Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
File:                     DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft (raw, json)
Hash identifier:          GiwdrYR9/NQeBN7R0EM/nH0/KSnYDb7dlNWh6rJtU4Q=
Subject key identifier:   B6:11:6D:8E:31:F2:1E:4A:38:F0:7A:C6:11:9E:94:53:24:55:A6:C3
Authority key identifier: 0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B
Certificate issuer:       /CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
Certificate serial:       019D25F1CE1E5EC8B09BDCAF91549F0B638B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
Manifest number:          1560
Signing time:             Wed 25 Mar 2026 17:01:37 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:37 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:37 +0000
Files and hashes:         1: DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl (hash: pQejnJiMW5m6+IUFMX63chNipohpwW7juA5aBm0faZQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:ce:1e:5e:c8:b0:9b:dc:af:91:54:9f:0b:63:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c4f0b9a5fe0389fadcbbfb1fa1c40c4a4ba0d2b
        Validity
            Not Before: Mar 25 17:01:37 2026 GMT
            Not After : Mar 26 17:01:37 2026 GMT
        Subject: CN=b6116d8e31f21e4a38f07ac6119e94532455a6c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:e0:65:20:a5:53:2e:fd:37:b8:3f:e2:dd:0d:
                    b9:02:a6:ca:1b:cc:40:fc:cc:be:92:d9:cb:3d:82:
                    db:15:87:32:b8:5e:d3:4d:f5:89:7c:cc:0d:91:de:
                    1c:a5:f1:74:b2:f9:44:62:a4:5e:e0:1e:da:87:11:
                    9b:6c:f0:25:2c:fa:60:cb:6e:79:00:fd:b7:d9:f9:
                    47:18:80:95:fa:73:c2:2b:20:63:65:3c:87:84:39:
                    aa:1f:0d:5f:a5:88:b8:35:38:33:7d:9e:71:3a:2a:
                    35:92:6f:6f:dc:0a:78:8d:38:4e:5d:d5:de:a9:3f:
                    9a:b8:cc:bd:35:16:e1:e2:31:87:1d:6c:a2:93:4d:
                    df:28:68:57:9e:94:e8:83:da:ac:b6:fa:b7:4f:ad:
                    05:f7:d5:38:ad:21:13:90:3b:d0:90:1f:86:41:ff:
                    13:a0:bd:a7:61:43:30:98:4a:10:59:f3:e1:15:cf:
                    d6:8f:23:64:83:59:59:62:3b:7a:60:8a:bd:71:9d:
                    50:5d:f5:2e:54:40:09:d0:6d:8e:06:a7:93:d4:9a:
                    7f:0c:35:5e:83:24:f2:a7:a9:80:2e:6b:3c:c2:46:
                    e0:99:1d:81:b8:f2:16:58:3b:00:8e:ff:bf:1b:22:
                    e6:c5:0c:c9:92:0c:6a:00:0e:21:38:7f:04:cb:e7:
                    17:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:11:6D:8E:31:F2:1E:4A:38:F0:7A:C6:11:9E:94:53:24:55:A6:C3
            X509v3 Authority Key Identifier:
                keyid:0C:4F:0B:9A:5F:E0:38:9F:AD:CB:BF:B1:FA:1C:40:C4:A4:BA:0D:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/90ba17-09dc-4b7d-a453-f606ace4acc2/1/DE8Lml_gOJ-ty7-x-hxAxKS6DSs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:19:83:77:8e:11:3f:a5:63:ed:7e:9e:6b:11:7d:6b:d5:bb:
         3d:bf:81:8e:b7:0c:f1:eb:b6:67:c1:85:1a:27:21:04:0d:85:
         b5:4d:9c:d5:b2:7e:22:f6:70:7c:e8:bc:d1:59:46:b4:4f:75:
         2c:c1:05:f2:aa:7b:6c:65:13:a4:ea:6e:1a:dd:e8:ed:37:17:
         09:c4:de:9f:c0:7e:55:6a:a7:41:e7:fd:5f:df:10:74:4e:aa:
         79:f2:d1:04:e5:15:60:17:21:e3:60:08:9e:92:26:c0:dd:e9:
         75:eb:f0:aa:31:1a:42:bb:ce:ce:5a:bf:23:c5:2f:65:7c:32:
         6c:11:bf:ce:12:27:6a:45:2f:68:37:42:07:1f:5d:b6:dc:49:
         68:2e:87:ee:a5:3b:bb:b8:08:b7:04:67:b1:44:11:41:2a:80:
         e1:53:41:6a:7c:9c:9c:2c:5d:c1:69:d7:5f:4f:97:a8:04:30:
         20:e9:33:83:40:9e:5f:c7:31:25:40:ae:8f:e0:bd:95:93:2d:
         84:35:09:40:83:e8:64:81:a5:d9:f2:92:d5:1d:2c:02:6a:8e:
         fe:e0:2c:7e:72:8f:3a:5f:ad:66:4c:b4:84:18:5f:3d:af:c3:
         4b:c8:3a:0e:0c:ce:6b:77:66:95:d0:96:fa:a2:21:58:9f:51:
         e0:c5:a3:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8c4eXsiwm9yvkVSfC2OLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNGYwYjlhNWZlMDM4OWZhZGNiYmZiMWZhMWM0MGM0YTRi
YTBkMmIwHhcNMjYwMzI1MTcwMTM3WhcNMjYwMzI2MTcwMTM3WjAzMTEwLwYDVQQD
EyhiNjExNmQ4ZTMxZjIxZTRhMzhmMDdhYzYxMTllOTQ1MzI0NTVhNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueBlIKVTLv03uD/i3Q25AqbKG8xA
/My+ktnLPYLbFYcyuF7TTfWJfMwNkd4cpfF0svlEYqRe4B7ahxGbbPAlLPpgy255
AP232flHGICV+nPCKyBjZTyHhDmqHw1fpYi4NTgzfZ5xOio1km9v3Ap4jThOXdXe
qT+auMy9NRbh4jGHHWyik03fKGhXnpTog9qstvq3T60F99U4rSETkDvQkB+GQf8T
oL2nYUMwmEoQWfPhFc/WjyNkg1lZYjt6YIq9cZ1QXfUuVEAJ0G2OBqeT1Jp/DDVe
gyTyp6mALms8wkbgmR2BuPIWWDsAjv+/GyLmxQzJkgxqAA4hOH8Ey+cXVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYRbY4x8h5KOPB6xhGelFMkVabDMB8GA1UdIwQY
MBaAFAxPC5pf4Difrcu/sfocQMSkug0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMt
ZjYwNmFjZTRhY2MyLzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85MGJhMTctMDlkYy00YjdkLWE0NTMtZjYwNmFjZTRhY2My
LzEvREU4TG1sX2dPSi10eTcteC1oeEF4S1M2RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxmDd44R
P6Vj7X6eaxF9a9W7Pb+BjrcM8eu2Z8GFGichBA2FtU2c1bJ+IvZwfOi80VlGtE91
LMEF8qp7bGUTpOpuGt3o7TcXCcTen8B+VWqnQef9X98QdE6qefLRBOUVYBch42AI
npImwN3pdevwqjEaQrvOzlq/I8UvZXwybBG/zhInakUvaDdCBx9dttxJaC6H7qU7
u7gItwRnsUQRQSqA4VNBanycnCxdwWnXX0+XqAQwIOkzg0CeX8cxJUCuj+C9lZMt
hDUJQIPoZIGl2fKS1R0sAmqO/uAsfnKPOl+tZky0hBhfPa/DS8g6DgzOa3dmldCW
+qIhWJ9R4MWjCg==
-----END CERTIFICATE-----