Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          CFrx9HzR/4eoL3ne/fRK+RbfSI+z4JfYw9iaJAw6OWQ=
Subject key identifier:   B0:CA:C9:39:14:86:AD:85:43:0C:0F:F3:E9:31:01:02:FC:4E:46:F2
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019E2F96C629AEFD77C278B8F1E48D97416C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          099B
Signing time:             Sat 16 May 2026 07:01:10 +0000
Manifest this update:     Sat 16 May 2026 07:01:10 +0000
Manifest next update:     Sun 17 May 2026 07:01:10 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: 9ENxFemy5b/1Lckbrx3mOnb2p8+SjYn4cvN8J1GgcAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:c6:29:ae:fd:77:c2:78:b8:f1:e4:8d:97:41:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: May 16 07:01:10 2026 GMT
            Not After : May 17 07:01:10 2026 GMT
        Subject: CN=b0cac9391486ad85430c0ff3e9310102fc4e46f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:96:04:07:43:41:e7:81:31:05:34:43:ee:4e:
                    bf:22:e4:2b:14:26:5d:fd:d5:2c:c9:b2:91:b3:e4:
                    dd:f8:ce:e3:06:2c:b7:b8:2f:33:c2:b3:8b:e4:1f:
                    46:94:e3:f9:a6:ec:5e:ab:42:dd:9e:0e:f0:70:7a:
                    1f:c9:50:71:24:7a:7b:3c:40:95:0a:e8:c8:c5:12:
                    8d:b7:94:39:b3:e1:a4:5f:cd:2f:ba:f8:c1:d3:7c:
                    57:12:7a:ef:26:40:db:f6:4b:ea:b0:41:a3:62:50:
                    e1:5c:9f:85:42:7d:39:5b:b7:30:72:41:4d:01:f7:
                    5b:bb:cf:52:bf:a4:80:08:04:12:f2:49:cd:c4:3d:
                    45:6b:5f:6a:27:90:cd:97:e0:bd:85:e8:dc:6d:30:
                    c6:85:9e:b7:e1:a4:56:5d:71:7d:69:66:da:ca:e8:
                    ee:5d:b5:5c:60:81:47:76:5e:76:c4:40:6b:dd:85:
                    8a:de:1d:2f:ca:40:e6:7e:97:47:58:eb:77:90:55:
                    52:6f:75:4d:7d:48:45:45:b7:dd:c8:4a:d8:11:89:
                    a4:54:57:49:84:85:d2:11:f6:e3:92:ff:55:bb:e6:
                    7d:72:cb:ce:4a:d9:a2:f9:6b:ed:8a:79:3e:4e:49:
                    1a:44:b0:14:4d:b4:6d:76:b6:00:1b:81:d9:fc:31:
                    61:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:CA:C9:39:14:86:AD:85:43:0C:0F:F3:E9:31:01:02:FC:4E:46:F2
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:e5:ea:9b:eb:28:33:72:32:4f:c5:23:c8:cd:bd:63:89:c3:
         68:10:30:ea:df:be:1a:b4:7e:10:ab:fa:5b:33:5a:43:16:79:
         2a:16:65:25:df:f9:71:2e:14:5f:c0:1b:c0:b6:99:4e:8b:af:
         b1:d9:c5:f1:e5:aa:61:04:4a:63:8c:15:42:e1:08:fa:81:6a:
         d7:8b:69:16:ce:f2:b7:95:53:0b:48:a7:59:fb:ea:7b:93:3a:
         21:a3:b5:45:94:d2:25:07:d8:25:37:e0:42:46:e3:89:94:8c:
         1d:5c:27:a4:d9:08:42:d0:9b:e6:cb:1e:de:58:6b:fb:62:a7:
         34:3b:c9:a1:ce:6e:c7:69:9a:fd:e3:e7:c0:1b:7e:af:55:94:
         e0:71:99:2c:42:59:11:59:95:b0:cc:e2:4a:9f:0b:ed:a0:19:
         14:49:97:ae:c7:5c:fe:31:aa:91:d5:e2:5e:57:0f:6c:a0:e3:
         df:f2:06:a5:eb:5e:69:97:02:09:45:e6:69:ca:0a:ca:c0:1d:
         f5:61:52:39:e7:23:52:89:96:2d:bc:8b:b1:22:da:97:14:0f:
         e7:90:3e:05:92:72:fa:38:d9:5a:67:22:cd:08:a6:05:59:b3:
         f4:88:bd:59:37:72:34:3e:81:4d:73:cc:62:a7:0e:06:b2:90:
         98:de:32:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlsYprv13wni48eSNl0FsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwNTE2MDcwMTEwWhcNMjYwNTE3MDcwMTEwWjAzMTEwLwYDVQQD
EyhiMGNhYzkzOTE0ODZhZDg1NDMwYzBmZjNlOTMxMDEwMmZjNGU0NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpYEB0NB54ExBTRD7k6/IuQrFCZd
/dUsybKRs+Td+M7jBiy3uC8zwrOL5B9GlOP5puxeq0Ldng7wcHofyVBxJHp7PECV
CujIxRKNt5Q5s+GkX80vuvjB03xXEnrvJkDb9kvqsEGjYlDhXJ+FQn05W7cwckFN
Afdbu89Sv6SACAQS8knNxD1Fa19qJ5DNl+C9hejcbTDGhZ634aRWXXF9aWbayuju
XbVcYIFHdl52xEBr3YWK3h0vykDmfpdHWOt3kFVSb3VNfUhFRbfdyErYEYmkVFdJ
hIXSEfbjkv9Vu+Z9csvOStmi+Wvtink+TkkaRLAUTbRtdrYAG4HZ/DFhSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDKyTkUhq2FQwwP8+kxAQL8TkbyMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG+Xqm+so
M3IyT8UjyM29Y4nDaBAw6t++GrR+EKv6WzNaQxZ5KhZlJd/5cS4UX8AbwLaZTouv
sdnF8eWqYQRKY4wVQuEI+oFq14tpFs7yt5VTC0inWfvqe5M6IaO1RZTSJQfYJTfg
QkbjiZSMHVwnpNkIQtCb5sse3lhr+2KnNDvJoc5ux2ma/ePnwBt+r1WU4HGZLEJZ
EVmVsMziSp8L7aAZFEmXrsdc/jGqkdXiXlcPbKDj3/IGpeteaZcCCUXmacoKysAd
9WFSOecjUomWLbyLsSLalxQP55A+BZJy+jjZWmcizQimBVmz9Ii9WTdyND6BTXPM
YqcOBrKQmN4yYw==
-----END CERTIFICATE-----