Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
File:                     DAHrsNsEzE1pGCs47A30sIkiJ40.mft (raw, json)
Hash identifier:          nPE8lCbMIZY6FdimbKFz5MupYRulwVXxeVygnoBLXwU=
Subject key identifier:   57:9C:2E:BF:D2:68:F1:4B:B7:3B:AD:3D:61:74:CA:0B:AE:CB:68:E5
Authority key identifier: 0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D
Certificate issuer:       /CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
Certificate serial:       019D3866455432334E0CAB3A2A918616B5D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:59 +0000
Files and hashes:         1: DAHrsNsEzE1pGCs47A30sIkiJ40.crl (hash: U9/bCFg9CbuILX0rTXR/H0qNEpAZ7ZwD+EuVu+lxg0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:45:54:32:33:4e:0c:ab:3a:2a:91:86:16:b5:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c01ebb0db04cc4d69182b38ec0df4b08922278d
        Validity
            Not Before: Mar 29 07:01:59 2026 GMT
            Not After : Mar 30 07:01:59 2026 GMT
        Subject: CN=579c2ebfd268f14bb73bad3d6174ca0baecb68e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:c8:5a:20:98:4e:2f:88:bb:25:66:f7:76:80:
                    92:f5:d5:6e:74:08:5f:26:b5:9a:a1:4a:32:90:ea:
                    67:1f:ee:b1:f9:b4:cd:7e:d9:dc:25:07:ee:f1:29:
                    1b:40:1f:1d:a1:ad:c9:88:c1:c4:58:85:7a:13:2d:
                    86:80:df:03:6b:4a:a0:5c:98:7a:25:b9:bf:3e:b6:
                    0b:6e:8e:20:71:03:7f:6a:32:b4:5a:6e:93:82:c4:
                    50:6d:c3:d3:0f:8a:79:e4:8a:98:d3:12:62:d4:82:
                    42:d6:d5:2e:f1:17:01:c2:4e:85:2f:e5:cb:82:a3:
                    0b:32:41:22:45:5e:26:4a:70:cc:ee:25:76:72:0f:
                    95:21:37:06:87:58:fe:31:79:07:09:1f:2f:20:86:
                    ac:2e:9b:d6:e5:5a:5d:63:54:3e:b1:43:e3:8b:4b:
                    41:2e:43:e0:d8:f1:10:50:c9:0f:3c:dd:7c:4d:ac:
                    00:7b:ae:b6:b2:9d:a3:dd:87:fb:7b:d9:19:6f:0e:
                    f3:5b:fd:63:8b:14:76:de:ec:fc:57:27:1d:1e:28:
                    bc:5f:ec:67:1e:da:07:5d:0c:e8:75:d0:1c:46:d9:
                    11:9f:eb:23:e6:50:df:93:d7:40:87:b4:c2:ca:92:
                    5b:60:e8:8b:51:e8:07:c0:e1:04:77:5a:fb:47:82:
                    e2:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:9C:2E:BF:D2:68:F1:4B:B7:3B:AD:3D:61:74:CA:0B:AE:CB:68:E5
            X509v3 Authority Key Identifier:
                keyid:0C:01:EB:B0:DB:04:CC:4D:69:18:2B:38:EC:0D:F4:B0:89:22:27:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAHrsNsEzE1pGCs47A30sIkiJ40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/e98684-302c-4ba8-ab7f-a103874e7c4f/1/DAHrsNsEzE1pGCs47A30sIkiJ40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:dc:47:83:bb:37:2e:a9:8d:6c:a0:ac:95:1d:98:2f:75:8f:
         b8:87:24:f2:e0:32:22:e6:a5:c1:b2:47:d3:76:0a:5d:8e:83:
         f0:e5:52:e1:27:5d:8a:e9:d7:09:1d:4c:27:52:4c:a3:80:73:
         a1:50:3d:9b:d8:f6:cb:5e:c1:c6:cd:43:a8:30:e3:0f:b0:15:
         d8:be:f6:fe:50:54:2c:bc:c1:07:4f:3b:37:8d:da:15:0e:0b:
         fc:1b:83:2d:e2:8d:46:56:11:d1:0d:7d:c9:30:16:b8:64:62:
         bb:0a:2a:a9:2e:43:20:f6:6d:8c:58:cf:e4:90:54:4b:71:8d:
         83:99:39:15:e7:c1:7a:6a:f4:02:19:3d:8f:45:69:43:14:ee:
         bc:f6:e6:81:01:98:4c:38:39:dd:56:3c:86:48:9c:7b:4b:e8:
         cf:09:9d:a3:6a:6f:c3:05:69:22:2c:42:88:84:aa:c0:f4:0f:
         ed:d3:62:cf:a2:df:1d:5c:18:c5:d6:5b:be:ec:70:75:76:82:
         09:1e:32:5c:ba:92:1d:b4:80:a0:7a:92:50:16:3e:5a:89:c9:
         b3:d2:08:b2:82:ff:9f:20:48:47:ff:db:03:b9:31:61:02:75:
         fe:2e:04:57:60:9e:71:b1:db:c3:b9:c3:9f:b6:1e:01:b9:71:
         74:f9:14:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkVUMjNODKs6KpGGFrXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDFlYmIwZGIwNGNjNGQ2OTE4MmIzOGVjMGRmNGIwODky
MjI3OGQwHhcNMjYwMzI5MDcwMTU5WhcNMjYwMzMwMDcwMTU5WjAzMTEwLwYDVQQD
Eyg1NzljMmViZmQyNjhmMTRiYjczYmFkM2Q2MTc0Y2EwYmFlY2I2OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMhaIJhOL4i7JWb3doCS9dVudAhf
JrWaoUoykOpnH+6x+bTNftncJQfu8SkbQB8doa3JiMHEWIV6Ey2GgN8Da0qgXJh6
Jbm/PrYLbo4gcQN/ajK0Wm6TgsRQbcPTD4p55IqY0xJi1IJC1tUu8RcBwk6FL+XL
gqMLMkEiRV4mSnDM7iV2cg+VITcGh1j+MXkHCR8vIIasLpvW5VpdY1Q+sUPji0tB
LkPg2PEQUMkPPN18TawAe662sp2j3Yf7e9kZbw7zW/1jixR23uz8VycdHii8X+xn
HtoHXQzoddAcRtkRn+sj5lDfk9dAh7TCypJbYOiLUegHwOEEd1r7R4LidwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFecLr/SaPFLtzutPWF0yguuy2jlMB8GA1UdIwQY
MBaAFAwB67DbBMxNaRgrOOwN9LCJIieNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2Yt
YTEwMzg3NGU3YzRmLzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9lOTg2ODQtMzAyYy00YmE4LWFiN2YtYTEwMzg3NGU3YzRm
LzEvREFIcnNOc0V6RTFwR0NzNDdBMzBzSWtpSjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdNxHg7s3
LqmNbKCslR2YL3WPuIck8uAyIualwbJH03YKXY6D8OVS4SddiunXCR1MJ1JMo4Bz
oVA9m9j2y17Bxs1DqDDjD7AV2L72/lBULLzBB087N43aFQ4L/BuDLeKNRlYR0Q19
yTAWuGRiuwoqqS5DIPZtjFjP5JBUS3GNg5k5FefBemr0Ahk9j0VpQxTuvPbmgQGY
TDg53VY8hkice0vozwmdo2pvwwVpIixCiISqwPQP7dNiz6LfHVwYxdZbvuxwdXaC
CR4yXLqSHbSAoHqSUBY+WonJs9IIsoL/nyBIR//bA7kxYQJ1/i4EV2CecbHbw7nD
n7YeAblxdPkUWg==
-----END CERTIFICATE-----