Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
File:                     Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft (raw, json)
Hash identifier:          5XkS186YAsmR/ka4tc8IU1A2thrcJVb+CRWv65JCwl4=
Subject key identifier:   A8:75:E1:21:D3:00:4E:37:48:B3:C1:0A:28:7C:CF:DD:C1:89:D7:31
Authority key identifier: 0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90
Certificate issuer:       /CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
Certificate serial:       019D27E03CCA25369A6E441C55E10EC09EFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
Manifest number:          096B
Signing time:             Thu 26 Mar 2026 02:01:40 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:40 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:40 +0000
Files and hashes:         1: Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl (hash: dDZPAezag7VplmfPigBQMt9O3FWr5DXoPI0dNiiC5UA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:3c:ca:25:36:9a:6e:44:1c:55:e1:0e:c0:9e:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e1fb70f90ba2cf058c1206deb0ef79737026e90
        Validity
            Not Before: Mar 26 02:01:40 2026 GMT
            Not After : Mar 27 02:01:40 2026 GMT
        Subject: CN=a875e121d3004e3748b3c10a287ccfddc189d731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5c:42:eb:82:81:cb:af:11:f3:84:6c:1f:b1:
                    2e:95:0a:90:e8:e7:1b:1b:86:07:a5:01:50:4d:9b:
                    2e:76:cb:74:2d:fe:36:37:98:28:0e:28:2b:60:5a:
                    46:51:e8:ab:fa:2d:72:35:64:81:66:2c:39:03:a7:
                    09:cb:fb:b0:3d:02:e8:ba:90:6d:51:19:4d:0a:61:
                    d4:22:66:94:1c:d4:03:42:7c:ab:79:95:35:e2:73:
                    91:46:6a:a6:43:54:32:66:00:e6:53:1d:07:ab:5b:
                    82:23:27:66:e9:52:5e:ee:fa:ae:cc:85:e6:fe:43:
                    45:83:15:71:bb:c1:f7:73:13:f9:79:90:37:2e:42:
                    68:26:9b:02:35:a5:28:6a:3e:f7:24:99:05:b0:3b:
                    31:9b:fb:3c:01:37:f4:b4:c3:b7:c6:d8:ec:18:3b:
                    ac:2b:f4:9e:cc:c3:4f:6b:c5:0e:56:35:e1:71:18:
                    e5:54:80:c0:b1:e3:f8:b3:6f:10:96:2d:9f:bb:04:
                    9f:3e:61:fa:76:a1:e3:9f:e3:e9:d1:e7:bd:e5:8d:
                    54:f2:9e:78:e6:e4:fd:9c:2a:4a:af:bb:16:19:45:
                    89:77:dc:3d:46:e6:9e:3b:02:83:63:31:d3:9c:82:
                    41:18:f9:2a:41:29:0a:48:af:aa:24:b8:f5:01:75:
                    19:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:75:E1:21:D3:00:4E:37:48:B3:C1:0A:28:7C:CF:DD:C1:89:D7:31
            X509v3 Authority Key Identifier:
                keyid:0E:1F:B7:0F:90:BA:2C:F0:58:C1:20:6D:EB:0E:F7:97:37:02:6E:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dh-3D5C6LPBYwSBt6w73lzcCbpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/9a6bc2-8e5f-4a6d-b206-27cb9dcd60fc/1/Dh-3D5C6LPBYwSBt6w73lzcCbpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:b8:0e:5d:22:c8:12:f5:13:1c:e4:b7:23:46:18:af:d2:15:
         3a:1f:8c:ed:16:cc:61:e9:a2:36:25:4b:e9:b4:ae:bc:47:6b:
         25:11:58:f7:72:cd:2d:e5:9c:48:09:05:96:49:a2:07:77:72:
         44:17:82:d4:f4:4e:3a:48:d7:ff:16:38:b9:e5:26:f7:80:bc:
         dd:9b:cf:8b:0b:62:48:73:3a:91:99:77:51:35:89:ec:2d:28:
         80:dc:aa:04:bb:62:bd:2e:7b:37:79:5a:7c:0d:7d:46:ab:33:
         89:8e:4b:3f:7d:74:7c:73:7d:da:c1:d6:64:f7:83:67:e8:5f:
         7c:ee:b8:5f:4d:b3:f8:0c:3e:b3:51:48:a5:e5:ce:87:2b:e7:
         14:88:d3:ca:81:a8:20:47:a0:a4:2d:d1:8e:f3:7e:30:be:43:
         95:df:e2:a4:a4:7b:93:28:8f:d4:85:86:7a:f7:fa:e4:29:39:
         c0:e1:6e:e1:a5:50:4f:4b:c8:90:c7:9c:a4:3a:fc:c3:42:26:
         ce:a6:b4:85:b4:77:e7:5e:d2:0a:95:67:ae:46:56:1c:c8:91:
         5b:a9:bf:7c:81:78:5d:cb:9e:cd:61:81:b0:10:f3:06:5e:76:
         d6:0b:36:c9:fe:7b:14:99:fe:b2:e1:44:01:34:12:3b:a8:5b:
         74:51:01:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4DzKJTaabkQcVeEOwJ77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMWZiNzBmOTBiYTJjZjA1OGMxMjA2ZGViMGVmNzk3Mzcw
MjZlOTAwHhcNMjYwMzI2MDIwMTQwWhcNMjYwMzI3MDIwMTQwWjAzMTEwLwYDVQQD
EyhhODc1ZTEyMWQzMDA0ZTM3NDhiM2MxMGEyODdjY2ZkZGMxODlkNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1xC64KBy68R84RsH7EulQqQ6Ocb
G4YHpQFQTZsudst0Lf42N5goDigrYFpGUeir+i1yNWSBZiw5A6cJy/uwPQLoupBt
URlNCmHUImaUHNQDQnyreZU14nORRmqmQ1QyZgDmUx0Hq1uCIydm6VJe7vquzIXm
/kNFgxVxu8H3cxP5eZA3LkJoJpsCNaUoaj73JJkFsDsxm/s8ATf0tMO3xtjsGDus
K/SezMNPa8UOVjXhcRjlVIDAseP4s28Qli2fuwSfPmH6dqHjn+Pp0ee95Y1U8p54
5uT9nCpKr7sWGUWJd9w9RuaeOwKDYzHTnIJBGPkqQSkKSK+qJLj1AXUZ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKh14SHTAE43SLPBCih8z93BidcxMB8GA1UdIwQY
MBaAFA4ftw+QuizwWMEgbesO95c3Am6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYt
MjdjYjlkY2Q2MGZjLzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny85YTZiYzItOGU1Zi00YTZkLWIyMDYtMjdjYjlkY2Q2MGZj
LzEvRGgtM0Q1QzZMUEJZd1NCdDZ3NzNsemNDYnBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdLgOXSLI
EvUTHOS3I0YYr9IVOh+M7RbMYemiNiVL6bSuvEdrJRFY93LNLeWcSAkFlkmiB3dy
RBeC1PROOkjX/xY4ueUm94C83ZvPiwtiSHM6kZl3UTWJ7C0ogNyqBLtivS57N3la
fA19RqsziY5LP310fHN92sHWZPeDZ+hffO64X02z+Aw+s1FIpeXOhyvnFIjTyoGo
IEegpC3RjvN+ML5Dld/ipKR7kyiP1IWGevf65Ck5wOFu4aVQT0vIkMecpDr8w0Im
zqa0hbR3517SCpVnrkZWHMiRW6m/fIF4XcuezWGBsBDzBl521gs2yf57FJn+suFE
ATQSO6hbdFEBuQ==
-----END CERTIFICATE-----