Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          gkiaC0r1cQgF4j5lU0Ro1yr0Z99mx9DkqPU9f15uqfE=
Subject key identifier:   BE:35:DB:7B:FC:EC:45:85:CD:33:33:20:0F:F0:16:E3:0D:33:98:65
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       019D265FDCE99876F27E88235D13416F82A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          1884
Signing time:             Wed 25 Mar 2026 19:01:49 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:49 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:49 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: /2g1Uaz0v9rVyBCXJd5thyVbO6EobVtf1vruBJC4SMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:dc:e9:98:76:f2:7e:88:23:5d:13:41:6f:82:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Mar 25 19:01:49 2026 GMT
            Not After : Mar 26 19:01:49 2026 GMT
        Subject: CN=be35db7bfcec4585cd3333200ff016e30d339865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c4:62:a5:f1:51:e1:84:ee:9b:28:1e:ae:0f:
                    9b:c0:01:6b:00:70:13:58:5a:4d:9b:6e:29:79:f6:
                    41:14:3e:30:3d:ef:76:c0:46:9f:cf:72:81:a6:d0:
                    d0:ac:ff:ad:2a:4a:2b:8c:be:be:89:eb:49:d5:00:
                    69:85:0a:9f:2f:aa:3a:01:f2:c2:48:3f:94:e6:64:
                    e8:33:cc:44:98:60:69:b9:73:1c:7a:d2:46:54:85:
                    ef:26:b3:f4:fd:8e:f1:96:69:f3:81:49:25:99:f0:
                    bc:40:cb:e5:29:af:0e:1f:ad:63:c9:46:ba:39:71:
                    45:2c:1a:cd:ef:c7:56:cd:54:5f:24:7f:4a:4b:f0:
                    02:df:fb:5d:a9:7d:de:04:80:15:14:47:ac:4e:41:
                    b0:5d:61:0a:31:f6:d6:fb:28:35:83:11:25:42:a0:
                    c9:98:04:b9:a5:2a:d9:d8:0d:58:3e:4b:11:72:67:
                    53:8e:8a:37:54:b8:cf:a4:5d:03:46:1e:28:99:ec:
                    37:47:45:92:a2:27:71:61:5d:dd:9c:b7:23:26:99:
                    86:e2:fb:69:a9:9b:49:43:3e:e2:fb:bb:24:96:61:
                    53:66:88:0f:0a:02:91:c8:8d:8f:51:ac:da:ea:cf:
                    4e:c8:80:7a:a7:97:69:d6:c0:21:5e:60:0b:31:d2:
                    f8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:35:DB:7B:FC:EC:45:85:CD:33:33:20:0F:F0:16:E3:0D:33:98:65
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:f8:83:af:60:fd:76:ef:f8:a4:46:e5:39:ad:e4:3b:4c:56:
         b6:af:95:06:be:dc:77:46:00:f4:22:a5:40:fb:5b:0f:b2:9f:
         57:5f:ec:1b:0d:d0:5b:a7:e6:ce:fe:18:c0:0e:9b:cb:1f:e4:
         c3:33:08:bb:f9:8a:7b:11:3b:e7:d8:03:ec:c0:60:6b:93:18:
         5d:f0:3a:4e:fb:41:40:2a:8a:c4:07:6e:94:ad:52:32:ba:5a:
         41:71:b5:9f:c2:99:95:da:ab:60:9a:84:63:e4:56:f2:60:c7:
         d0:64:7a:69:ba:4a:43:6d:1f:27:81:29:b7:f5:93:ca:c0:71:
         f1:55:0c:33:a6:d0:ea:e5:0a:e1:b0:06:60:1d:e6:a8:d9:b2:
         0e:56:f2:f4:c1:ff:ce:8a:35:f5:ef:a3:f1:38:00:ed:c7:b8:
         a3:90:ac:50:b4:b1:a3:d7:1b:da:e8:a0:54:f0:97:8b:9c:9d:
         d9:13:90:1d:8c:ed:8f:7d:b1:c5:11:02:08:2e:fb:e2:75:01:
         e7:a1:f4:6d:dc:a8:c3:65:ef:4a:e1:01:a2:4b:09:25:17:23:
         18:2c:bd:f7:bd:bc:4f:ea:2e:53:63:43:57:f8:fc:b7:c9:f9:
         b5:5b:c5:a6:6f:5b:c8:3f:b4:3a:4e:71:9f:5f:09:3d:39:f7:
         e6:24:eb:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX9zpmHbyfogjXRNBb4KnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjYwMzI1MTkwMTQ5WhcNMjYwMzI2MTkwMTQ5WjAzMTEwLwYDVQQD
EyhiZTM1ZGI3YmZjZWM0NTg1Y2QzMzMzMjAwZmYwMTZlMzBkMzM5ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMRipfFR4YTumygerg+bwAFrAHAT
WFpNm24pefZBFD4wPe92wEafz3KBptDQrP+tKkorjL6+ietJ1QBphQqfL6o6AfLC
SD+U5mToM8xEmGBpuXMcetJGVIXvJrP0/Y7xlmnzgUklmfC8QMvlKa8OH61jyUa6
OXFFLBrN78dWzVRfJH9KS/AC3/tdqX3eBIAVFEesTkGwXWEKMfbW+yg1gxElQqDJ
mAS5pSrZ2A1YPksRcmdTjoo3VLjPpF0DRh4omew3R0WSoidxYV3dnLcjJpmG4vtp
qZtJQz7i+7sklmFTZogPCgKRyI2PUaza6s9OyIB6p5dp1sAhXmALMdL4VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL4123v87EWFzTMzIA/wFuMNM5hlMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnPiDr2D9
du/4pEblOa3kO0xWtq+VBr7cd0YA9CKlQPtbD7KfV1/sGw3QW6fmzv4YwA6byx/k
wzMIu/mKexE759gD7MBga5MYXfA6TvtBQCqKxAdulK1SMrpaQXG1n8KZldqrYJqE
Y+RW8mDH0GR6abpKQ20fJ4Ept/WTysBx8VUMM6bQ6uUK4bAGYB3mqNmyDlby9MH/
zoo19e+j8TgA7ce4o5CsULSxo9cb2uigVPCXi5yd2ROQHYztj32xxRECCC774nUB
56H0bdyow2XvSuEBoksJJRcjGCy99728T+ouU2NDV/j8t8n5tVvFpm9byD+0Ok5x
n18JPTn35iTr3w==
-----END CERTIFICATE-----