Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          zgBDzzDP8Hvzg6wEln1tVOiXO36Ke9NgkHRsE/VkFEM=
Subject key identifier:   DD:C9:E0:EA:9E:B2:7B:5C:81:7B:2A:0B:6E:A9:31:F7:20:BD:30:3A
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019D2996E38D088745FCC4D3CC88AD514548
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 10:00:47 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:47 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:47 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: olhCZeaoyBDTaFn3kJTEEPadmsH4pOvMuoFNNhj4WgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:e3:8d:08:87:45:fc:c4:d3:cc:88:ad:51:45:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Mar 26 10:00:47 2026 GMT
            Not After : Mar 27 10:00:47 2026 GMT
        Subject: CN=ddc9e0ea9eb27b5c817b2a0b6ea931f720bd303a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:58:bd:3a:35:03:29:02:e4:06:7b:38:e5:2c:
                    58:bc:79:0f:c7:39:df:1e:7f:bd:fc:fc:f8:71:a4:
                    5e:2b:54:7f:4f:82:b3:2a:82:40:9e:16:7a:cd:0f:
                    b2:ce:4f:30:b3:65:e5:fe:e0:9f:3b:4b:29:66:25:
                    bb:6a:44:06:b6:fd:ac:c0:8f:2d:01:7c:51:1d:b1:
                    12:67:5e:dc:72:55:6d:1b:f2:77:d1:e1:e3:d9:2e:
                    cf:7b:83:e9:f3:f6:7a:34:fb:f5:ff:4d:7d:50:89:
                    64:1b:66:9e:33:0d:92:d5:1a:91:1b:62:b4:11:0d:
                    0f:47:c9:54:1d:60:02:24:5b:e0:4b:75:e3:4d:01:
                    97:c6:de:d3:5d:33:82:75:1a:59:cb:91:7e:57:b6:
                    ef:fb:c9:fc:81:47:b0:df:3a:a3:ab:33:93:9e:21:
                    38:87:2e:f7:59:a1:46:f2:25:59:78:dc:7b:0c:dc:
                    41:3a:87:d0:0c:04:a4:03:67:f3:69:1c:9c:a3:58:
                    38:0a:bc:d2:34:55:fc:72:19:54:09:6b:ba:49:b3:
                    e6:f4:55:87:39:76:ed:d0:97:66:cb:5f:32:22:70:
                    12:8f:47:be:20:94:34:6e:62:4f:5c:48:55:9f:05:
                    c1:4d:2a:ad:ce:53:1f:b0:47:21:96:6b:c3:64:9a:
                    80:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:C9:E0:EA:9E:B2:7B:5C:81:7B:2A:0B:6E:A9:31:F7:20:BD:30:3A
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:89:10:bb:d4:68:33:e8:7d:54:32:35:2e:00:8b:68:b9:1d:
         93:02:f8:78:cc:ae:f3:0d:55:5e:d9:ec:bb:a7:6d:ba:63:f7:
         65:f3:24:8b:41:02:63:bd:7f:28:9f:34:ed:25:11:23:8b:c3:
         bf:d0:7d:b9:94:44:ac:70:03:b6:d0:24:34:3a:f5:f1:b6:b4:
         c4:03:96:fe:74:94:69:5f:39:99:af:71:30:91:00:e7:bb:37:
         b4:03:c3:47:4f:47:01:82:05:75:e2:ea:e3:48:3c:37:0f:58:
         42:99:68:e3:34:fa:c4:1c:e3:96:0a:88:74:32:7e:92:3a:bd:
         d4:33:f6:83:ce:2b:33:36:c2:42:a6:6a:1c:1a:7a:96:45:81:
         9c:6d:73:d5:84:db:ee:c5:5f:ed:08:17:61:c0:87:bc:16:08:
         a2:97:11:30:5d:77:ba:47:3a:8a:4c:43:47:f1:0d:30:d4:09:
         d7:a1:0a:dd:65:64:4b:65:70:05:b0:e5:08:64:c2:01:4f:b5:
         6f:2c:c4:88:1d:d5:0c:7c:62:41:3f:d1:f6:f1:44:67:6b:cf:
         36:76:36:a0:dc:53:06:e6:97:cd:c4:d3:3e:e9:3e:c0:4f:df:
         b8:0f:74:f8:83:eb:7b:12:fa:c7:a7:d3:e2:32:75:4d:d0:41:
         8e:49:e5:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pluONCIdF/MTTzIitUUVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjYwMzI2MTAwMDQ3WhcNMjYwMzI3MTAwMDQ3WjAzMTEwLwYDVQQD
EyhkZGM5ZTBlYTllYjI3YjVjODE3YjJhMGI2ZWE5MzFmNzIwYmQzMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmli9OjUDKQLkBns45SxYvHkPxznf
Hn+9/Pz4caReK1R/T4KzKoJAnhZ6zQ+yzk8ws2Xl/uCfO0spZiW7akQGtv2swI8t
AXxRHbESZ17cclVtG/J30eHj2S7Pe4Pp8/Z6NPv1/019UIlkG2aeMw2S1RqRG2K0
EQ0PR8lUHWACJFvgS3XjTQGXxt7TXTOCdRpZy5F+V7bv+8n8gUew3zqjqzOTniE4
hy73WaFG8iVZeNx7DNxBOofQDASkA2fzaRyco1g4CrzSNFX8chlUCWu6SbPm9FWH
OXbt0Jdmy18yInASj0e+IJQ0bmJPXEhVnwXBTSqtzlMfsEchlmvDZJqAqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3J4OqesntcgXsqC26pMfcgvTA6MB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlYkQu9Ro
M+h9VDI1LgCLaLkdkwL4eMyu8w1VXtnsu6dtumP3ZfMki0ECY71/KJ807SURI4vD
v9B9uZRErHADttAkNDr18ba0xAOW/nSUaV85ma9xMJEA57s3tAPDR09HAYIFdeLq
40g8Nw9YQplo4zT6xBzjlgqIdDJ+kjq91DP2g84rMzbCQqZqHBp6lkWBnG1z1YTb
7sVf7QgXYcCHvBYIopcRMF13ukc6ikxDR/ENMNQJ16EK3WVkS2VwBbDlCGTCAU+1
byzEiB3VDHxiQT/R9vFEZ2vPNnY2oNxTBuaXzcTTPuk+wE/fuA90+IPrexL6x6fT
4jJ1TdBBjknl8A==
-----END CERTIFICATE-----