Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          bUCit2WYo3fBf+YSO4cL4Ow2HfSKaxaHLsvywren148=
Subject key identifier:   4E:5C:5A:7B:65:D1:11:09:C2:81:04:B9:8C:C5:EE:E8:46:B0:AB:66
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019D3865A7899D7A30EB6912AD7EF2BD3B7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          091B
Signing time:             Sun 29 Mar 2026 07:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:19 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: cU0lf6JU7TzT/gBg6bjBRO4EPzoTJ6neuDDXvcp2OcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:a7:89:9d:7a:30:eb:69:12:ad:7e:f2:bd:3b:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Mar 29 07:01:19 2026 GMT
            Not After : Mar 30 07:01:19 2026 GMT
        Subject: CN=4e5c5a7b65d11109c28104b98cc5eee846b0ab66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:c0:65:b5:5c:40:48:2e:a5:cb:6c:dd:da:5d:
                    0f:0d:3c:10:f8:a1:e1:d5:f5:98:53:a6:b5:52:a9:
                    03:65:6f:63:17:da:61:0c:e3:95:be:15:f7:7f:4b:
                    79:fe:04:9f:4b:e7:14:70:fc:24:d8:27:d3:76:51:
                    2d:d8:ee:56:75:fa:46:ed:4e:2e:b0:38:ee:3c:15:
                    d0:7b:b4:d7:c6:17:c5:77:df:31:7c:52:60:fa:4f:
                    5f:09:3e:3f:73:7b:1e:af:d0:9e:09:86:46:0e:02:
                    0b:a9:89:b5:01:78:98:a8:45:e0:21:78:e3:ed:58:
                    43:90:67:71:6b:9e:58:ae:e0:d9:a2:50:3d:a7:98:
                    93:a3:9e:67:64:d5:8a:08:96:bd:34:27:86:9c:cb:
                    f1:bd:12:24:c6:ca:d2:85:c2:6d:d1:d1:39:92:8b:
                    8a:48:31:cf:3a:6e:42:96:06:58:4b:46:57:63:c1:
                    2d:18:8f:78:08:ef:b0:ff:b9:f5:80:a7:d2:b8:a4:
                    42:9d:a3:24:c6:8c:6c:6d:3d:09:55:26:46:27:b1:
                    11:de:8a:b7:df:5c:04:0f:51:47:b8:6a:4b:43:82:
                    95:58:5a:1b:f7:9f:3d:bf:79:d9:20:3e:b4:84:3d:
                    91:73:fb:3a:87:b6:5f:9e:61:75:2d:42:91:a9:2d:
                    22:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:5C:5A:7B:65:D1:11:09:C2:81:04:B9:8C:C5:EE:E8:46:B0:AB:66
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:fb:a4:69:8f:c1:1e:da:96:4c:cc:47:29:8d:64:3c:3d:86:
         22:2e:c1:92:8e:ee:92:36:0d:80:d3:75:2f:d8:c0:a5:7b:6c:
         5a:c3:83:d8:7f:30:44:88:27:9a:84:0d:41:49:d7:d2:d5:c5:
         06:35:49:90:84:0e:78:06:d0:88:a5:da:a9:ff:75:73:7e:b6:
         41:a4:81:f3:20:43:00:92:da:c9:04:fe:68:b9:25:44:82:c6:
         0a:4d:bc:45:c6:93:99:50:f8:6c:c7:31:b3:9e:67:c1:41:a5:
         b1:c0:e0:9e:d0:ab:ca:f1:1f:88:bf:18:00:3c:d8:8f:3b:57:
         ff:08:5d:8d:c0:ce:2d:b4:85:4a:8c:af:19:9d:07:70:62:e8:
         1c:0c:27:70:22:31:6f:d2:30:f9:fd:11:62:2a:51:0c:b7:6c:
         fd:35:cf:1c:af:36:5e:4b:95:a9:ac:7c:ef:34:c8:be:29:26:
         06:4f:e2:f2:be:78:5c:57:37:b8:4d:c7:33:fc:23:2a:28:40:
         2a:2f:d7:d3:c0:06:4f:53:87:ab:bd:6b:d8:3a:61:2e:44:ed:
         b1:e5:47:06:ce:27:86:7a:9e:b0:e0:94:55:37:42:64:cd:96:
         0b:3d:4f:d7:b9:de:ff:b7:7a:8c:2f:11:b7:b8:1a:72:0a:bc:
         08:66:64:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZaeJnXow62kSrX7yvTt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwMzI5MDcwMTE5WhcNMjYwMzMwMDcwMTE5WjAzMTEwLwYDVQQD
Eyg0ZTVjNWE3YjY1ZDExMTA5YzI4MTA0Yjk4Y2M1ZWVlODQ2YjBhYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sBltVxASC6ly2zd2l0PDTwQ+KHh
1fWYU6a1UqkDZW9jF9phDOOVvhX3f0t5/gSfS+cUcPwk2CfTdlEt2O5WdfpG7U4u
sDjuPBXQe7TXxhfFd98xfFJg+k9fCT4/c3ser9CeCYZGDgILqYm1AXiYqEXgIXjj
7VhDkGdxa55YruDZolA9p5iTo55nZNWKCJa9NCeGnMvxvRIkxsrShcJt0dE5kouK
SDHPOm5ClgZYS0ZXY8EtGI94CO+w/7n1gKfSuKRCnaMkxoxsbT0JVSZGJ7ER3oq3
31wED1FHuGpLQ4KVWFob9589v3nZID60hD2Rc/s6h7ZfnmF1LUKRqS0iEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5cWntl0REJwoEEuYzF7uhGsKtmMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqPukaY/B
HtqWTMxHKY1kPD2GIi7Bko7ukjYNgNN1L9jApXtsWsOD2H8wRIgnmoQNQUnX0tXF
BjVJkIQOeAbQiKXaqf91c362QaSB8yBDAJLayQT+aLklRILGCk28RcaTmVD4bMcx
s55nwUGlscDgntCryvEfiL8YADzYjztX/whdjcDOLbSFSoyvGZ0HcGLoHAwncCIx
b9Iw+f0RYipRDLds/TXPHK82XkuVqax87zTIvikmBk/i8r54XFc3uE3HM/wjKihA
Ki/X08AGT1OHq71r2DphLkTtseVHBs4nhnqesOCUVTdCZM2WCz1P17ne/7d6jC8R
t7gacgq8CGZkOQ==
-----END CERTIFICATE-----