Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
File:                     Dkbx623dT_7-GDgAMCvmNs_pZTc.mft (raw, json)
Hash identifier:          7FMzOXeFQ5VzEhcTbBpd1wi/PKR9w3so2V1c9YCF1cU=
Subject key identifier:   6E:E6:DC:22:C3:F7:71:5E:78:EA:97:E0:DA:97:DB:66:A7:02:C1:1F
Authority key identifier: 0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37
Certificate issuer:       /CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
Certificate serial:       019D2703F717592A735364EB6BFF59E4E98A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
Manifest number:          1882
Signing time:             Wed 25 Mar 2026 22:01:04 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:04 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:04 +0000
Files and hashes:         1: Dkbx623dT_7-GDgAMCvmNs_pZTc.crl (hash: i98c2Rbep4wqJv/hxb7i1ahWBHF9KddYCa2///IPUig=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:f7:17:59:2a:73:53:64:eb:6b:ff:59:e4:e9:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e46f1eb6ddd4ffefe183800302be636cfe96537
        Validity
            Not Before: Mar 25 22:01:04 2026 GMT
            Not After : Mar 26 22:01:04 2026 GMT
        Subject: CN=6ee6dc22c3f7715e78ea97e0da97db66a702c11f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:09:cf:c9:00:ad:ed:5c:28:e2:b0:03:38:a7:
                    87:de:9f:d3:ef:e1:53:7c:b8:6b:d0:81:d9:14:df:
                    21:4d:02:5d:f1:cb:ea:8c:f8:fd:5f:22:7c:16:80:
                    12:04:65:17:e3:04:5f:11:59:45:04:9e:5b:5e:a7:
                    db:f0:16:ec:ea:78:95:ab:a9:74:4e:f5:0f:97:da:
                    98:86:44:a2:1e:6b:ad:2d:eb:18:1e:16:ee:ce:08:
                    28:0f:2d:78:a0:ee:dd:b3:32:e1:0e:07:c1:ce:2d:
                    a9:9a:96:2e:1a:84:43:6c:f3:2b:96:f3:d4:13:5a:
                    03:43:cc:22:16:5a:48:54:12:8f:06:dc:7f:44:66:
                    3a:99:8e:f3:b4:20:60:f7:e3:85:df:52:9f:5e:39:
                    b0:35:90:80:17:dd:10:ed:f8:4e:da:f1:b2:5d:cc:
                    65:55:17:ab:5a:38:61:ab:30:66:f1:c1:88:06:73:
                    05:eb:3f:f6:1b:b9:6b:74:31:30:63:ff:08:d1:08:
                    98:37:b3:39:48:4d:50:11:18:2e:2e:1e:e0:13:27:
                    03:b0:91:51:4e:65:cd:d6:f3:a0:6e:d3:11:05:f4:
                    35:6b:e5:72:c7:72:05:4d:f4:ef:5e:5e:21:c6:40:
                    2a:75:ee:60:09:c8:f6:da:46:9d:5b:bc:4e:7a:45:
                    32:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E6:DC:22:C3:F7:71:5E:78:EA:97:E0:DA:97:DB:66:A7:02:C1:1F
            X509v3 Authority Key Identifier:
                keyid:0E:46:F1:EB:6D:DD:4F:FE:FE:18:38:00:30:2B:E6:36:CF:E9:65:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dkbx623dT_7-GDgAMCvmNs_pZTc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/558afe-49fe-438e-bd37-f4fced35b352/1/Dkbx623dT_7-GDgAMCvmNs_pZTc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:f9:8e:c8:61:85:92:e4:14:81:48:03:67:50:19:3f:c2:a2:
         a3:9d:95:a7:27:91:79:6f:3b:06:c1:c7:f2:48:15:ac:05:64:
         a6:76:12:5a:71:c2:93:2a:b6:9a:94:22:18:22:c2:c7:8a:8b:
         7c:71:1f:2b:4f:bd:43:81:08:b8:2a:54:cb:16:e7:da:bf:50:
         93:6d:be:12:f8:26:98:b2:9c:dc:3c:b4:69:8b:54:34:7d:b4:
         75:51:c0:88:2e:c4:c5:c2:34:8b:a2:6d:22:ce:3d:25:b6:82:
         da:2a:f5:1f:08:1a:f6:c8:0e:cd:d0:af:12:30:d5:d3:85:4a:
         8a:d4:88:31:cb:3c:25:15:3e:32:1f:89:04:7e:b6:75:a4:b6:
         00:a3:68:45:1a:f9:5f:2a:f1:dd:8e:a3:85:12:04:eb:4d:3a:
         87:94:46:56:aa:eb:43:4c:22:a2:52:b6:53:53:e3:19:94:0e:
         07:ab:c3:40:f6:e9:50:b7:f7:0a:ab:ba:50:eb:c5:e2:5a:5a:
         9c:13:84:73:43:ce:5b:a7:3f:77:2b:7c:03:01:47:88:ec:c6:
         17:25:2e:2e:ff:7e:52:17:dd:4f:e4:8b:5c:3c:1b:f4:eb:37:
         95:b4:a9:37:2e:18:40:41:ff:b9:8e:63:19:b2:17:12:2c:82:
         ab:12:10:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/cXWSpzU2Tra/9Z5OmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDZmMWViNmRkZDRmZmVmZTE4MzgwMDMwMmJlNjM2Y2Zl
OTY1MzcwHhcNMjYwMzI1MjIwMTA0WhcNMjYwMzI2MjIwMTA0WjAzMTEwLwYDVQQD
Eyg2ZWU2ZGMyMmMzZjc3MTVlNzhlYTk3ZTBkYTk3ZGI2NmE3MDJjMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QnPyQCt7Vwo4rADOKeH3p/T7+FT
fLhr0IHZFN8hTQJd8cvqjPj9XyJ8FoASBGUX4wRfEVlFBJ5bXqfb8Bbs6niVq6l0
TvUPl9qYhkSiHmutLesYHhbuzggoDy14oO7dszLhDgfBzi2pmpYuGoRDbPMrlvPU
E1oDQ8wiFlpIVBKPBtx/RGY6mY7ztCBg9+OF31KfXjmwNZCAF90Q7fhO2vGyXcxl
VRerWjhhqzBm8cGIBnMF6z/2G7lrdDEwY/8I0QiYN7M5SE1QERguLh7gEycDsJFR
TmXN1vOgbtMRBfQ1a+Vyx3IFTfTvXl4hxkAqde5gCcj22kadW7xOekUyJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7m3CLD93FeeOqX4NqX22anAsEfMB8GA1UdIwQY
MBaAFA5G8ett3U/+/hg4ADAr5jbP6WU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzct
ZjRmY2VkMzViMzUyLzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81NThhZmUtNDlmZS00MzhlLWJkMzctZjRmY2VkMzViMzUy
LzEvRGtieDYyM2RUXzctR0RnQU1Ddm1Oc19wWlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfmOyGGF
kuQUgUgDZ1AZP8Kio52VpyeReW87BsHH8kgVrAVkpnYSWnHCkyq2mpQiGCLCx4qL
fHEfK0+9Q4EIuCpUyxbn2r9Qk22+EvgmmLKc3Dy0aYtUNH20dVHAiC7ExcI0i6Jt
Is49JbaC2ir1Hwga9sgOzdCvEjDV04VKitSIMcs8JRU+Mh+JBH62daS2AKNoRRr5
Xyrx3Y6jhRIE6006h5RGVqrrQ0wiolK2U1PjGZQOB6vDQPbpULf3Cqu6UOvF4lpa
nBOEc0POW6c/dyt8AwFHiOzGFyUuLv9+UhfdT+SLXDwb9Os3lbSpNy4YQEH/uY5j
GbIXEiyCqxIQVg==
-----END CERTIFICATE-----