Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          1J3PKTLbrpa6YenwfyBCwAeWY6rO5t8arXK3ZAzRJZM=
Subject key identifier:   2B:DD:47:37:0A:53:7B:5C:AC:86:C1:F6:AC:A4:01:E0:9A:10:5F:83
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       019D28F224F731F2012D4D8FE7D54FD5C1A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 07:00:50 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:50 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:50 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: 15rhB6C+ZocKH93jgMxO9Ot6nJqclZlIt1KQ56Qeehs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:24:f7:31:f2:01:2d:4d:8f:e7:d5:4f:d5:c1:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Mar 26 07:00:50 2026 GMT
            Not After : Mar 27 07:00:50 2026 GMT
        Subject: CN=2bdd47370a537b5cac86c1f6aca401e09a105f83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a8:4e:ba:cf:4a:d5:1f:b1:58:b4:67:33:69:
                    fe:11:4a:ce:cd:ca:ee:46:e6:cc:e8:38:ec:53:5d:
                    a0:1c:8e:cf:4e:30:68:d6:5b:86:a8:55:06:aa:d2:
                    b1:30:2d:15:0e:46:e9:e2:e0:3f:76:36:5e:c1:a3:
                    75:bb:81:ac:cd:60:72:da:8c:1c:92:76:c3:e5:fd:
                    0e:04:f7:a0:15:60:b8:0e:b5:51:57:ac:85:f2:07:
                    2b:91:28:15:53:b1:c1:ed:20:10:6c:2d:94:04:36:
                    5d:27:be:cd:5b:cd:7a:2c:54:59:e0:30:c6:cb:7b:
                    ca:4f:7d:ca:06:42:6e:4c:2e:58:45:49:57:98:8d:
                    fb:e6:3b:22:e5:d8:35:51:b8:42:d4:e6:c6:37:cd:
                    0f:ec:73:85:dc:e5:a9:16:ff:17:46:dc:30:64:99:
                    13:26:d5:e9:06:a3:c0:e8:99:37:3a:d3:a9:85:e6:
                    62:a7:b7:32:90:16:e8:b8:4b:6e:6a:bc:c5:33:73:
                    25:22:15:8c:8c:da:6a:54:57:71:c5:be:15:91:be:
                    a0:af:01:da:dd:37:55:be:1c:d2:0c:9d:38:9e:b3:
                    d8:47:e0:6a:f1:dd:19:3b:0c:a6:c6:13:5f:55:9c:
                    96:5c:6e:3c:65:97:76:21:51:61:20:ca:4e:f7:21:
                    09:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:DD:47:37:0A:53:7B:5C:AC:86:C1:F6:AC:A4:01:E0:9A:10:5F:83
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:07:d1:28:90:28:5e:0f:7e:7d:99:7b:72:6a:10:d2:92:ad:
         bd:cd:d7:43:76:47:84:f1:01:e9:57:63:26:02:4e:a3:07:c2:
         db:41:3f:a9:b5:0e:f6:20:3b:59:b9:2d:24:97:04:aa:ab:7c:
         59:de:76:9b:0e:3a:d3:df:62:49:d7:b1:a0:2d:68:9c:26:31:
         29:e4:62:69:a4:96:50:3e:2c:db:29:e9:f2:7e:33:40:d7:8e:
         14:32:1f:c3:9f:f1:6e:56:46:f1:b0:50:6c:39:1b:03:81:d8:
         6e:b8:a3:4f:d6:19:8f:1e:fc:cc:f2:c0:84:86:82:d9:6b:6d:
         41:60:66:22:ea:d1:4c:ec:6a:ba:47:45:49:8f:c0:93:35:f2:
         c9:1b:8c:b5:83:1a:f4:e0:16:9b:c0:dc:a5:47:98:4c:dd:d9:
         0b:60:c0:4a:a9:0a:32:21:eb:ff:b9:4f:96:08:b5:e3:23:02:
         fa:54:77:35:48:30:5b:29:1f:d2:39:42:98:76:7a:6b:c3:64:
         3d:df:e2:33:99:c0:39:f3:df:a8:1c:c2:ed:50:93:9d:a0:1a:
         8e:0f:42:f5:49:e9:72:d7:32:2a:61:18:fb:ee:6e:08:5f:eb:
         f7:0a:c3:be:36:6b:ea:a5:af:c5:34:37:b7:43:03:04:f0:92:
         9c:6a:6b:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8iT3MfIBLU2P59VP1cGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjYwMzI2MDcwMDUwWhcNMjYwMzI3MDcwMDUwWjAzMTEwLwYDVQQD
EygyYmRkNDczNzBhNTM3YjVjYWM4NmMxZjZhY2E0MDFlMDlhMTA1ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqhOus9K1R+xWLRnM2n+EUrOzcru
RubM6DjsU12gHI7PTjBo1luGqFUGqtKxMC0VDkbp4uA/djZewaN1u4GszWBy2owc
knbD5f0OBPegFWC4DrVRV6yF8gcrkSgVU7HB7SAQbC2UBDZdJ77NW816LFRZ4DDG
y3vKT33KBkJuTC5YRUlXmI375jsi5dg1UbhC1ObGN80P7HOF3OWpFv8XRtwwZJkT
JtXpBqPA6Jk3OtOpheZip7cykBbouEtuarzFM3MlIhWMjNpqVFdxxb4Vkb6grwHa
3TdVvhzSDJ04nrPYR+Bq8d0ZOwymxhNfVZyWXG48ZZd2IVFhIMpO9yEJ6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvdRzcKU3tcrIbB9qykAeCaEF+DMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJgfRKJAo
Xg9+fZl7cmoQ0pKtvc3XQ3ZHhPEB6VdjJgJOowfC20E/qbUO9iA7WbktJJcEqqt8
Wd52mw46099iSdexoC1onCYxKeRiaaSWUD4s2ynp8n4zQNeOFDIfw5/xblZG8bBQ
bDkbA4HYbrijT9YZjx78zPLAhIaC2WttQWBmIurRTOxqukdFSY/AkzXyyRuMtYMa
9OAWm8DcpUeYTN3ZC2DASqkKMiHr/7lPlgi14yMC+lR3NUgwWykf0jlCmHZ6a8Nk
Pd/iM5nAOfPfqBzC7VCTnaAajg9C9UnpctcyKmEY++5uCF/r9wrDvjZr6qWvxTQ3
t0MDBPCSnGprWQ==
-----END CERTIFICATE-----