Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          1Zb+QWebthsOW2E0Rsn6QV2k64+FuRTaFlFVwPnvK1s=
Subject key identifier:   4B:F9:A4:08:5E:70:D9:1B:6E:61:B5:4F:3C:FD:1C:20:59:CA:29:6E
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       019E1E353A6FF792AAF5AFBE63F6C9682487
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          0999
Signing time:             Tue 12 May 2026 22:01:05 +0000
Manifest this update:     Tue 12 May 2026 22:01:05 +0000
Manifest next update:     Wed 13 May 2026 22:01:05 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: qswJ3iBSREfcWPRjog848GOK4g+pqHHEzT9octlqWHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:35:3a:6f:f7:92:aa:f5:af:be:63:f6:c9:68:24:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: May 12 22:01:05 2026 GMT
            Not After : May 13 22:01:05 2026 GMT
        Subject: CN=4bf9a4085e70d91b6e61b54f3cfd1c2059ca296e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e2:a4:ec:fe:30:fd:b9:98:3a:4f:91:96:f9:
                    2f:03:15:45:32:8b:4f:0e:01:ec:33:bc:fd:43:e3:
                    b7:39:f4:be:75:67:ee:f3:0f:bb:6b:fc:64:22:58:
                    f8:e8:b6:7b:c3:3a:26:8b:b0:15:c5:a0:0a:ee:61:
                    dd:24:ab:dd:58:81:d6:70:07:d3:96:46:23:40:89:
                    af:00:2a:92:ed:9a:d2:01:6b:dc:90:3d:4c:d1:97:
                    37:42:53:66:1d:61:1a:50:aa:2f:55:c8:b5:0a:1f:
                    9c:e8:5d:41:e7:2f:80:4d:85:ae:0b:1f:27:7d:ba:
                    db:66:c7:64:81:09:14:57:c1:1a:0f:13:a6:59:0d:
                    9f:2b:ab:e5:60:6b:0d:7d:b1:0b:f1:d7:9b:32:05:
                    a3:e6:07:99:4e:98:fd:6d:5d:9b:0d:9a:51:de:03:
                    4a:c8:1f:1e:5a:47:2f:af:61:51:8a:e8:5d:ec:76:
                    ea:54:37:ee:c2:31:f0:41:95:30:f1:50:c9:46:31:
                    ee:76:e5:92:ec:57:76:d4:12:d6:51:9b:10:d5:6f:
                    4b:25:a8:e8:8b:48:1a:77:21:1e:11:cc:f4:ff:40:
                    51:15:47:90:c3:52:97:95:fc:63:ce:2d:ef:dc:68:
                    43:77:15:95:96:82:1f:05:91:04:a6:a5:20:aa:cd:
                    ea:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:F9:A4:08:5E:70:D9:1B:6E:61:B5:4F:3C:FD:1C:20:59:CA:29:6E
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:41:86:91:38:2d:ea:e1:fe:ed:47:22:18:02:f2:40:50:cd:
         83:29:c0:f5:33:6f:1c:30:84:07:d2:8e:45:9f:8d:10:24:5e:
         f7:2a:4a:fc:ba:ed:20:10:51:b1:b3:95:1c:39:f4:f4:8e:4d:
         c5:6d:a1:8e:2d:62:31:2a:1b:ad:21:3a:cf:00:1b:e2:2e:a4:
         1e:4d:5e:aa:24:e3:e6:53:e6:40:18:a8:2d:92:bb:d4:73:0d:
         e6:ef:25:28:5f:7d:66:64:05:43:10:66:66:39:07:58:f2:73:
         6f:d2:27:9c:fb:fb:a9:40:5c:ed:cb:f3:5d:46:a2:17:7c:76:
         ec:e2:d6:d2:39:e6:4b:a9:3a:43:e0:a7:06:07:40:e0:57:29:
         bd:f1:9d:79:4d:91:e1:37:22:cf:f3:b4:8e:8e:2f:52:46:47:
         ef:18:f2:1c:e5:a9:fc:0a:cd:4a:08:05:cd:36:e6:e8:4a:fe:
         35:59:36:12:04:eb:ee:67:7b:fe:a8:7e:ae:9a:aa:65:b1:f6:
         45:76:f2:96:d7:ce:24:4f:43:c4:b0:28:bf:ba:d7:df:3f:0e:
         61:c7:b7:83:d0:78:dd:d1:15:f9:70:04:1a:00:cb:dc:25:22:
         69:89:88:fb:bc:b2:50:c1:97:d2:6b:3b:a3:23:ea:a2:51:e5:
         b9:69:d0:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNTpv95Kq9a++Y/bJaCSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjYwNTEyMjIwMTA1WhcNMjYwNTEzMjIwMTA1WjAzMTEwLwYDVQQD
Eyg0YmY5YTQwODVlNzBkOTFiNmU2MWI1NGYzY2ZkMWMyMDU5Y2EyOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveKk7P4w/bmYOk+RlvkvAxVFMotP
DgHsM7z9Q+O3OfS+dWfu8w+7a/xkIlj46LZ7wzomi7AVxaAK7mHdJKvdWIHWcAfT
lkYjQImvACqS7ZrSAWvckD1M0Zc3QlNmHWEaUKovVci1Ch+c6F1B5y+ATYWuCx8n
fbrbZsdkgQkUV8EaDxOmWQ2fK6vlYGsNfbEL8debMgWj5geZTpj9bV2bDZpR3gNK
yB8eWkcvr2FRiuhd7HbqVDfuwjHwQZUw8VDJRjHuduWS7Fd21BLWUZsQ1W9LJajo
i0gadyEeEcz0/0BRFUeQw1KXlfxjzi3v3GhDdxWVloIfBZEEpqUgqs3q5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEv5pAhecNkbbmG1Tzz9HCBZyiluMB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0GGkTgt
6uH+7UciGALyQFDNgynA9TNvHDCEB9KORZ+NECRe9ypK/LrtIBBRsbOVHDn09I5N
xW2hji1iMSobrSE6zwAb4i6kHk1eqiTj5lPmQBioLZK71HMN5u8lKF99ZmQFQxBm
ZjkHWPJzb9InnPv7qUBc7cvzXUaiF3x27OLW0jnmS6k6Q+CnBgdA4FcpvfGdeU2R
4Tciz/O0jo4vUkZH7xjyHOWp/ArNSggFzTbm6Er+NVk2EgTr7md7/qh+rpqqZbH2
RXbyltfOJE9DxLAov7rX3z8OYce3g9B43dEV+XAEGgDL3CUiaYmI+7yyUMGX0ms7
oyPqolHluWnQow==
-----END CERTIFICATE-----