Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
File:                     PbbHfudmfXoeivbnKly0P5_DSA4.mft (raw, json)
Hash identifier:          ZRZVz9S3II3Gci3IwpqJzak0O6aO31hXM6x0CtLLzjI=
Subject key identifier:   FC:FE:4C:4E:AD:DE:A2:92:F8:CA:BC:7A:73:9F:6D:80:3A:77:ED:09
Authority key identifier: 3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E
Certificate issuer:       /CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
Certificate serial:       019D26960BA463EEFB5835057B61CD698FF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
Manifest number:          02F0
Signing time:             Wed 25 Mar 2026 20:01:00 +0000
Manifest this update:     Wed 25 Mar 2026 20:01:00 +0000
Manifest next update:     Thu 26 Mar 2026 20:01:00 +0000
Files and hashes:         1: PbbHfudmfXoeivbnKly0P5_DSA4.crl (hash: qL1Ozl0ZGKMhV9nYsV9Fg8FULmuvESh225cNbWfLVhg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 20:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:96:0b:a4:63:ee:fb:58:35:05:7b:61:cd:69:8f:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3db6c77ee7667d7a1e8af6e72a5cb43f9fc3480e
        Validity
            Not Before: Mar 25 20:01:00 2026 GMT
            Not After : Mar 26 20:01:00 2026 GMT
        Subject: CN=fcfe4c4eaddea292f8cabc7a739f6d803a77ed09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:64:b6:a1:ce:30:24:28:e2:10:6a:b8:85:1b:
                    ee:a2:dd:7b:15:d3:7b:91:20:b1:d6:df:64:30:60:
                    50:c8:91:5b:fd:1c:58:45:37:1a:56:6a:c5:3e:d5:
                    11:4e:0a:53:d8:3c:cf:86:d7:88:c8:89:2e:61:65:
                    a4:15:22:cf:ad:b4:f9:82:ec:26:de:ee:98:80:c9:
                    68:ac:01:af:77:61:36:b6:b5:2f:1d:03:93:c5:72:
                    de:ae:4f:cf:d2:18:05:54:42:60:c4:52:c3:90:25:
                    2b:2a:68:ee:2a:62:04:fc:46:ef:a6:48:d1:34:ed:
                    ca:1a:1c:1f:c2:81:84:51:ae:5a:5e:0f:a3:ef:99:
                    e2:da:03:29:bd:79:75:43:b0:a5:c3:4c:d5:fc:93:
                    1c:b1:dc:8c:c6:25:b1:c4:03:ca:ba:58:7a:de:9a:
                    5f:e0:cb:81:e7:63:fd:eb:1c:91:43:a2:fc:86:1a:
                    6e:54:ec:8b:e2:cc:ea:1a:8b:fe:6e:21:2f:13:19:
                    ba:0f:6e:ab:4c:3f:f2:ca:7c:40:34:75:27:15:68:
                    0b:ec:53:2e:25:8f:91:93:1f:6f:fe:b2:a7:55:97:
                    96:04:f4:18:bf:d4:75:4a:17:fd:10:73:21:5f:f5:
                    06:a9:79:cc:fe:cb:ed:3c:97:f1:70:9d:88:a8:9f:
                    41:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:FE:4C:4E:AD:DE:A2:92:F8:CA:BC:7A:73:9F:6D:80:3A:77:ED:09
            X509v3 Authority Key Identifier:
                keyid:3D:B6:C7:7E:E7:66:7D:7A:1E:8A:F6:E7:2A:5C:B4:3F:9F:C3:48:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbHfudmfXoeivbnKly0P5_DSA4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f10f41-5a15-484d-b95f-df6bda389905/1/PbbHfudmfXoeivbnKly0P5_DSA4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:d7:85:77:1a:7e:da:cb:88:18:8f:b3:78:47:d5:c0:7b:63:
         c6:ec:8f:79:26:87:23:7b:fb:4e:07:f4:f8:c8:ee:1b:ee:01:
         b2:c9:5e:44:29:95:f1:09:92:0c:a2:ff:a9:3e:0e:db:53:44:
         c8:54:a2:ee:6a:6e:27:29:0a:1a:84:20:3d:22:37:af:0f:42:
         da:80:66:1e:5b:14:9f:48:48:e1:58:94:fa:58:d5:2f:8e:00:
         ba:3d:76:a5:da:a1:fe:8a:04:e9:63:f3:4e:1f:7d:e8:4c:95:
         71:98:4c:be:ec:3f:72:78:0e:55:d6:01:6c:ab:42:42:12:f8:
         bf:41:2c:10:5b:f4:5b:84:9b:90:0e:e0:cc:8a:c5:fc:c3:01:
         f8:85:ae:00:a6:a0:52:73:fc:94:0c:62:a1:46:ee:cd:aa:a7:
         5d:18:e4:3b:9d:38:3c:b8:4f:cd:50:49:f2:6f:67:ff:a0:c7:
         9c:fd:21:f6:74:5d:3a:92:be:81:03:88:bc:62:e8:d1:c1:73:
         75:14:03:a5:49:61:4b:cc:48:4f:71:18:8d:77:c2:d6:23:83:
         c0:e0:b4:59:58:c1:c8:99:8f:39:8c:f3:cd:d2:da:00:6f:39:
         eb:1d:8d:b9:d5:69:3a:0d:44:04:43:ae:6d:e9:e8:1e:41:3a:
         df:02:94:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mlgukY+77WDUFe2HNaY/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZjNzdlZTc2NjdkN2ExZThhZjZlNzJhNWNiNDNmOWZj
MzQ4MGUwHhcNMjYwMzI1MjAwMTAwWhcNMjYwMzI2MjAwMTAwWjAzMTEwLwYDVQQD
EyhmY2ZlNGM0ZWFkZGVhMjkyZjhjYWJjN2E3MzlmNmQ4MDNhNzdlZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2S2oc4wJCjiEGq4hRvuot17FdN7
kSCx1t9kMGBQyJFb/RxYRTcaVmrFPtURTgpT2DzPhteIyIkuYWWkFSLPrbT5guwm
3u6YgMlorAGvd2E2trUvHQOTxXLerk/P0hgFVEJgxFLDkCUrKmjuKmIE/EbvpkjR
NO3KGhwfwoGEUa5aXg+j75ni2gMpvXl1Q7Clw0zV/JMcsdyMxiWxxAPKulh63ppf
4MuB52P96xyRQ6L8hhpuVOyL4szqGov+biEvExm6D26rTD/yynxANHUnFWgL7FMu
JY+Rkx9v/rKnVZeWBPQYv9R1Shf9EHMhX/UGqXnM/svtPJfxcJ2IqJ9B6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPz+TE6t3qKS+Mq8enOfbYA6d+0JMB8GA1UdIwQY
MBaAFD22x37nZn16Hor25ypctD+fw0gOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYt
ZGY2YmRhMzg5OTA1LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMTBmNDEtNWExNS00ODRkLWI5NWYtZGY2YmRhMzg5OTA1
LzEvUGJiSGZ1ZG1mWG9laXZibktseTBQNV9EU0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf9eFdxp+
2suIGI+zeEfVwHtjxuyPeSaHI3v7Tgf0+MjuG+4BssleRCmV8QmSDKL/qT4O21NE
yFSi7mpuJykKGoQgPSI3rw9C2oBmHlsUn0hI4ViU+ljVL44Auj12pdqh/ooE6WPz
Th996EyVcZhMvuw/cngOVdYBbKtCQhL4v0EsEFv0W4SbkA7gzIrF/MMB+IWuAKag
UnP8lAxioUbuzaqnXRjkO504PLhPzVBJ8m9n/6DHnP0h9nRdOpK+gQOIvGLo0cFz
dRQDpUlhS8xIT3EYjXfC1iODwOC0WVjByJmPOYzzzdLaAG856x2NudVpOg1EBEOu
benoHkE63wKUAg==
-----END CERTIFICATE-----