Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          dfgEZktWrBc1Hks3ZP2+32rXsILj9wUIr+R0AQaQ9yc=
Subject key identifier:   46:24:1F:5D:A9:F7:42:92:14:04:E2:C2:04:7C:5B:A1:84:D0:4B:E5
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019D28BB79B61106B51513CD692EE7B2AC41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          1416
Signing time:             Thu 26 Mar 2026 06:01:08 +0000
Manifest this update:     Thu 26 Mar 2026 06:01:08 +0000
Manifest next update:     Fri 27 Mar 2026 06:01:08 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: 6Oi2mk2i6Wvi/8XfHJWzxa+Ym0PgiU4amxT/y2xHH0E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 06:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:79:b6:11:06:b5:15:13:cd:69:2e:e7:b2:ac:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Mar 26 06:01:08 2026 GMT
            Not After : Mar 27 06:01:08 2026 GMT
        Subject: CN=46241f5da9f742921404e2c2047c5ba184d04be5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f2:cb:35:75:d2:58:00:1f:71:3a:c5:2a:a5:
                    e5:86:4a:77:d8:9c:89:9f:9e:08:18:55:2c:5b:d4:
                    23:23:9c:e5:de:2d:2b:0a:9e:89:8a:a2:4a:7f:07:
                    01:fa:5c:ba:66:e0:c8:d4:b4:44:a3:aa:f7:b6:a5:
                    32:6b:46:86:f5:bb:80:c2:4a:80:ea:ed:25:0a:11:
                    26:93:aa:5b:13:19:ce:02:96:a5:2b:c2:55:00:41:
                    7a:7e:d7:a7:60:4d:4d:13:61:d7:6c:48:8e:7a:27:
                    49:f2:ea:5c:92:aa:ce:f4:dd:13:2d:c4:32:a0:47:
                    06:9e:49:35:07:5d:9e:02:d3:8a:a5:cb:fd:7c:90:
                    c5:e7:24:e8:aa:c0:ce:3a:37:6d:c9:50:db:7c:a2:
                    d6:c1:99:4a:0a:f7:77:82:b2:37:a8:59:a6:a1:81:
                    aa:cc:85:be:1d:87:c5:bc:90:44:bc:34:72:ce:13:
                    c8:28:93:f2:34:e4:70:d3:70:50:7c:a8:90:34:b8:
                    79:eb:08:71:ff:bb:e3:b3:b6:02:5a:fe:67:3f:57:
                    4b:81:03:20:3c:69:49:8c:bb:b7:63:28:b7:09:71:
                    99:ce:7d:ef:a7:77:7d:6e:06:85:f0:22:5c:f6:e4:
                    ba:48:15:b9:85:be:90:94:25:0c:a7:43:77:98:88:
                    fd:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:24:1F:5D:A9:F7:42:92:14:04:E2:C2:04:7C:5B:A1:84:D0:4B:E5
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:da:20:01:42:0e:54:6e:9b:f0:fb:b6:bd:ab:cb:cc:7c:39:
         4c:19:30:75:1c:a0:e0:32:2b:fb:42:fa:d3:e3:b4:84:4e:74:
         26:11:80:71:fe:68:22:68:97:5d:18:5b:21:ee:90:70:fc:9c:
         3f:36:33:90:09:52:07:62:74:87:6b:19:c9:33:53:85:45:ab:
         bd:45:81:94:a9:5f:56:38:26:9f:1d:f0:a0:30:39:2c:33:1a:
         8f:2c:cf:0a:c1:90:2b:70:61:28:a7:8f:22:1f:6e:d7:0d:52:
         94:e3:a9:01:2c:7b:49:b5:2c:53:3a:fa:6e:8d:16:1b:49:12:
         73:74:1d:3a:2b:f0:93:1a:a3:05:b5:ae:09:f5:8c:41:3f:aa:
         b1:37:a2:d1:51:cb:9c:9d:96:65:e5:0b:77:16:d7:7c:e3:ac:
         d8:b0:7e:1b:c8:93:e5:ad:c9:88:fa:6a:3f:f5:29:a2:91:1f:
         4f:68:90:a6:1c:76:66:00:98:33:aa:bc:e4:3c:56:30:13:2a:
         82:7b:bc:a8:2f:7f:4e:25:92:d8:6d:5f:0d:46:48:e8:a5:8f:
         25:4e:98:e8:a7:e9:fc:5c:2a:f7:44:55:bb:c3:0c:38:c7:b7:
         2a:96:33:22:43:9a:0f:9e:9f:fb:b9:de:e6:64:c1:92:7d:36:
         62:88:49:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ou3m2EQa1FRPNaS7nsqxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwMzI2MDYwMTA4WhcNMjYwMzI3MDYwMTA4WjAzMTEwLwYDVQQD
Eyg0NjI0MWY1ZGE5Zjc0MjkyMTQwNGUyYzIwNDdjNWJhMTg0ZDA0YmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvLLNXXSWAAfcTrFKqXlhkp32JyJ
n54IGFUsW9QjI5zl3i0rCp6JiqJKfwcB+ly6ZuDI1LREo6r3tqUya0aG9buAwkqA
6u0lChEmk6pbExnOApalK8JVAEF6ftenYE1NE2HXbEiOeidJ8upckqrO9N0TLcQy
oEcGnkk1B12eAtOKpcv9fJDF5yToqsDOOjdtyVDbfKLWwZlKCvd3grI3qFmmoYGq
zIW+HYfFvJBEvDRyzhPIKJPyNORw03BQfKiQNLh56whx/7vjs7YCWv5nP1dLgQMg
PGlJjLu3Yyi3CXGZzn3vp3d9bgaF8CJc9uS6SBW5hb6QlCUMp0N3mIj9IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYkH12p90KSFATiwgR8W6GE0EvlMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNogAUIO
VG6b8Pu2vavLzHw5TBkwdRyg4DIr+0L60+O0hE50JhGAcf5oImiXXRhbIe6QcPyc
PzYzkAlSB2J0h2sZyTNThUWrvUWBlKlfVjgmnx3woDA5LDMajyzPCsGQK3BhKKeP
Ih9u1w1SlOOpASx7SbUsUzr6bo0WG0kSc3QdOivwkxqjBbWuCfWMQT+qsTei0VHL
nJ2WZeULdxbXfOOs2LB+G8iT5a3JiPpqP/UpopEfT2iQphx2ZgCYM6q85DxWMBMq
gnu8qC9/TiWS2G1fDUZI6KWPJU6Y6Kfp/Fwq90RVu8MMOMe3KpYzIkOaD56f+7ne
5mTBkn02YohJ2w==
-----END CERTIFICATE-----