Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          zYCZNLe8l+LvIpyoyzkPP3BDAffBmRbVdd2XxFULyV4=
Subject key identifier:   DD:10:EC:B8:1A:62:43:54:8B:9E:B6:7C:BD:BF:8C:AE:07:8B:85:F1
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       019D2AE010F038F432907640F25F90D0955C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          15C0
Signing time:             Thu 26 Mar 2026 16:00:20 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:20 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:20 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: o/cOdRmixs7Cs/tsX5ctX8Ee/iaxvYtGuoqK6XhFdps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:10:f0:38:f4:32:90:76:40:f2:5f:90:d0:95:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: Mar 26 16:00:20 2026 GMT
            Not After : Mar 27 16:00:20 2026 GMT
        Subject: CN=dd10ecb81a6243548b9eb67cbdbf8cae078b85f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:83:f6:1b:a9:1c:7b:86:27:68:f1:77:92:1b:
                    2a:15:fd:9c:98:d2:72:eb:f8:1b:6f:75:e5:16:26:
                    f4:14:61:b4:90:e4:b0:fe:79:ca:d9:90:99:2a:5e:
                    e8:75:a1:b0:ef:44:1a:12:4f:0f:e8:c6:f4:e6:d3:
                    e1:73:23:62:f0:7a:c7:c1:54:ec:52:3a:02:36:48:
                    ee:11:1b:59:b7:45:ad:5f:a5:27:04:9a:17:c2:46:
                    40:9e:eb:51:f0:bf:cd:a7:10:8f:dd:8d:f1:12:1b:
                    5f:a9:8c:c5:e2:ee:63:c7:61:b5:ed:96:74:dd:d5:
                    d8:55:3f:27:a1:5a:37:71:f1:3c:44:7f:4f:43:89:
                    e1:58:a9:26:cd:d1:f0:0c:01:b3:2a:70:42:3a:a9:
                    db:d2:7f:9e:f8:5a:3a:ae:3f:73:4a:20:0e:6e:65:
                    3c:82:ec:59:a4:e8:9e:6e:dc:ee:79:e9:9c:cc:30:
                    3c:86:98:d7:b2:e6:df:2e:2c:db:e7:80:24:21:9b:
                    64:cb:cd:88:df:e1:e1:f9:df:bc:fd:11:59:7e:fd:
                    7a:94:77:ef:2c:d9:12:8a:0b:63:a0:6c:73:ba:8b:
                    15:fa:e1:c5:33:79:00:f1:cd:b4:30:8a:bb:32:ce:
                    52:a3:01:5d:56:b5:38:da:85:df:c7:5e:7e:8b:59:
                    d3:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:10:EC:B8:1A:62:43:54:8B:9E:B6:7C:BD:BF:8C:AE:07:8B:85:F1
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:d3:b6:b6:d2:d8:09:90:33:87:d7:60:2a:8d:b2:09:b1:55:
         a6:28:71:ca:23:71:83:ff:9a:af:aa:c7:11:af:7d:ef:32:46:
         a7:9f:3c:b8:63:01:d0:71:8a:5b:fb:62:89:ac:60:91:e2:e2:
         5a:9a:74:2c:9a:ed:5d:6a:85:f5:42:ae:dc:cd:3e:7e:14:72:
         f2:5c:8d:50:8e:3d:08:5a:0a:04:c9:75:cb:4e:6c:d1:8a:2e:
         aa:66:44:eb:06:b4:3a:77:85:48:8c:85:ae:2b:63:e6:68:dc:
         b4:fb:8c:30:e7:21:3c:88:4e:7e:94:de:e0:f0:e2:4f:3f:85:
         90:f3:35:a7:80:08:45:4b:46:3a:6c:bb:cb:40:e0:fd:4a:0e:
         67:9b:1f:16:2f:8d:6f:a6:c9:60:09:f0:5e:13:89:fb:6d:3d:
         6f:0f:e6:81:2b:79:01:42:2a:42:e7:cd:f3:90:85:eb:ac:3f:
         58:a9:b2:52:a3:88:8d:e0:1e:c9:32:15:46:9f:6b:6d:14:4e:
         b1:63:5c:01:0b:79:9f:4c:a7:35:1d:db:ae:49:1d:b0:85:fa:
         4e:93:71:2b:0b:c3:69:67:5e:06:ae:80:c2:6b:de:83:ef:5a:
         63:01:a8:b4:18:e0:b1:51:10:e4:eb:ad:14:c0:6f:f1:bc:0d:
         e8:dd:af:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4BDwOPQykHZA8l+Q0JVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjYwMzI2MTYwMDIwWhcNMjYwMzI3MTYwMDIwWjAzMTEwLwYDVQQD
EyhkZDEwZWNiODFhNjI0MzU0OGI5ZWI2N2NiZGJmOGNhZTA3OGI4NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4P2G6kce4YnaPF3khsqFf2cmNJy
6/gbb3XlFib0FGG0kOSw/nnK2ZCZKl7odaGw70QaEk8P6Mb05tPhcyNi8HrHwVTs
UjoCNkjuERtZt0WtX6UnBJoXwkZAnutR8L/NpxCP3Y3xEhtfqYzF4u5jx2G17ZZ0
3dXYVT8noVo3cfE8RH9PQ4nhWKkmzdHwDAGzKnBCOqnb0n+e+Fo6rj9zSiAObmU8
guxZpOiebtzueemczDA8hpjXsubfLizb54AkIZtky82I3+Hh+d+8/RFZfv16lHfv
LNkSigtjoGxzuosV+uHFM3kA8c20MIq7Ms5SowFdVrU42oXfx15+i1nT0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0Q7LgaYkNUi562fL2/jK4Hi4XxMB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtO2ttLY
CZAzh9dgKo2yCbFVpihxyiNxg/+ar6rHEa997zJGp588uGMB0HGKW/tiiaxgkeLi
Wpp0LJrtXWqF9UKu3M0+fhRy8lyNUI49CFoKBMl1y05s0YouqmZE6wa0OneFSIyF
ritj5mjctPuMMOchPIhOfpTe4PDiTz+FkPM1p4AIRUtGOmy7y0Dg/UoOZ5sfFi+N
b6bJYAnwXhOJ+209bw/mgSt5AUIqQufN85CF66w/WKmyUqOIjeAeyTIVRp9rbRRO
sWNcAQt5n0ynNR3brkkdsIX6TpNxKwvDaWdeBq6Awmveg+9aYwGotBjgsVEQ5Out
FMBv8bwN6N2vWA==
-----END CERTIFICATE-----