Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/3cbb1b-6927-45c9-b1d4-1d7d55b22cc9/1/dGNy_s6bo5ZuFegFXAWHxQPAOas.mft
File:                     dGNy_s6bo5ZuFegFXAWHxQPAOas.mft (raw, json)
Hash identifier:          fxBVRvBMdvkmxYimwtVevQHvxMDecPiKp+Lq2xY2eNQ=
Subject key identifier:   65:85:5D:F8:35:A4:7A:33:CB:62:44:04:2D:E7:14:6B:A3:60:8F:A3
Authority key identifier: 74:63:72:FE:CE:9B:A3:96:6E:15:E8:05:5C:05:87:C5:03:C0:39:AB
Certificate issuer:       /CN=746372fece9ba3966e15e8055c0587c503c039ab
Certificate serial:       019D38668C87CADFC5FD04B0A0989D2ED8B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dGNy_s6bo5ZuFegFXAWHxQPAOas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/3cbb1b-6927-45c9-b1d4-1d7d55b22cc9/1/dGNy_s6bo5ZuFegFXAWHxQPAOas.mft
Manifest number:          1336
Signing time:             Sun 29 Mar 2026 07:02:17 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:17 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:17 +0000
Files and hashes:         1: dGNy_s6bo5ZuFegFXAWHxQPAOas.crl (hash: mZjntRpqKjgvgd48h/wtMdSetGsmh8/ekcOvFgbLabw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/3cbb1b-6927-45c9-b1d4-1d7d55b22cc9/1/dGNy_s6bo5ZuFegFXAWHxQPAOas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/3cbb1b-6927-45c9-b1d4-1d7d55b22cc9/1/dGNy_s6bo5ZuFegFXAWHxQPAOas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dGNy_s6bo5ZuFegFXAWHxQPAOas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:8c:87:ca:df:c5:fd:04:b0:a0:98:9d:2e:d8:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=746372fece9ba3966e15e8055c0587c503c039ab
        Validity
            Not Before: Mar 29 07:02:17 2026 GMT
            Not After : Mar 30 07:02:17 2026 GMT
        Subject: CN=65855df835a47a33cb6244042de7146ba3608fa3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:0d:50:29:0a:b8:0e:dd:89:ef:60:ee:63:8a:
                    35:fb:5d:a4:73:ce:ac:5c:42:58:70:17:c9:d0:38:
                    76:c0:e7:fa:58:e6:b9:cd:53:8a:1e:9f:e6:7d:7b:
                    b7:c8:5c:0d:68:cb:a5:8b:33:b7:cf:73:89:f1:7c:
                    eb:5e:8b:1f:55:56:29:80:30:7b:f3:6b:06:da:a8:
                    73:06:cd:55:86:e8:d6:fa:ed:f8:02:c0:1f:fb:94:
                    9c:d4:29:76:0c:c0:9d:6f:58:76:1e:82:7d:72:5a:
                    2b:13:ab:1a:85:93:1a:ba:17:80:a2:58:a6:53:0c:
                    32:0b:c9:f3:93:de:d8:f7:a6:31:7e:45:55:7a:44:
                    d1:ad:df:36:00:05:e8:5b:8f:3a:a0:2b:17:01:ad:
                    c4:eb:32:17:37:92:15:04:48:dc:14:b4:55:84:69:
                    ce:79:9e:49:77:1a:57:cb:8a:a7:36:86:14:fa:83:
                    3f:5c:34:0d:58:cb:65:15:53:1a:ce:e8:66:cc:c7:
                    c1:5d:3c:a4:4b:c6:fd:9c:5a:12:2b:42:6b:52:47:
                    69:d4:11:76:a2:18:00:5d:18:a1:87:6e:c1:5d:9b:
                    21:56:36:e8:de:37:19:da:e4:b6:42:c9:7a:91:42:
                    da:19:c7:66:fb:0f:3f:6a:fb:eb:c3:81:ec:0d:52:
                    2b:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:85:5D:F8:35:A4:7A:33:CB:62:44:04:2D:E7:14:6B:A3:60:8F:A3
            X509v3 Authority Key Identifier:
                keyid:74:63:72:FE:CE:9B:A3:96:6E:15:E8:05:5C:05:87:C5:03:C0:39:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNy_s6bo5ZuFegFXAWHxQPAOas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3cbb1b-6927-45c9-b1d4-1d7d55b22cc9/1/dGNy_s6bo5ZuFegFXAWHxQPAOas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/3cbb1b-6927-45c9-b1d4-1d7d55b22cc9/1/dGNy_s6bo5ZuFegFXAWHxQPAOas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:35:59:d3:f7:1f:d0:cd:68:ab:f4:fa:72:42:6b:f5:dc:9e:
         29:1a:46:34:45:bb:c1:fa:64:f2:be:4a:3b:43:33:3e:ff:0b:
         16:f8:3c:bd:0c:c2:81:f9:ef:42:65:8f:e2:be:a5:18:eb:8d:
         35:25:e7:91:1c:e5:47:e9:bb:5c:44:bb:30:ba:b9:b7:e8:2a:
         bb:ab:81:fa:74:cc:3c:a9:ba:c3:6b:55:95:45:5c:3f:60:14:
         1e:4b:94:52:f2:eb:28:59:1f:70:8f:34:ab:17:1a:d5:13:48:
         ef:c3:70:1e:a5:dc:a6:3c:13:70:b1:95:04:ed:73:e4:a9:40:
         05:e7:a9:53:d8:6a:c0:f9:ed:03:47:81:dd:a3:72:f0:26:21:
         76:e9:9c:02:b6:a6:eb:9c:79:31:8b:6d:60:17:d0:75:52:e2:
         43:3f:a4:5a:56:c6:7f:a4:9b:38:b6:ff:32:07:89:90:8b:fb:
         69:a0:49:df:88:a1:1e:8c:03:90:58:a6:43:c6:9b:c4:ad:fc:
         3a:d8:f2:1a:92:42:87:42:df:4f:d1:86:f2:34:b9:8f:b5:0f:
         a5:10:b8:28:8e:07:c1:a1:2c:b3:ba:a5:3a:67:2d:10:54:ba:
         56:64:0d:40:0b:64:a6:88:2e:a2:38:09:09:57:24:8b:91:bc:
         01:89:fd:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZoyHyt/F/QSwoJidLti2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM3MmZlY2U5YmEzOTY2ZTE1ZTgwNTVjMDU4N2M1MDNj
MDM5YWIwHhcNMjYwMzI5MDcwMjE3WhcNMjYwMzMwMDcwMjE3WjAzMTEwLwYDVQQD
Eyg2NTg1NWRmODM1YTQ3YTMzY2I2MjQ0MDQyZGU3MTQ2YmEzNjA4ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw1QKQq4Dt2J72DuY4o1+12kc86s
XEJYcBfJ0Dh2wOf6WOa5zVOKHp/mfXu3yFwNaMulizO3z3OJ8XzrXosfVVYpgDB7
82sG2qhzBs1VhujW+u34AsAf+5Sc1Cl2DMCdb1h2HoJ9clorE6sahZMauheAolim
UwwyC8nzk97Y96YxfkVVekTRrd82AAXoW486oCsXAa3E6zIXN5IVBEjcFLRVhGnO
eZ5JdxpXy4qnNoYU+oM/XDQNWMtlFVMazuhmzMfBXTykS8b9nFoSK0JrUkdp1BF2
ohgAXRihh27BXZshVjbo3jcZ2uS2Qsl6kULaGcdm+w8/avvrw4HsDVIr4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWFXfg1pHozy2JEBC3nFGujYI+jMB8GA1UdIwQY
MBaAFHRjcv7Om6OWbhXoBVwFh8UDwDmrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdOeV9zNmJvNVp1RmVnRlhBV0h4UVBBT2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8zY2JiMWItNjkyNy00NWM5LWIxZDQt
MWQ3ZDU1YjIyY2M5LzEvZEdOeV9zNmJvNVp1RmVnRlhBV0h4UVBBT2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8zY2JiMWItNjkyNy00NWM5LWIxZDQtMWQ3ZDU1YjIyY2M5
LzEvZEdOeV9zNmJvNVp1RmVnRlhBV0h4UVBBT2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATVZ0/cf
0M1oq/T6ckJr9dyeKRpGNEW7wfpk8r5KO0MzPv8LFvg8vQzCgfnvQmWP4r6lGOuN
NSXnkRzlR+m7XES7MLq5t+gqu6uB+nTMPKm6w2tVlUVcP2AUHkuUUvLrKFkfcI80
qxca1RNI78NwHqXcpjwTcLGVBO1z5KlABeepU9hqwPntA0eB3aNy8CYhdumcAram
65x5MYttYBfQdVLiQz+kWlbGf6SbOLb/MgeJkIv7aaBJ34ihHowDkFimQ8abxK38
OtjyGpJCh0LfT9GG8jS5j7UPpRC4KI4HwaEss7qlOmctEFS6VmQNQAtkpoguojgJ
CVcki5G8AYn9VA==
-----END CERTIFICATE-----