Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
File:                     dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft (raw, json)
Hash identifier:          8AVxKaDnuEumOXHEWSRDKERhvUaIrRO38HnB92jzAy0=
Subject key identifier:   DD:D4:4D:29:67:E0:8B:C1:F6:5E:F1:1E:D7:D3:AD:5B:39:03:75:B6
Authority key identifier: 74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C
Certificate issuer:       /CN=74f675a1679816793d5b30ad2f253f56c8e2445c
Certificate serial:       019D265F6F9222DFB1D12B17D6457435721A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
Manifest number:          1881
Signing time:             Wed 25 Mar 2026 19:01:21 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:21 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:21 +0000
Files and hashes:         1: dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl (hash: LSCtk6FY6oLc/UKXphtCykBu966Rr/Bza7bWuXETvUU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:6f:92:22:df:b1:d1:2b:17:d6:45:74:35:72:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74f675a1679816793d5b30ad2f253f56c8e2445c
        Validity
            Not Before: Mar 25 19:01:21 2026 GMT
            Not After : Mar 26 19:01:21 2026 GMT
        Subject: CN=ddd44d2967e08bc1f65ef11ed7d3ad5b390375b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a5:4a:ab:ae:fb:93:6a:22:c2:5d:d2:58:d6:
                    22:ec:6e:ed:5a:66:b3:ad:df:f8:d9:5f:01:f4:c6:
                    64:6f:43:bf:d7:05:1b:ae:c5:c2:86:ca:6f:9b:3d:
                    fc:77:f0:b4:4f:de:4a:b0:1e:f8:6b:b1:0b:d9:31:
                    9c:51:59:49:eb:e3:1b:bc:b5:9b:09:af:d5:37:32:
                    dc:bf:f7:50:da:88:e9:f6:60:5d:0a:c6:b9:d1:df:
                    65:08:a0:7c:b7:1d:96:96:97:b0:5a:95:df:0c:d8:
                    38:cf:fb:ef:10:e2:02:c9:6a:45:e9:80:4b:d9:51:
                    64:bc:73:3f:ec:53:27:eb:26:6d:98:cf:2c:15:52:
                    f1:90:4c:31:ad:30:e7:99:7c:40:e2:d6:48:2b:8c:
                    0f:d2:62:4c:06:12:9e:38:00:65:21:dd:c6:e9:70:
                    37:ee:6e:db:e5:81:bd:63:b9:61:ca:ed:bc:42:8c:
                    fe:6b:dd:2f:06:96:d6:d3:d8:43:bc:09:86:22:7f:
                    39:83:92:8b:1a:16:59:6f:ae:e1:bf:97:dc:af:79:
                    36:9f:a2:c2:b9:c0:04:76:a5:ed:20:7c:ae:78:af:
                    0b:35:3a:a9:61:1d:a8:16:ea:99:d0:18:21:1f:93:
                    7a:de:28:fa:ea:7c:0a:0b:25:ae:6f:70:7c:7c:23:
                    28:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:D4:4D:29:67:E0:8B:C1:F6:5E:F1:1E:D7:D3:AD:5B:39:03:75:B6
            X509v3 Authority Key Identifier:
                keyid:74:F6:75:A1:67:98:16:79:3D:5B:30:AD:2F:25:3F:56:C8:E2:44:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8978cb-1a27-4f24-b552-336293734507/1/dPZ1oWeYFnk9WzCtLyU_VsjiRFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:67:9b:ae:81:81:8f:15:37:7d:a4:af:a4:d5:f5:da:8a:b4:
         4f:19:32:a2:fd:3a:89:98:e8:b5:b1:c5:8f:b6:dd:2d:25:7e:
         59:a5:df:ac:db:68:1e:19:66:bc:07:df:34:c0:8b:af:8f:7a:
         a5:da:ae:e4:08:57:11:34:fe:bb:2e:a2:57:b7:e4:03:2c:82:
         4a:5f:7a:b9:b0:5e:41:1d:04:5d:85:2c:d1:a8:ff:8c:42:e2:
         cd:c7:d3:1e:8b:b0:2b:c5:f9:78:4e:6b:95:b4:ba:82:4e:c1:
         54:31:55:ff:dd:74:e2:fa:f7:43:af:43:b3:77:d4:81:31:99:
         fe:6c:7d:11:80:54:88:88:71:4c:72:fc:ae:b9:1a:a8:cd:56:
         53:45:eb:53:89:6a:54:d2:53:47:94:c0:6c:aa:21:5e:cf:70:
         8c:e0:d9:bf:31:d6:45:57:bd:2b:97:7f:83:55:fe:10:f5:1a:
         66:2c:99:be:99:bc:0b:8d:f0:85:bf:c6:7b:a3:9f:a5:8b:57:
         06:1b:b7:d3:a5:df:bb:cd:32:c2:6c:38:1f:53:43:34:95:42:
         af:19:46:a4:db:88:59:46:a3:11:36:f2:28:3f:76:03:07:1b:
         c7:f4:00:5a:5a:5b:81:d1:95:a9:8f:c5:1c:86:64:46:ba:46:
         87:0a:74:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX2+SIt+x0SsX1kV0NXIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZjY3NWExNjc5ODE2NzkzZDViMzBhZDJmMjUzZjU2Yzhl
MjQ0NWMwHhcNMjYwMzI1MTkwMTIxWhcNMjYwMzI2MTkwMTIxWjAzMTEwLwYDVQQD
EyhkZGQ0NGQyOTY3ZTA4YmMxZjY1ZWYxMWVkN2QzYWQ1YjM5MDM3NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaVKq677k2oiwl3SWNYi7G7tWmaz
rd/42V8B9MZkb0O/1wUbrsXChspvmz38d/C0T95KsB74a7EL2TGcUVlJ6+MbvLWb
Ca/VNzLcv/dQ2ojp9mBdCsa50d9lCKB8tx2WlpewWpXfDNg4z/vvEOICyWpF6YBL
2VFkvHM/7FMn6yZtmM8sFVLxkEwxrTDnmXxA4tZIK4wP0mJMBhKeOABlId3G6XA3
7m7b5YG9Y7lhyu28Qoz+a90vBpbW09hDvAmGIn85g5KLGhZZb67hv5fcr3k2n6LC
ucAEdqXtIHyueK8LNTqpYR2oFuqZ0BghH5N63ij66nwKCyWub3B8fCMoRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3UTSln4IvB9l7xHtfTrVs5A3W2MB8GA1UdIwQY
MBaAFHT2daFnmBZ5PVswrS8lP1bI4kRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTIt
MzM2MjkzNzM0NTA3LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84OTc4Y2ItMWEyNy00ZjI0LWI1NTItMzM2MjkzNzM0NTA3
LzEvZFBaMW9XZVlGbms5V3pDdEx5VV9Wc2ppUkZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN2ebroGB
jxU3faSvpNX12oq0Txkyov06iZjotbHFj7bdLSV+WaXfrNtoHhlmvAffNMCLr496
pdqu5AhXETT+uy6iV7fkAyyCSl96ubBeQR0EXYUs0aj/jELizcfTHouwK8X5eE5r
lbS6gk7BVDFV/9104vr3Q69Ds3fUgTGZ/mx9EYBUiIhxTHL8rrkaqM1WU0XrU4lq
VNJTR5TAbKohXs9wjODZvzHWRVe9K5d/g1X+EPUaZiyZvpm8C43whb/Ge6OfpYtX
Bhu306Xfu80ywmw4H1NDNJVCrxlGpNuIWUajETbyKD92Awcbx/QAWlpbgdGVqY/F
HIZkRrpGhwp0bQ==
-----END CERTIFICATE-----