Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          w7UdwWUh8OmVO5Ua4XZkOxK895ZAaI9GZxo+5Bjl4xc=
Subject key identifier:   28:21:90:2D:13:C7:22:30:70:4B:81:F2:5F:01:40:CE:52:E0:69:4D
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       019D38D3AB545B9811334094CD8096EFD6E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          16B0
Signing time:             Sun 29 Mar 2026 09:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:29 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: VLDyLg9BBNnwFlP2GrL0k7XN8RW8gszFW7VUZT4jlTc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:ab:54:5b:98:11:33:40:94:cd:80:96:ef:d6:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Mar 29 09:01:29 2026 GMT
            Not After : Mar 30 09:01:29 2026 GMT
        Subject: CN=2821902d13c72230704b81f25f0140ce52e0694d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:df:ca:41:44:b8:a0:6f:b6:95:6c:69:a0:7e:
                    cb:84:51:72:f9:3a:78:83:ad:05:f0:99:9e:02:27:
                    1a:f1:b8:0f:eb:10:88:81:3d:8f:7a:7f:8d:cc:ef:
                    cd:c9:34:e4:b3:1b:00:e8:4b:c5:1c:a6:44:15:d0:
                    e8:f8:af:52:8e:c2:79:23:b4:ed:15:aa:f7:f9:ae:
                    d4:96:3a:d8:aa:9e:b9:2e:45:3d:79:95:6e:12:a1:
                    a1:01:b7:65:f4:60:9f:a5:bf:c4:a0:63:56:e1:bd:
                    dc:42:49:60:b1:48:30:cb:21:f4:65:b2:33:89:a7:
                    01:22:a9:b2:d1:96:52:09:a3:66:14:dc:a2:2c:98:
                    64:d2:92:24:ec:65:0b:86:ba:0b:e4:7b:b1:c7:ee:
                    26:37:eb:4e:9c:70:64:bb:7f:97:61:29:00:4d:ed:
                    e9:77:f7:cb:81:de:ec:c4:a0:e5:de:2a:a0:a0:f1:
                    af:f9:91:73:21:2f:38:93:54:c4:d3:0e:19:af:11:
                    47:65:fd:b1:a6:e5:b7:a8:97:ca:e9:06:2e:f2:53:
                    55:55:41:f3:73:57:ea:fa:85:40:ed:72:9f:d9:1c:
                    9c:8f:5d:d2:de:08:30:6d:cb:d9:9f:59:10:f5:8d:
                    ef:a7:c8:9c:92:44:f2:cd:ec:af:21:27:35:04:0c:
                    7d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:21:90:2D:13:C7:22:30:70:4B:81:F2:5F:01:40:CE:52:E0:69:4D
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:1e:a9:7f:ad:1d:f3:8b:b9:f6:8f:ce:f6:63:36:8c:fa:dd:
         82:a0:37:b5:74:b0:5d:d4:7a:f9:c2:aa:ed:36:cf:a5:5f:ef:
         3d:d9:ab:38:bc:e0:5e:3e:42:85:fb:86:0f:72:53:08:a1:85:
         47:10:2b:d2:1f:58:b1:35:42:c4:67:a4:da:12:7a:03:89:53:
         5e:53:02:11:3c:a3:c1:da:50:5f:aa:ea:3f:74:6f:cd:76:8e:
         0a:bd:16:43:7f:69:02:f5:b5:5f:c1:5f:10:0f:05:2d:86:b8:
         15:9c:88:2c:2e:d0:32:50:45:99:7e:55:f2:b4:96:cf:f2:89:
         35:ae:77:76:ba:76:34:99:f2:f3:a4:2f:38:03:11:93:aa:89:
         76:7c:72:08:e9:be:20:6e:fa:e9:d8:b3:0a:97:66:f7:df:9d:
         bb:df:79:58:e9:00:ef:77:c2:e5:25:7e:27:b3:be:39:ce:72:
         e0:8e:22:86:86:34:29:63:13:b2:45:90:59:b4:41:5a:0b:51:
         2a:d9:1a:f4:45:c3:32:c3:01:57:64:df:c8:2d:ff:e6:74:a0:
         2e:48:3b:d6:8d:4f:88:50:0a:ba:0d:93:fb:e6:91:02:83:6b:
         3f:d3:0e:4c:db:29:f2:0f:16:1e:5c:02:02:10:b0:25:4c:6e:
         46:4f:45:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406tUW5gRM0CUzYCW79bkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjYwMzI5MDkwMTI5WhcNMjYwMzMwMDkwMTI5WjAzMTEwLwYDVQQD
EygyODIxOTAyZDEzYzcyMjMwNzA0YjgxZjI1ZjAxNDBjZTUyZTA2OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8N/KQUS4oG+2lWxpoH7LhFFy+Tp4
g60F8JmeAica8bgP6xCIgT2Pen+NzO/NyTTksxsA6EvFHKZEFdDo+K9SjsJ5I7Tt
Far3+a7UljrYqp65LkU9eZVuEqGhAbdl9GCfpb/EoGNW4b3cQklgsUgwyyH0ZbIz
iacBIqmy0ZZSCaNmFNyiLJhk0pIk7GULhroL5Huxx+4mN+tOnHBku3+XYSkATe3p
d/fLgd7sxKDl3iqgoPGv+ZFzIS84k1TE0w4ZrxFHZf2xpuW3qJfK6QYu8lNVVUHz
c1fq+oVA7XKf2Rycj13S3ggwbcvZn1kQ9Y3vp8ickkTyzeyvISc1BAx9iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCghkC0TxyIwcEuB8l8BQM5S4GlNMB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEh6pf60d
84u59o/O9mM2jPrdgqA3tXSwXdR6+cKq7TbPpV/vPdmrOLzgXj5ChfuGD3JTCKGF
RxAr0h9YsTVCxGek2hJ6A4lTXlMCETyjwdpQX6rqP3RvzXaOCr0WQ39pAvW1X8Ff
EA8FLYa4FZyILC7QMlBFmX5V8rSWz/KJNa53drp2NJny86QvOAMRk6qJdnxyCOm+
IG766dizCpdm99+du995WOkA73fC5SV+J7O+Oc5y4I4ihoY0KWMTskWQWbRBWgtR
Ktka9EXDMsMBV2TfyC3/5nSgLkg71o1PiFAKug2T++aRAoNrP9MOTNsp8g8WHlwC
AhCwJUxuRk9F3g==
-----END CERTIFICATE-----