Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft
File:                     dCadQgSZl1rpNPNM45WTgRTJuns.mft (raw, json)
Hash identifier:          gxsyEgUA6bbrNANxlUGbBK5u9OzHisfe3W4KY2AxO9A=
Subject key identifier:   0B:BA:ED:59:CC:7F:FB:57:DA:BA:43:74:DA:2C:B8:B9:15:C8:DF:52
Authority key identifier: 74:26:9D:42:04:99:97:5A:E9:34:F3:4C:E3:95:93:81:14:C9:BA:7B
Certificate issuer:       /CN=74269d420499975ae934f34ce395938114c9ba7b
Certificate serial:       019D270393AAF84796F6595EE09A10207473
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCadQgSZl1rpNPNM45WTgRTJuns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft
Manifest number:          13DA
Signing time:             Wed 25 Mar 2026 22:00:38 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:38 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:38 +0000
Files and hashes:         1: dCadQgSZl1rpNPNM45WTgRTJuns.crl (hash: tnG++qiUt4OqpoRNIEI+sVsJqC4i6rxgwIo32SWRRsA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCadQgSZl1rpNPNM45WTgRTJuns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:93:aa:f8:47:96:f6:59:5e:e0:9a:10:20:74:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74269d420499975ae934f34ce395938114c9ba7b
        Validity
            Not Before: Mar 25 22:00:38 2026 GMT
            Not After : Mar 26 22:00:38 2026 GMT
        Subject: CN=0bbaed59cc7ffb57daba4374da2cb8b915c8df52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ac:fc:ae:33:47:e4:0f:01:92:d8:06:83:af:
                    c2:6b:0a:d3:d9:ed:86:ca:2b:7b:dc:6c:65:af:af:
                    ec:23:71:65:af:09:ff:ce:e2:3d:df:08:b1:4c:d3:
                    09:6e:fa:b3:82:f7:3c:60:d3:bf:87:1b:31:e0:c5:
                    96:43:7e:b2:98:b0:a7:81:18:9f:8e:d9:11:b3:f9:
                    1f:c6:a7:f1:10:2b:e8:a0:82:9c:40:7c:03:cf:69:
                    04:c4:e6:95:38:6a:a6:51:d1:41:e1:55:6b:8d:64:
                    6d:b2:fb:e3:70:77:81:41:60:31:8f:d8:84:f8:e6:
                    9e:61:03:43:ef:a6:09:da:87:87:da:a5:07:95:13:
                    ad:e9:8e:fd:ac:b6:4c:8b:c4:b6:ee:b5:17:0c:ec:
                    69:14:89:d8:2a:e3:0a:70:49:fb:89:cf:01:4a:0c:
                    8f:15:29:76:45:bb:57:2f:ee:62:fc:99:8b:cb:77:
                    06:68:d8:c2:56:0a:de:ba:aa:aa:c0:fe:05:f2:9a:
                    f4:fe:f9:96:0e:73:59:5c:95:bc:07:a5:59:48:5b:
                    08:1a:40:42:d8:66:96:8e:71:66:c4:57:0c:e1:cc:
                    79:6b:dd:86:3d:6e:68:54:3c:aa:ee:4b:16:62:b8:
                    4f:92:9d:98:f0:86:15:5f:b1:c9:99:af:52:1c:65:
                    e5:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:BA:ED:59:CC:7F:FB:57:DA:BA:43:74:DA:2C:B8:B9:15:C8:DF:52
            X509v3 Authority Key Identifier:
                keyid:74:26:9D:42:04:99:97:5A:E9:34:F3:4C:E3:95:93:81:14:C9:BA:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCadQgSZl1rpNPNM45WTgRTJuns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/49d813-2d9e-44b6-97ba-ea9c2c5222fb/1/dCadQgSZl1rpNPNM45WTgRTJuns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:69:02:9a:81:38:4a:1e:67:04:d5:f9:88:cc:34:cd:68:5a:
         3c:47:b2:0b:9a:b4:2b:d3:2d:65:70:2a:9d:5b:90:9b:23:fb:
         18:81:f8:05:ce:89:7b:0e:af:ca:c8:2e:de:36:d3:3d:17:9e:
         ef:05:9c:0b:fb:d2:a7:41:59:36:3d:35:c9:5c:c9:57:78:e8:
         12:99:26:0f:21:35:da:9a:1e:44:96:0a:f0:37:f0:98:6a:fd:
         12:6d:ce:6a:6f:b7:e1:9c:7c:a5:86:08:56:0a:a8:d1:a8:bb:
         9c:16:47:6e:0c:dd:35:11:6e:00:20:90:08:41:17:9c:bd:f2:
         10:7d:32:47:f0:4a:51:41:0e:87:73:b5:58:3b:1c:53:13:6d:
         79:a9:1c:f3:c6:23:9a:8c:f7:85:ae:fe:8b:75:22:cd:a7:51:
         41:4a:54:7b:48:15:ba:2d:1d:00:60:2c:a5:70:ec:a5:a1:2e:
         92:1e:fb:28:62:69:f4:57:f2:42:f8:6c:4a:86:cf:b7:00:1f:
         26:a2:6e:3c:de:b9:23:36:b8:71:97:e9:20:66:66:74:be:82:
         5b:0d:1d:a5:6f:04:97:4e:3f:79:0a:bd:90:bf:22:91:9b:d8:
         00:03:c0:3f:62:ea:5a:64:7d:93:e9:d4:47:df:49:aa:ce:99:
         21:28:10:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA5Oq+EeW9lle4JoQIHRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjY5ZDQyMDQ5OTk3NWFlOTM0ZjM0Y2UzOTU5MzgxMTRj
OWJhN2IwHhcNMjYwMzI1MjIwMDM4WhcNMjYwMzI2MjIwMDM4WjAzMTEwLwYDVQQD
EygwYmJhZWQ1OWNjN2ZmYjU3ZGFiYTQzNzRkYTJjYjhiOTE1YzhkZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6z8rjNH5A8BktgGg6/CawrT2e2G
yit73Gxlr6/sI3Flrwn/zuI93wixTNMJbvqzgvc8YNO/hxsx4MWWQ36ymLCngRif
jtkRs/kfxqfxECvooIKcQHwDz2kExOaVOGqmUdFB4VVrjWRtsvvjcHeBQWAxj9iE
+OaeYQND76YJ2oeH2qUHlROt6Y79rLZMi8S27rUXDOxpFInYKuMKcEn7ic8BSgyP
FSl2RbtXL+5i/JmLy3cGaNjCVgreuqqqwP4F8pr0/vmWDnNZXJW8B6VZSFsIGkBC
2GaWjnFmxFcM4cx5a92GPW5oVDyq7ksWYrhPkp2Y8IYVX7HJma9SHGXlwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAu67VnMf/tX2rpDdNosuLkVyN9SMB8GA1UdIwQY
MBaAFHQmnUIEmZda6TTzTOOVk4EUybp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENhZFFnU1psMXJwTlBOTTQ1V1RnUlRKdW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80OWQ4MTMtMmQ5ZS00NGI2LTk3YmEt
ZWE5YzJjNTIyMmZiLzEvZENhZFFnU1psMXJwTlBOTTQ1V1RnUlRKdW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80OWQ4MTMtMmQ5ZS00NGI2LTk3YmEtZWE5YzJjNTIyMmZi
LzEvZENhZFFnU1psMXJwTlBOTTQ1V1RnUlRKdW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmkCmoE4
Sh5nBNX5iMw0zWhaPEeyC5q0K9MtZXAqnVuQmyP7GIH4Bc6Jew6vysgu3jbTPRee
7wWcC/vSp0FZNj01yVzJV3joEpkmDyE12poeRJYK8DfwmGr9Em3Oam+34Zx8pYYI
Vgqo0ai7nBZHbgzdNRFuACCQCEEXnL3yEH0yR/BKUUEOh3O1WDscUxNteakc88Yj
moz3ha7+i3UizadRQUpUe0gVui0dAGAspXDspaEukh77KGJp9FfyQvhsSobPtwAf
JqJuPN65Iza4cZfpIGZmdL6CWw0dpW8El04/eQq9kL8ikZvYAAPAP2LqWmR9k+nU
R99Jqs6ZISgQrA==
-----END CERTIFICATE-----