Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          z6Kad5/dLXb7aLo8d1VPUlQtZluY/Rf60TzJw7Vdghs=
Subject key identifier:   72:37:29:34:E5:8D:66:0D:8E:B5:D0:3E:DD:44:8C:8A:83:49:7F:D6
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019E20244E9A3B7624B4A9BBF8F9036FBB88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          1895
Signing time:             Wed 13 May 2026 07:01:50 +0000
Manifest this update:     Wed 13 May 2026 07:01:50 +0000
Manifest next update:     Thu 14 May 2026 07:01:50 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: QjQco/gBJU9dDQoUwt1wFrLhFh82DKgRf7625UXS9zo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 May 2026 06:33:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:20:24:4e:9a:3b:76:24:b4:a9:bb:f8:f9:03:6f:bb:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: May 13 07:01:50 2026 GMT
            Not After : May 14 07:01:50 2026 GMT
        Subject: CN=72372934e58d660d8eb5d03edd448c8a83497fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:00:46:45:8e:23:d1:33:33:9b:db:8e:ec:21:
                    47:b0:6e:29:5a:40:73:b7:60:1c:1c:d1:e7:8d:44:
                    15:27:71:b0:14:8c:e8:b8:5c:e1:66:db:af:79:58:
                    0e:57:a0:24:d2:0b:ac:8d:b4:dd:e3:00:8d:25:f3:
                    f5:3f:86:63:42:9f:9d:d4:38:59:50:3a:ad:a3:5b:
                    f1:84:10:37:9e:70:70:90:85:7a:41:ae:df:26:10:
                    a8:19:73:0b:6f:6a:a1:b5:7f:4a:ec:58:88:2d:4a:
                    e2:87:a7:f9:7a:9b:88:84:3a:28:de:7a:05:ea:db:
                    86:bc:33:2a:71:33:a0:ce:32:5b:90:24:9b:38:a9:
                    e7:f5:72:69:39:1f:f8:65:01:1b:6f:0e:a8:a8:2c:
                    0c:62:74:0a:0b:ce:bd:94:5f:36:e0:52:44:11:9f:
                    46:6a:8d:d9:cd:98:81:ee:f2:76:0c:ff:67:d1:ba:
                    40:f4:bf:1a:1f:b3:e0:b2:d2:eb:f4:a8:28:d8:3b:
                    1e:30:cf:8f:1a:ab:5f:0f:8c:c5:78:dd:94:99:5a:
                    fc:03:80:78:7c:90:01:dd:2f:97:94:06:2d:f4:9c:
                    21:54:f9:57:2e:cd:e3:34:ba:de:23:f8:93:e3:27:
                    be:ef:33:29:92:d5:22:f4:54:1b:90:69:34:20:17:
                    3a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:37:29:34:E5:8D:66:0D:8E:B5:D0:3E:DD:44:8C:8A:83:49:7F:D6
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:7c:31:1d:11:30:55:e9:87:12:b9:75:93:26:39:eb:84:dd:
         9f:58:cc:4d:9a:aa:21:40:0f:d2:dd:ce:2d:a7:40:3e:78:39:
         2e:78:21:ad:9f:ab:d7:cb:e0:48:e1:78:97:36:92:44:8c:56:
         3b:00:5e:f8:ae:8e:dc:3b:fa:69:ae:28:6d:10:6f:5d:6f:5b:
         3a:f8:4c:07:d9:9e:d3:40:a7:6e:41:9d:e0:19:54:51:d1:d0:
         82:00:98:86:a4:0f:88:8a:7d:78:4e:a7:b2:a3:7c:f9:b0:7b:
         6c:0d:6c:33:f4:6e:15:85:9b:e7:60:57:4c:2c:62:22:5c:65:
         e6:75:18:2c:91:13:ce:52:03:92:b3:4a:55:1b:63:0f:56:2b:
         05:4b:5a:1a:43:10:95:d4:ac:41:8a:6c:51:88:bf:a3:20:4d:
         ee:b6:d2:7b:e8:3e:89:8f:6b:64:de:88:52:fa:27:c6:14:08:
         98:b1:f9:45:e0:0f:fc:d5:55:e9:80:e3:a5:34:d7:ad:d2:42:
         82:e9:42:a1:ec:dc:7c:e5:27:d4:23:e6:3e:d6:f2:39:84:1c:
         96:19:70:07:75:1b:ab:5b:94:d3:47:25:73:23:da:57:58:66:
         ec:4c:e5:ff:c1:98:71:58:79:ea:da:fb:a6:3e:d8:3c:ab:5f:
         ad:ad:b8:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4gJE6aO3YktKm7+PkDb7uIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjYwNTEzMDcwMTUwWhcNMjYwNTE0MDcwMTUwWjAzMTEwLwYDVQQD
Eyg3MjM3MjkzNGU1OGQ2NjBkOGViNWQwM2VkZDQ0OGM4YTgzNDk3ZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ABGRY4j0TMzm9uO7CFHsG4pWkBz
t2AcHNHnjUQVJ3GwFIzouFzhZtuveVgOV6Ak0gusjbTd4wCNJfP1P4ZjQp+d1DhZ
UDqto1vxhBA3nnBwkIV6Qa7fJhCoGXMLb2qhtX9K7FiILUrih6f5epuIhDoo3noF
6tuGvDMqcTOgzjJbkCSbOKnn9XJpOR/4ZQEbbw6oqCwMYnQKC869lF824FJEEZ9G
ao3ZzZiB7vJ2DP9n0bpA9L8aH7PgstLr9Kgo2DseMM+PGqtfD4zFeN2UmVr8A4B4
fJAB3S+XlAYt9JwhVPlXLs3jNLreI/iT4ye+7zMpktUi9FQbkGk0IBc6pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHI3KTTljWYNjrXQPt1EjIqDSX/WMB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd3wxHREw
VemHErl1kyY564Tdn1jMTZqqIUAP0t3OLadAPng5LnghrZ+r18vgSOF4lzaSRIxW
OwBe+K6O3Dv6aa4obRBvXW9bOvhMB9me00CnbkGd4BlUUdHQggCYhqQPiIp9eE6n
sqN8+bB7bA1sM/RuFYWb52BXTCxiIlxl5nUYLJETzlIDkrNKVRtjD1YrBUtaGkMQ
ldSsQYpsUYi/oyBN7rbSe+g+iY9rZN6IUvonxhQImLH5ReAP/NVV6YDjpTTXrdJC
gulCoezcfOUn1CPmPtbyOYQclhlwB3Ubq1uU00clcyPaV1hm7Ezl/8GYcVh56tr7
pj7YPKtfra24YQ==
-----END CERTIFICATE-----