Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
File:                     dGMPFkhbT5M4X5So7HEArUjF_FA.mft (raw, json)
Hash identifier:          ekwh20Y/AEmMT8yri+x10XG9qUKdg9wdOzTLkZ+rRW8=
Subject key identifier:   72:19:22:FE:A7:AF:81:46:7A:B4:00:9B:A5:59:57:6F:8F:B3:05:5B
Authority key identifier: 74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50
Certificate issuer:       /CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
Certificate serial:       019D28BB16AE42ED4B0DE36A9223D359344C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
Manifest number:          0FBF
Signing time:             Thu 26 Mar 2026 06:00:42 +0000
Manifest this update:     Thu 26 Mar 2026 06:00:42 +0000
Manifest next update:     Fri 27 Mar 2026 06:00:42 +0000
Files and hashes:         1: dGMPFkhbT5M4X5So7HEArUjF_FA.crl (hash: VwzISvAaDxAqiAXF9EVVWz3RGyvGHxvG7Xzt8aqcu0o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:bb:16:ae:42:ed:4b:0d:e3:6a:92:23:d3:59:34:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74630f16485b4f93385f94a8ec7100ad48c5fc50
        Validity
            Not Before: Mar 26 06:00:42 2026 GMT
            Not After : Mar 27 06:00:42 2026 GMT
        Subject: CN=721922fea7af81467ab4009ba559576f8fb3055b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ae:52:d6:0e:c0:41:47:02:92:b4:e8:08:1b:
                    44:8c:9f:bd:96:10:3b:5d:ea:57:f0:30:cd:e0:64:
                    00:29:92:f9:d4:31:33:f7:ce:34:64:98:a7:7a:d8:
                    c1:c4:18:c6:57:d2:24:62:53:df:d9:f0:6a:3c:6c:
                    d1:c3:eb:b1:4c:3c:db:f0:31:fa:03:09:1c:72:ad:
                    bf:3b:26:3a:fa:5f:65:62:78:fd:6d:a2:6b:4e:79:
                    77:33:84:7d:36:84:97:26:93:71:eb:23:07:0b:f8:
                    8e:bf:1a:ce:6c:e0:87:6c:33:6a:09:28:c6:e2:00:
                    1b:a2:98:39:e2:18:e3:c4:1b:63:ed:74:dc:4a:70:
                    c1:61:86:27:b4:15:b0:ee:7a:a7:ec:ff:8d:5f:1f:
                    68:78:3f:4f:b4:38:4d:a8:f1:0c:62:3b:75:01:37:
                    ae:2e:27:8a:a4:86:be:47:0d:ec:de:85:4f:7a:4f:
                    cc:71:3e:6a:99:30:4f:8a:bd:35:1c:e0:70:dc:39:
                    33:dd:6e:59:5c:1c:f7:cb:79:2b:54:9f:90:bc:84:
                    43:bd:3a:55:b4:9f:d7:be:af:90:c5:fe:9a:9b:eb:
                    72:2f:ff:44:c2:9d:88:d8:e1:6c:34:15:42:aa:09:
                    eb:70:94:0d:20:25:80:15:d5:3e:0b:a8:4b:bf:f0:
                    23:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:19:22:FE:A7:AF:81:46:7A:B4:00:9B:A5:59:57:6F:8F:B3:05:5B
            X509v3 Authority Key Identifier:
                keyid:74:63:0F:16:48:5B:4F:93:38:5F:94:A8:EC:71:00:AD:48:C5:FC:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMPFkhbT5M4X5So7HEArUjF_FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b44856-214a-4596-927b-3da415ac0dc0/1/dGMPFkhbT5M4X5So7HEArUjF_FA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:fc:a3:f3:1b:22:5a:60:aa:19:18:38:56:1d:64:03:44:ba:
         53:89:5c:29:b0:ca:18:ee:12:e1:ec:1b:76:f6:70:52:ab:0f:
         30:44:da:7b:7e:68:5a:d6:85:07:7e:0d:55:45:5a:ee:96:19:
         0e:16:a3:c7:b1:31:3e:8d:04:f5:b0:f9:e5:2e:66:aa:cd:c3:
         56:9f:3d:36:9a:d1:13:74:b6:3c:02:7b:51:88:eb:62:dd:56:
         24:fc:f5:0c:c7:d0:47:0c:e5:06:69:0a:62:00:46:db:e8:65:
         8a:85:c2:82:1c:04:b7:71:22:0d:04:f7:ca:8a:82:01:39:22:
         36:54:78:d4:f6:75:8b:23:5a:0d:cb:11:99:02:b0:62:c7:15:
         d7:c5:f2:9a:89:ee:12:14:fa:06:28:69:9b:c0:22:af:e5:89:
         3a:f6:46:c3:3d:0c:19:e9:c3:eb:7d:0e:7c:f7:d5:b6:5a:c1:
         25:f3:ae:68:bf:e5:ff:5c:98:27:8f:28:f0:45:23:a3:82:27:
         6e:da:a9:67:a4:24:03:58:44:95:72:6d:ad:ec:19:99:08:b9:
         17:18:98:bb:48:bc:6a:08:51:95:9c:c5:7a:62:f4:1f:97:4d:
         5d:7d:3d:b5:7f:c7:66:6d:c1:52:03:86:4d:96:5f:b5:0d:93:
         8d:aa:84:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ouxauQu1LDeNqkiPTWTRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMwZjE2NDg1YjRmOTMzODVmOTRhOGVjNzEwMGFkNDhj
NWZjNTAwHhcNMjYwMzI2MDYwMDQyWhcNMjYwMzI3MDYwMDQyWjAzMTEwLwYDVQQD
Eyg3MjE5MjJmZWE3YWY4MTQ2N2FiNDAwOWJhNTU5NTc2ZjhmYjMwNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz65S1g7AQUcCkrToCBtEjJ+9lhA7
XepX8DDN4GQAKZL51DEz9840ZJinetjBxBjGV9IkYlPf2fBqPGzRw+uxTDzb8DH6
Awkccq2/OyY6+l9lYnj9baJrTnl3M4R9NoSXJpNx6yMHC/iOvxrObOCHbDNqCSjG
4gAbopg54hjjxBtj7XTcSnDBYYYntBWw7nqn7P+NXx9oeD9PtDhNqPEMYjt1ATeu
LieKpIa+Rw3s3oVPek/McT5qmTBPir01HOBw3Dkz3W5ZXBz3y3krVJ+QvIRDvTpV
tJ/Xvq+Qxf6am+tyL/9Ewp2I2OFsNBVCqgnrcJQNICWAFdU+C6hLv/AjowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIZIv6nr4FGerQAm6VZV2+PswVbMB8GA1UdIwQY
MBaAFHRjDxZIW0+TOF+UqOxxAK1IxfxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2It
M2RhNDE1YWMwZGMwLzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iNDQ4NTYtMjE0YS00NTk2LTkyN2ItM2RhNDE1YWMwZGMw
LzEvZEdNUEZraGJUNU00WDVTbzdIRUFyVWpGX0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIPyj8xsi
WmCqGRg4Vh1kA0S6U4lcKbDKGO4S4ewbdvZwUqsPMETae35oWtaFB34NVUVa7pYZ
Dhajx7ExPo0E9bD55S5mqs3DVp89NprRE3S2PAJ7UYjrYt1WJPz1DMfQRwzlBmkK
YgBG2+hlioXCghwEt3EiDQT3yoqCATkiNlR41PZ1iyNaDcsRmQKwYscV18Xymonu
EhT6Bihpm8Air+WJOvZGwz0MGenD630OfPfVtlrBJfOuaL/l/1yYJ48o8EUjo4In
btqpZ6QkA1hElXJtrewZmQi5FxiYu0i8aghRlZzFemL0H5dNXX09tX/HZm3BUgOG
TZZftQ2TjaqEJA==
-----END CERTIFICATE-----