI4
y7j/a+C2q6lsH53SKUEL77O3TTMv+1vU8Cn5M1j3zQJreMD4+wN19tDiP7/P3ZBG
6SAARDkAkNDdHXE1Zzg0dmnndP6ZKX3GvAz1JHmnmN1FoMWI0IDyjeyBhaPjm+xM
bVH5GWzndEWVCWKIHynflXV1tlgyHBivCYKV2vLOGMBnBYsQ2NKfJq+ki50ZtyuI
4+mjYcGcMKqKQT0WCvUh4x92fvQYJK0N9nQoqYqdbWHd4nNPrJ2/r7+5iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRHaQ/3rknSanmrnPNulDZ6bfDUMB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqw5ETND
X/gI4nYqE5MKl6jT78oWDX/E4fmWE7cN2SXYIzRfsMkV6nxLVVXXz29Fx6Qvs4Qq
mvUpRWgceiGxOBiKiSg2z84zdDohGNITvHDMk3e7tVBfhOhxCQCLRi2pO39iGyau
F9yBVl6XgnlQg4QzJc1YZU6I/k/hduDB8hDnFizTqWkQTCYqNY/j2dY+A+YEGD/b
dPz1gpnDORefNNfg4v7TD+drW5JJHGImGe00MMJVF76+2B+4TQjYw976oyFN4nDY
+w6KcMDe0V8JFWh3Yp6R443oMcsjOCdgo7cCk0VOUeDWZgn1KmRzL67GxRHCFFwS
OU6hvZwNoFNUBg==
-----END CERTIFICATE-----