Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
File:                     D4jGhrHhIvzcFlwCN6D149mQvwE.mft (raw, json)
Hash identifier:          nJ+cgrAt85tPDeXoUG+YxZdDyVpITMCSHqC+6crz/Z8=
Subject key identifier:   DA:C1:B9:54:B7:CD:1D:97:D7:CC:E0:26:C7:AF:48:60:5D:3D:93:BF
Authority key identifier: 0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01
Certificate issuer:       /CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
Certificate serial:       019D2AE09A5D7151C7F0B43A4DB3DA1A5FB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
Manifest number:          0E35
Signing time:             Thu 26 Mar 2026 16:00:55 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:55 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:55 +0000
Files and hashes:         1: D4jGhrHhIvzcFlwCN6D149mQvwE.crl (hash: Vi6JBuXTLP/sAuk8MkpuEQoz5/75gI8ajv63Ha/OKiU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:9a:5d:71:51:c7:f0:b4:3a:4d:b3:da:1a:5f:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f88c686b1e122fcdc165c0237a0f5e3d990bf01
        Validity
            Not Before: Mar 26 16:00:55 2026 GMT
            Not After : Mar 27 16:00:55 2026 GMT
        Subject: CN=dac1b954b7cd1d97d7cce026c7af48605d3d93bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:55:7e:c7:39:ad:63:08:6a:25:e4:c0:ea:89:
                    d3:6c:9e:7f:ea:7e:b0:b1:95:85:f4:b8:ba:29:71:
                    1c:03:14:98:87:a3:ae:53:3d:80:16:4e:08:e8:6d:
                    9b:9f:d0:76:d5:73:90:7f:45:95:fc:3f:b5:a1:25:
                    7d:fe:c6:2d:3d:4b:65:9f:69:c1:06:9e:7d:29:96:
                    50:5a:e1:2b:61:b5:c7:e3:ad:7f:7b:b3:2f:46:f6:
                    c8:40:f3:fe:da:0b:6f:30:1b:a6:12:ea:e8:f8:cf:
                    86:86:74:3b:f7:83:4b:e4:78:10:c0:0c:04:6b:d6:
                    b0:62:e2:22:63:e3:cc:f9:0c:7b:a7:b5:3b:82:e4:
                    e6:67:14:c1:80:ac:42:4e:f1:f2:07:a7:0c:5e:57:
                    a4:a9:bf:1d:36:6b:db:c7:1f:76:ec:10:3a:80:43:
                    88:b4:fd:7b:9b:24:5d:21:0c:b6:dc:8b:4d:69:9e:
                    2f:a3:32:30:59:16:9e:27:91:17:8b:70:9a:40:36:
                    7a:66:e7:40:27:e4:c3:be:01:5e:2b:dc:60:29:ac:
                    df:d1:e9:2f:0a:ad:7a:4b:fe:ad:e2:52:e3:6e:d0:
                    5e:1e:26:07:11:1c:f6:da:5d:52:ec:0a:71:31:cf:
                    df:78:30:99:5b:41:68:ca:f2:00:4d:19:41:92:f6:
                    e1:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:C1:B9:54:B7:CD:1D:97:D7:CC:E0:26:C7:AF:48:60:5D:3D:93:BF
            X509v3 Authority Key Identifier:
                keyid:0F:88:C6:86:B1:E1:22:FC:DC:16:5C:02:37:A0:F5:E3:D9:90:BF:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D4jGhrHhIvzcFlwCN6D149mQvwE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e6f0c4-799d-4620-ab7b-b4225de2723a/1/D4jGhrHhIvzcFlwCN6D149mQvwE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:80:3b:de:a9:ba:44:e9:ec:83:97:30:12:ef:e8:51:fa:60:
         9f:df:84:e5:81:9b:97:c7:f5:69:df:8d:3c:9a:77:09:5c:0e:
         37:30:49:1a:e3:57:08:09:9f:3a:e6:aa:02:02:fd:c2:92:e5:
         64:99:21:ba:41:6e:ea:9c:bb:c3:fe:1f:fb:32:81:da:e6:bd:
         ad:58:c0:61:b9:f0:35:61:65:b6:3d:42:ad:60:16:14:88:d1:
         59:60:3a:ad:f8:31:00:00:33:6b:72:1f:73:57:c6:db:d1:0a:
         30:fa:8d:87:87:59:b0:4d:6e:76:69:2b:66:bb:5b:3b:a0:13:
         76:55:4d:e5:2d:6d:2b:2e:59:9e:b8:e2:9c:4d:d3:e9:06:19:
         03:5f:1f:f5:96:2c:9c:4b:d2:30:a7:e1:e0:21:e8:ec:32:39:
         f2:fa:4a:a6:2a:69:18:42:4d:36:ab:ae:07:01:05:d3:1c:21:
         06:d5:c5:7b:d0:f5:d3:4e:03:24:ac:ea:5b:55:8f:c1:e8:ea:
         94:be:4b:43:bf:70:c3:12:f8:41:e2:12:2e:05:fb:fc:42:2e:
         63:6f:22:d6:99:7a:da:35:25:b0:c4:f7:1c:28:3a:38:5f:23:
         bc:23:44:19:59:28:8b:bf:83:ab:c2:bc:8d:38:af:d5:4b:bc:
         3a:98:b0:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4JpdcVHH8LQ6TbPaGl+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmODhjNjg2YjFlMTIyZmNkYzE2NWMwMjM3YTBmNWUzZDk5
MGJmMDEwHhcNMjYwMzI2MTYwMDU1WhcNMjYwMzI3MTYwMDU1WjAzMTEwLwYDVQQD
EyhkYWMxYjk1NGI3Y2QxZDk3ZDdjY2UwMjZjN2FmNDg2MDVkM2Q5M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1V+xzmtYwhqJeTA6onTbJ5/6n6w
sZWF9Li6KXEcAxSYh6OuUz2AFk4I6G2bn9B21XOQf0WV/D+1oSV9/sYtPUtln2nB
Bp59KZZQWuErYbXH461/e7MvRvbIQPP+2gtvMBumEuro+M+GhnQ794NL5HgQwAwE
a9awYuIiY+PM+Qx7p7U7guTmZxTBgKxCTvHyB6cMXlekqb8dNmvbxx927BA6gEOI
tP17myRdIQy23ItNaZ4vozIwWRaeJ5EXi3CaQDZ6ZudAJ+TDvgFeK9xgKazf0ekv
Cq16S/6t4lLjbtBeHiYHERz22l1S7ApxMc/feDCZW0FoyvIATRlBkvbhUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrBuVS3zR2X18zgJsevSGBdPZO/MB8GA1UdIwQY
MBaAFA+Ixoax4SL83BZcAjeg9ePZkL8BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2It
YjQyMjVkZTI3MjNhLzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lNmYwYzQtNzk5ZC00NjIwLWFiN2ItYjQyMjVkZTI3MjNh
LzEvRDRqR2hySGhJdnpjRmx3Q042RDE0OW1RdndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIA73qm6
ROnsg5cwEu/oUfpgn9+E5YGbl8f1ad+NPJp3CVwONzBJGuNXCAmfOuaqAgL9wpLl
ZJkhukFu6py7w/4f+zKB2ua9rVjAYbnwNWFltj1CrWAWFIjRWWA6rfgxAAAza3If
c1fG29EKMPqNh4dZsE1udmkrZrtbO6ATdlVN5S1tKy5ZnrjinE3T6QYZA18f9ZYs
nEvSMKfh4CHo7DI58vpKpippGEJNNquuBwEF0xwhBtXFe9D1004DJKzqW1WPwejq
lL5LQ79wwxL4QeISLgX7/EIuY28i1pl62jUlsMT3HCg6OF8jvCNEGVkoi7+Dq8K8
jTiv1Uu8OpiwAQ==
-----END CERTIFICATE-----