Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          ojGAjVgw8dRqXE5S2SwoWAr3AIz30m7IUXLjsjZiWPk=
Subject key identifier:   EA:A3:14:96:21:DA:E3:03:80:14:48:FE:EA:F9:D4:C7:87:CB:48:DB
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019D28F2F6F8CD68B243CD7031AC00FC43EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          1815
Signing time:             Thu 26 Mar 2026 07:01:44 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:44 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:44 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: yFgH05cA2pnoV86fYoGbQ0l6UCRCVX4jmQxW89e2+ok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:f6:f8:cd:68:b2:43:cd:70:31:ac:00:fc:43:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Mar 26 07:01:44 2026 GMT
            Not After : Mar 27 07:01:44 2026 GMT
        Subject: CN=eaa3149621dae303801448feeaf9d4c787cb48db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b9:3a:88:0c:ca:0e:c7:ac:cd:6c:00:b8:4c:
                    22:75:d7:89:9f:49:99:67:dc:b0:0d:0c:53:5e:ee:
                    d4:8d:0a:15:dd:03:73:cc:fb:97:e9:f8:c4:92:df:
                    46:45:c3:c8:b3:e5:09:6d:11:fd:d1:aa:4b:ad:b7:
                    05:92:3c:3c:91:87:38:02:5a:cf:5c:6f:00:25:12:
                    64:44:80:0c:ca:f5:6b:e1:f8:82:14:65:6f:74:9d:
                    d6:0d:be:ac:46:ea:3a:e6:db:7a:60:97:db:e1:fb:
                    10:17:50:ee:52:e1:b5:fb:bd:1d:05:78:39:b2:bc:
                    1e:ff:8f:8c:75:cf:5e:cc:61:9e:9f:1c:88:2f:d4:
                    6e:8e:84:76:78:90:a7:b0:da:cc:23:13:7d:66:28:
                    18:e6:f0:9f:ba:e9:cf:07:e8:4d:5e:0f:ae:dd:1b:
                    24:f3:a7:96:a6:75:37:23:bb:ce:db:56:eb:14:fa:
                    ec:a2:6e:63:50:4d:9e:ee:4e:f1:0e:dc:17:6c:6a:
                    06:2b:f9:8c:b9:a7:76:5d:92:c1:3f:7d:2d:47:6b:
                    3a:bd:8d:af:eb:cb:a9:0a:39:e3:dc:1f:88:63:e6:
                    64:68:f0:b1:88:94:81:46:e0:40:a2:aa:c8:0d:d1:
                    28:b7:14:8e:2e:a1:4f:e7:b2:53:0f:15:4d:38:dc:
                    e3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:A3:14:96:21:DA:E3:03:80:14:48:FE:EA:F9:D4:C7:87:CB:48:DB
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:c5:41:1f:50:56:ef:c5:25:4d:a1:c9:96:a6:1e:e2:9c:b7:
         46:2f:dc:d9:9b:6d:52:71:ef:04:4b:fa:1e:18:7e:80:0a:95:
         a7:e4:8f:ab:ed:18:a0:51:a2:05:e1:a1:33:19:d2:fc:e9:11:
         61:ce:cc:6f:a6:d7:ed:90:be:63:69:d9:8d:54:22:8a:51:9f:
         cf:0b:1f:e6:45:56:91:35:b6:ff:84:ec:05:76:d2:4c:0e:15:
         82:2c:58:49:32:e4:83:38:9b:ac:a0:08:31:ee:b8:12:49:f6:
         7c:27:d7:0b:78:6b:36:4c:06:c8:5f:e9:bb:7e:e1:8d:94:2b:
         e3:f6:3a:68:0c:27:5a:5a:06:38:b8:ff:6a:c2:2d:a0:98:81:
         37:68:f9:34:9f:c1:c6:93:b3:71:ce:7b:cd:ba:bf:48:6d:e0:
         ae:8b:25:52:eb:48:2c:6d:e3:5b:fb:76:42:54:40:63:39:2d:
         fd:25:ff:d4:98:a5:91:42:24:8b:6e:96:58:e4:9c:46:55:a5:
         1a:4c:2c:49:c1:86:ca:9c:93:3a:f9:e0:31:80:78:7e:67:59:
         4b:2e:e9:c4:a7:10:dd:d2:e0:a4:4d:66:85:7b:5a:c9:29:24:
         0d:8e:ac:e5:aa:6f:6b:fe:43:d0:85:8d:a6:52:1d:a9:5c:a6:
         a2:da:a2:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8vb4zWiyQ81wMawA/EPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjYwMzI2MDcwMTQ0WhcNMjYwMzI3MDcwMTQ0WjAzMTEwLwYDVQQD
EyhlYWEzMTQ5NjIxZGFlMzAzODAxNDQ4ZmVlYWY5ZDRjNzg3Y2I0OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbk6iAzKDseszWwAuEwiddeJn0mZ
Z9ywDQxTXu7UjQoV3QNzzPuX6fjEkt9GRcPIs+UJbRH90apLrbcFkjw8kYc4AlrP
XG8AJRJkRIAMyvVr4fiCFGVvdJ3WDb6sRuo65tt6YJfb4fsQF1DuUuG1+70dBXg5
srwe/4+Mdc9ezGGenxyIL9RujoR2eJCnsNrMIxN9ZigY5vCfuunPB+hNXg+u3Rsk
86eWpnU3I7vO21brFPrsom5jUE2e7k7xDtwXbGoGK/mMuad2XZLBP30tR2s6vY2v
68upCjnj3B+IY+ZkaPCxiJSBRuBAoqrIDdEotxSOLqFP57JTDxVNONzjiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqjFJYh2uMDgBRI/ur51MeHy0jbMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAisVBH1BW
78UlTaHJlqYe4py3Ri/c2ZttUnHvBEv6Hhh+gAqVp+SPq+0YoFGiBeGhMxnS/OkR
Yc7Mb6bX7ZC+Y2nZjVQiilGfzwsf5kVWkTW2/4TsBXbSTA4VgixYSTLkgzibrKAI
Me64Ekn2fCfXC3hrNkwGyF/pu37hjZQr4/Y6aAwnWloGOLj/asItoJiBN2j5NJ/B
xpOzcc57zbq/SG3groslUutILG3jW/t2QlRAYzkt/SX/1JilkUIki26WWOScRlWl
GkwsScGGypyTOvngMYB4fmdZSy7pxKcQ3dLgpE1mhXtaySkkDY6s5apva/5D0IWN
plIdqVymotqizg==
-----END CERTIFICATE-----