Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          GGtOCNiZufOj5Mo3GcxOpFEPkdvIV2qD+6ovZ65VFnM=
Subject key identifier:   75:3D:59:DD:52:F1:86:0B:32:C9:81:05:1F:D3:7F:89:21:20:AE:FF
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       019D386622D2937BC71E4B02BE4337F59EF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          0922
Signing time:             Sun 29 Mar 2026 07:01:50 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:50 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:50 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: parq0eCPPSVJNXZvWDRI0m0LA5sNLLA1WULAgtyUBjw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:22:d2:93:7b:c7:1e:4b:02:be:43:37:f5:9e:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: Mar 29 07:01:50 2026 GMT
            Not After : Mar 30 07:01:50 2026 GMT
        Subject: CN=753d59dd52f1860b32c981051fd37f892120aeff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c5:ab:8e:2b:36:63:ac:29:2a:87:cf:1c:ae:
                    4e:ae:28:22:79:c0:01:65:e4:75:dd:4d:a5:8e:c4:
                    e2:64:81:78:dc:04:6d:db:f4:0a:e2:2d:40:9c:e4:
                    bc:bd:8d:36:20:ea:45:fc:a4:48:07:06:d5:a1:b7:
                    82:5f:e9:00:64:47:d8:cc:91:e8:4a:65:61:9a:70:
                    5a:c4:fc:ec:3d:0a:2e:45:d3:02:80:4b:07:ad:14:
                    52:19:da:94:7d:42:5f:34:c4:c4:17:5e:66:e2:95:
                    8f:17:e8:e1:4a:73:87:52:dc:c8:68:1a:12:b2:ae:
                    ef:11:5e:b1:62:65:de:7b:f5:98:9c:95:8d:c8:c9:
                    19:ed:0f:00:a0:49:f9:8f:5e:41:86:e0:2a:dc:d8:
                    05:11:78:a4:d1:ee:3a:29:9c:17:4f:ab:ff:63:c3:
                    8b:4d:55:9e:f0:da:0c:4d:b7:13:f2:54:76:12:e4:
                    32:d9:3d:bc:7d:fc:66:31:7a:d5:4c:60:a5:da:ae:
                    bc:8a:3f:dd:86:3e:30:32:8f:84:f8:25:f6:67:c2:
                    50:e8:81:41:55:f0:2d:e1:74:ff:92:33:b4:a2:6e:
                    e4:8e:60:24:d8:e7:94:a4:3f:40:8a:a3:f6:e1:94:
                    ac:19:1c:10:b6:1e:5f:75:e6:d3:b0:db:1c:2f:f1:
                    9b:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:3D:59:DD:52:F1:86:0B:32:C9:81:05:1F:D3:7F:89:21:20:AE:FF
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:df:a3:0e:11:88:a2:c4:a8:90:5c:56:1d:15:1a:c7:00:b3:
         6b:8e:63:01:d0:88:9f:be:b2:b2:bb:f2:80:8f:2f:19:50:02:
         90:79:d4:1a:aa:cc:fb:29:e3:a7:ab:3f:f8:f9:12:43:ba:48:
         ca:de:12:4b:f6:53:23:ac:83:96:04:71:ad:72:e4:c4:70:ec:
         7a:5a:56:3f:b2:dd:64:78:07:8a:ff:04:9b:f9:66:24:cd:0c:
         87:bf:31:2b:87:5a:91:88:78:d8:b5:20:28:99:7a:2d:67:fe:
         2d:dc:d8:22:73:2d:20:82:e3:f0:3c:ad:c5:55:e6:7f:be:24:
         4c:85:aa:b7:41:2e:63:1d:f6:c2:a1:3f:a0:c1:5e:54:44:9e:
         e2:24:ea:2f:47:19:5e:18:62:e8:f9:92:dc:0c:ac:05:b3:33:
         14:cb:4b:d6:72:79:2b:bb:f3:e3:c8:03:a6:4a:12:81:4a:a2:
         24:63:6d:a2:a2:a6:64:42:64:17:a2:e4:76:df:1f:c1:e9:11:
         f0:08:09:ab:c7:34:fc:02:c5:1c:57:c0:8e:22:34:99:42:4a:
         83:c5:26:0e:dd:b2:5a:77:54:12:4e:fc:b6:b1:14:92:eb:33:
         4b:f2:65:5b:ef:f3:1b:be:b0:80:41:3c:fb:33:7c:85:ec:84:
         38:c4:2b:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiLSk3vHHksCvkM39Z71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjYwMzI5MDcwMTUwWhcNMjYwMzMwMDcwMTUwWjAzMTEwLwYDVQQD
Eyg3NTNkNTlkZDUyZjE4NjBiMzJjOTgxMDUxZmQzN2Y4OTIxMjBhZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8Wrjis2Y6wpKofPHK5OrigiecAB
ZeR13U2ljsTiZIF43ARt2/QK4i1AnOS8vY02IOpF/KRIBwbVobeCX+kAZEfYzJHo
SmVhmnBaxPzsPQouRdMCgEsHrRRSGdqUfUJfNMTEF15m4pWPF+jhSnOHUtzIaBoS
sq7vEV6xYmXee/WYnJWNyMkZ7Q8AoEn5j15BhuAq3NgFEXik0e46KZwXT6v/Y8OL
TVWe8NoMTbcT8lR2EuQy2T28ffxmMXrVTGCl2q68ij/dhj4wMo+E+CX2Z8JQ6IFB
VfAt4XT/kjO0om7kjmAk2OeUpD9AiqP24ZSsGRwQth5fdebTsNscL/GbXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU9Wd1S8YYLMsmBBR/Tf4khIK7/MB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATt+jDhGI
osSokFxWHRUaxwCza45jAdCIn76ysrvygI8vGVACkHnUGqrM+ynjp6s/+PkSQ7pI
yt4SS/ZTI6yDlgRxrXLkxHDselpWP7LdZHgHiv8Em/lmJM0Mh78xK4dakYh42LUg
KJl6LWf+LdzYInMtIILj8DytxVXmf74kTIWqt0EuYx32wqE/oMFeVESe4iTqL0cZ
Xhhi6PmS3AysBbMzFMtL1nJ5K7vz48gDpkoSgUqiJGNtoqKmZEJkF6Lkdt8fwekR
8AgJq8c0/ALFHFfAjiI0mUJKg8UmDt2yWndUEk78trEUkuszS/JlW+/zG76wgEE8
+zN8heyEOMQrvQ==
-----END CERTIFICATE-----