Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          zbtBdGRpDC3rMp15apcQlWGBsVgCZxtkqQlFFlMRdDM=
Subject key identifier:   36:01:83:44:C3:C6:CE:30:8D:5E:AF:D6:CB:96:F6:0E:F0:2F:F6:CE
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019E1DFE43934B5A4A2214393E21F84AB074
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          1495
Signing time:             Tue 12 May 2026 21:01:02 +0000
Manifest this update:     Tue 12 May 2026 21:01:02 +0000
Manifest next update:     Wed 13 May 2026 21:01:02 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: Om0Umi5DabMjTXyG/c0s1zU2pmLct0SHjKEId1Jni3g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 21:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1d:fe:43:93:4b:5a:4a:22:14:39:3e:21:f8:4a:b0:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: May 12 21:01:02 2026 GMT
            Not After : May 13 21:01:02 2026 GMT
        Subject: CN=36018344c3c6ce308d5eafd6cb96f60ef02ff6ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:b4:c4:fb:6f:ca:a8:6f:ef:5d:90:79:aa:75:
                    f5:16:5d:3e:5c:6e:4c:ac:84:2d:e9:76:2c:42:62:
                    07:74:d3:10:cd:17:d6:94:43:ed:73:93:78:d9:cc:
                    38:a5:31:0d:8a:86:39:14:dd:df:1a:0a:c7:93:d4:
                    1f:63:34:80:cc:6f:13:78:d0:9c:af:6c:91:9a:5e:
                    4d:c0:e0:2c:b8:5d:ff:86:d2:00:c7:10:d8:e0:49:
                    83:fc:45:5d:7d:00:0f:79:af:49:89:77:5a:9a:d4:
                    61:f9:42:9d:36:70:cd:e0:b0:3e:a5:fc:b5:28:31:
                    bc:39:cc:f8:a1:84:2e:e5:a8:2f:82:1a:e5:4b:bc:
                    61:09:e7:18:03:f4:f4:c6:90:a0:d3:4d:ed:fa:cc:
                    a7:42:2b:4f:9a:74:bd:5c:69:90:4e:f6:19:4f:8d:
                    e5:d7:32:0a:c5:dd:2e:79:6e:b5:2e:1f:8d:e9:61:
                    f4:f8:bd:5a:ea:e2:d1:69:94:dd:e1:01:29:68:61:
                    99:c7:06:3d:76:44:a7:09:cf:0d:79:fb:53:41:c1:
                    03:8b:bc:11:eb:49:e1:4d:7b:d9:b2:73:ba:89:1b:
                    4d:ed:3c:f9:07:1c:08:16:60:29:19:ee:c6:06:4e:
                    15:d0:29:6c:f3:a4:b0:73:38:8b:71:6b:5c:0b:4c:
                    e1:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:01:83:44:C3:C6:CE:30:8D:5E:AF:D6:CB:96:F6:0E:F0:2F:F6:CE
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:51:3c:63:88:40:7c:d8:1b:21:40:f1:fa:79:72:f4:a2:87:
         3d:2f:63:92:31:e7:e7:be:b5:bc:1e:7f:3a:37:eb:ee:76:b7:
         64:56:05:77:31:18:56:13:d1:72:44:3c:a8:32:a8:66:6b:74:
         a2:ec:e2:e0:86:d9:14:51:cc:51:fe:ce:27:8a:7c:13:20:24:
         d9:a0:fd:7b:0a:77:a7:36:e2:99:8b:0f:3c:10:a5:c6:c1:02:
         bc:0d:a7:ac:38:6e:d6:df:40:ca:d0:c6:39:50:a6:a2:8f:61:
         2e:10:c9:9e:c5:15:24:81:66:ab:c4:f6:71:87:06:06:dc:86:
         52:08:29:29:43:f7:e6:4b:54:8e:78:b6:ca:0b:09:29:ca:fb:
         41:5e:3e:88:f6:41:06:a8:aa:77:d8:d0:73:58:c5:55:fb:40:
         74:0e:91:3b:af:ec:7a:48:e4:c9:aa:e4:fb:c8:b6:7d:02:99:
         63:75:7b:30:c9:d9:49:9c:ce:5f:d7:91:95:34:1e:14:9a:1e:
         13:56:af:db:63:89:ac:d4:df:c8:73:61:67:b0:ab:0c:d3:23:
         3a:b4:20:61:92:a8:c6:cd:9d:ef:08:bd:6a:aa:27:2d:b0:ed:
         ee:a6:51:0d:bd:ac:a8:e6:80:da:6b:18:2b:3c:d7:85:2d:53:
         06:96:24:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4d/kOTS1pKIhQ5PiH4SrB0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwNTEyMjEwMTAyWhcNMjYwNTEzMjEwMTAyWjAzMTEwLwYDVQQD
EygzNjAxODM0NGMzYzZjZTMwOGQ1ZWFmZDZjYjk2ZjYwZWYwMmZmNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLTE+2/KqG/vXZB5qnX1Fl0+XG5M
rIQt6XYsQmIHdNMQzRfWlEPtc5N42cw4pTENioY5FN3fGgrHk9QfYzSAzG8TeNCc
r2yRml5NwOAsuF3/htIAxxDY4EmD/EVdfQAPea9JiXdamtRh+UKdNnDN4LA+pfy1
KDG8Ocz4oYQu5agvghrlS7xhCecYA/T0xpCg003t+synQitPmnS9XGmQTvYZT43l
1zIKxd0ueW61Lh+N6WH0+L1a6uLRaZTd4QEpaGGZxwY9dkSnCc8NeftTQcEDi7wR
60nhTXvZsnO6iRtN7Tz5BxwIFmApGe7GBk4V0Cls86SwcziLcWtcC0zhNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYBg0TDxs4wjV6v1suW9g7wL/bOMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVE8Y4hA
fNgbIUDx+nly9KKHPS9jkjHn5761vB5/Ojfr7na3ZFYFdzEYVhPRckQ8qDKoZmt0
ouzi4IbZFFHMUf7OJ4p8EyAk2aD9ewp3pzbimYsPPBClxsECvA2nrDhu1t9AytDG
OVCmoo9hLhDJnsUVJIFmq8T2cYcGBtyGUggpKUP35ktUjni2ygsJKcr7QV4+iPZB
Bqiqd9jQc1jFVftAdA6RO6/sekjkyark+8i2fQKZY3V7MMnZSZzOX9eRlTQeFJoe
E1av22OJrNTfyHNhZ7CrDNMjOrQgYZKoxs2d7wi9aqonLbDt7qZRDb2sqOaA2msY
KzzXhS1TBpYkGw==
-----END CERTIFICATE-----