Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
File:                     DdgdNYjH4QqJmw0EgVZubZSNrdA.mft (raw, json)
Hash identifier:          WXTBsEYQUEofZT7ABAQtC5awoDTvo7WWnIvrrh0V4cc=
Subject key identifier:   4F:B1:CD:98:D1:BB:56:EC:03:83:1B:24:40:16:F6:C6:09:40:73:CF
Authority key identifier: 0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0
Certificate issuer:       /CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
Certificate serial:       019D284E410701E892913CFBED10949310E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 04:01:50 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:50 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:50 +0000
Files and hashes:         1: DdgdNYjH4QqJmw0EgVZubZSNrdA.crl (hash: PVLhh/dzuwD+2qdMiHpvNCkFBVxqegh7KCnbLuNWzCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:41:07:01:e8:92:91:3c:fb:ed:10:94:93:10:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dd81d3588c7e10a899b0d0481566e6d948dadd0
        Validity
            Not Before: Mar 26 04:01:50 2026 GMT
            Not After : Mar 27 04:01:50 2026 GMT
        Subject: CN=4fb1cd98d1bb56ec03831b244016f6c6094073cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:fb:66:b1:92:68:44:a9:e1:77:08:7f:3b:ea:
                    53:d9:93:29:9c:6f:94:84:4e:67:14:93:2f:f6:7d:
                    37:db:07:af:24:96:14:b8:f2:ec:93:31:80:f6:86:
                    0e:93:5f:2c:7f:8e:27:85:c5:e8:81:c3:f6:cd:b4:
                    ef:1a:2b:80:5b:a3:d8:1c:d6:3d:84:61:48:47:ad:
                    64:1f:c4:66:48:b4:ae:a3:ee:2d:5f:1d:94:62:f9:
                    d1:b6:76:ea:58:6c:16:87:0c:34:b1:48:8a:37:b8:
                    aa:99:13:af:56:fc:ef:23:21:de:62:95:2e:34:82:
                    d2:ab:4c:e8:49:ae:c1:f0:1c:31:8c:ee:28:33:06:
                    25:68:41:8d:fa:9d:41:b4:b3:6e:8d:21:dc:20:7a:
                    c3:0d:3c:5f:c4:0b:a3:24:32:b9:6e:7f:40:09:48:
                    2b:9b:92:01:52:80:e7:dc:8a:af:6f:e6:fd:61:54:
                    0d:ac:5f:bd:26:02:d7:0a:d8:14:80:cb:5a:78:47:
                    8b:f9:c5:40:eb:ca:77:b6:e0:ee:ee:e8:f6:36:7e:
                    f7:3f:b3:26:1c:58:47:8b:43:06:d9:50:54:fc:47:
                    ac:90:99:85:70:af:a4:84:38:9d:78:81:f1:30:1c:
                    f3:3d:a4:d8:a8:ab:46:30:0a:31:a5:79:02:c3:94:
                    45:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:B1:CD:98:D1:BB:56:EC:03:83:1B:24:40:16:F6:C6:09:40:73:CF
            X509v3 Authority Key Identifier:
                keyid:0D:D8:1D:35:88:C7:E1:0A:89:9B:0D:04:81:56:6E:6D:94:8D:AD:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdgdNYjH4QqJmw0EgVZubZSNrdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e86f5f-115e-4e92-ac39-c76b8db5ad14/1/DdgdNYjH4QqJmw0EgVZubZSNrdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:74:f6:7a:9f:88:f9:e0:38:ed:ee:8f:e6:7f:51:2a:61:b8:
         8f:d8:3f:f8:3f:19:ea:96:ca:18:5c:b0:49:65:69:db:c3:76:
         81:d8:9d:dc:6c:4d:97:37:8c:27:9e:73:84:9c:c2:82:ed:5a:
         51:af:27:10:07:0a:5d:c6:f7:76:19:d3:6f:38:cc:d9:0e:2b:
         9d:01:51:1a:93:e1:46:c7:8c:3d:9c:e9:dc:f4:13:33:dd:d5:
         34:99:de:ed:cb:dd:a1:1d:16:fb:ee:34:21:db:0f:95:45:59:
         ff:c6:24:81:60:f3:03:83:2a:3d:8d:f2:63:72:dd:c7:32:5a:
         55:4c:e2:5a:bb:ef:90:a5:0d:50:ba:26:d2:46:4c:a8:06:79:
         27:23:66:a2:86:94:23:6f:2a:53:2f:ac:71:22:52:b2:77:79:
         26:63:01:2b:76:e0:55:7f:fa:3e:a9:30:a9:71:69:f9:e0:51:
         a0:fd:90:9b:6a:52:c6:2a:19:f2:b5:59:a0:93:85:52:57:4f:
         b9:ad:ce:62:03:f2:7d:75:2d:7e:74:98:b5:f1:c9:df:22:0b:
         f5:29:c1:aa:84:cf:83:06:b7:fe:24:2a:3c:f5:49:5f:1c:57:
         1d:52:b6:a4:0a:bb:cc:ad:64:fc:c2:5e:59:b8:0e:1a:27:54:
         5f:a9:6b:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTkEHAeiSkTz77RCUkxDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDgxZDM1ODhjN2UxMGE4OTliMGQwNDgxNTY2ZTZkOTQ4
ZGFkZDAwHhcNMjYwMzI2MDQwMTUwWhcNMjYwMzI3MDQwMTUwWjAzMTEwLwYDVQQD
Eyg0ZmIxY2Q5OGQxYmI1NmVjMDM4MzFiMjQ0MDE2ZjZjNjA5NDA3M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtftmsZJoRKnhdwh/O+pT2ZMpnG+U
hE5nFJMv9n032wevJJYUuPLskzGA9oYOk18sf44nhcXogcP2zbTvGiuAW6PYHNY9
hGFIR61kH8RmSLSuo+4tXx2UYvnRtnbqWGwWhww0sUiKN7iqmROvVvzvIyHeYpUu
NILSq0zoSa7B8BwxjO4oMwYlaEGN+p1BtLNujSHcIHrDDTxfxAujJDK5bn9ACUgr
m5IBUoDn3Iqvb+b9YVQNrF+9JgLXCtgUgMtaeEeL+cVA68p3tuDu7uj2Nn73P7Mm
HFhHi0MG2VBU/EeskJmFcK+khDideIHxMBzzPaTYqKtGMAoxpXkCw5RFrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+xzZjRu1bsA4MbJEAW9sYJQHPPMB8GA1UdIwQY
MBaAFA3YHTWIx+EKiZsNBIFWbm2Uja3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzkt
Yzc2YjhkYjVhZDE0LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lODZmNWYtMTE1ZS00ZTkyLWFjMzktYzc2YjhkYjVhZDE0
LzEvRGRnZE5Zakg0UXFKbXcwRWdWWnViWlNOcmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUHT2ep+I
+eA47e6P5n9RKmG4j9g/+D8Z6pbKGFywSWVp28N2gdid3GxNlzeMJ55zhJzCgu1a
Ua8nEAcKXcb3dhnTbzjM2Q4rnQFRGpPhRseMPZzp3PQTM93VNJne7cvdoR0W++40
IdsPlUVZ/8YkgWDzA4MqPY3yY3LdxzJaVUziWrvvkKUNULom0kZMqAZ5JyNmooaU
I28qUy+scSJSsnd5JmMBK3bgVX/6PqkwqXFp+eBRoP2Qm2pSxioZ8rVZoJOFUldP
ua3OYgPyfXUtfnSYtfHJ3yIL9SnBqoTPgwa3/iQqPPVJXxxXHVK2pAq7zK1k/MJe
WbgOGidUX6lrGQ==
-----END CERTIFICATE-----