Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          kURUnPhp+VCTTnQ8+xFl++Y3oAK/tpNtx+nBQGlk5Vw=
Subject key identifier:   22:3D:BF:DC:AA:25:D0:A3:1C:6C:92:47:56:87:4D:5F:BA:85:1E:8E
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       019D3A549D0DF246042FDD8549E3A761C1C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          0A85
Signing time:             Sun 29 Mar 2026 16:01:56 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:56 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:56 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: Ty9EPcthRd7nl3gz17b7sBuFsn/srPKy/uD4B/cz7gc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:9d:0d:f2:46:04:2f:dd:85:49:e3:a7:61:c1:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Mar 29 16:01:56 2026 GMT
            Not After : Mar 30 16:01:56 2026 GMT
        Subject: CN=223dbfdcaa25d0a31c6c924756874d5fba851e8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:cf:05:fb:8d:e4:4d:23:e1:0e:5f:a9:0d:70:
                    7e:67:45:da:e0:ec:3d:1e:20:9d:d0:44:60:ca:82:
                    79:39:77:83:80:99:d1:01:b0:3f:66:f5:4d:60:02:
                    5f:ff:2c:c1:5a:65:49:cc:b8:19:d3:0e:d6:46:ef:
                    ea:26:57:38:2f:78:47:b2:08:c5:e2:5b:f3:bb:87:
                    2c:39:53:91:e4:18:1a:04:03:28:96:ca:41:41:69:
                    38:e0:e4:ff:06:1f:6e:9e:0b:0b:68:ff:1d:25:85:
                    e2:47:f2:41:01:84:1a:95:45:35:9c:78:6f:73:79:
                    fa:d5:00:86:6a:61:54:63:ea:d6:54:02:cc:76:95:
                    5e:66:c5:68:e5:0d:bb:b9:7d:54:a1:40:4c:09:74:
                    1f:1e:20:23:53:3a:f7:97:7e:fd:55:7e:3e:64:e2:
                    78:20:c8:00:87:c7:b8:8b:a1:2d:06:c4:11:c9:6e:
                    45:dc:23:16:5b:c3:93:0f:63:43:05:6c:11:31:b4:
                    ae:b7:35:a9:ec:71:f7:87:db:f7:9d:83:58:c6:c7:
                    89:b9:60:42:02:6b:fb:fa:75:27:85:56:b0:70:49:
                    95:e4:22:e3:9f:0a:71:c6:49:0a:e1:c3:c8:94:62:
                    da:c5:07:53:60:29:14:ea:27:9f:4a:92:da:38:a9:
                    30:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:3D:BF:DC:AA:25:D0:A3:1C:6C:92:47:56:87:4D:5F:BA:85:1E:8E
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:47:d6:9c:e8:91:37:df:22:79:b0:e0:d3:f7:95:0c:93:d3:
         f1:4c:cf:0d:f8:80:c3:c9:20:ea:f3:7b:ef:63:20:96:99:a5:
         b7:29:c0:69:c4:5f:a8:44:d9:52:8e:10:91:42:ce:bc:b8:9d:
         a5:9a:a8:b3:9b:b7:da:a5:df:4e:bc:71:1a:82:1f:14:88:36:
         9f:e3:e4:e9:14:87:3b:e3:27:42:5e:6b:15:d4:d3:c3:7b:b9:
         78:90:95:ee:b6:cb:db:bd:6d:86:e6:1f:d6:8e:19:28:e0:36:
         2f:59:3c:20:fb:27:74:cb:99:fa:56:fe:1e:f5:ca:c9:fc:12:
         6e:63:4b:be:66:da:db:20:12:75:84:30:11:32:a7:1b:ab:51:
         52:e0:42:66:b0:a7:97:6a:49:0e:7d:89:ed:f9:0e:06:43:48:
         4a:a4:92:4a:a9:d3:59:e8:76:13:47:ac:64:ad:9f:b3:75:ec:
         be:bc:51:bc:4d:40:c3:b3:ad:72:df:45:c2:ef:44:7a:f1:8d:
         ad:9b:ae:e6:61:19:04:8d:87:b4:e0:30:80:b1:f7:47:8e:52:
         20:ce:c3:ab:58:1e:60:d3:de:35:34:5c:f2:dc:84:13:b0:1f:
         b9:1f:2f:a6:1b:76:d0:2a:90:3b:82:b7:04:9e:d4:c3:52:58:
         fc:60:bc:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VJ0N8kYEL92FSeOnYcHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjYwMzI5MTYwMTU2WhcNMjYwMzMwMTYwMTU2WjAzMTEwLwYDVQQD
EygyMjNkYmZkY2FhMjVkMGEzMWM2YzkyNDc1Njg3NGQ1ZmJhODUxZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs8F+43kTSPhDl+pDXB+Z0Xa4Ow9
HiCd0ERgyoJ5OXeDgJnRAbA/ZvVNYAJf/yzBWmVJzLgZ0w7WRu/qJlc4L3hHsgjF
4lvzu4csOVOR5BgaBAMolspBQWk44OT/Bh9ungsLaP8dJYXiR/JBAYQalUU1nHhv
c3n61QCGamFUY+rWVALMdpVeZsVo5Q27uX1UoUBMCXQfHiAjUzr3l379VX4+ZOJ4
IMgAh8e4i6EtBsQRyW5F3CMWW8OTD2NDBWwRMbSutzWp7HH3h9v3nYNYxseJuWBC
Amv7+nUnhVawcEmV5CLjnwpxxkkK4cPIlGLaxQdTYCkU6iefSpLaOKkwewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCI9v9yqJdCjHGySR1aHTV+6hR6OMB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEfWnOiR
N98iebDg0/eVDJPT8UzPDfiAw8kg6vN772MglpmltynAacRfqETZUo4QkULOvLid
pZqos5u32qXfTrxxGoIfFIg2n+Pk6RSHO+MnQl5rFdTTw3u5eJCV7rbL271thuYf
1o4ZKOA2L1k8IPsndMuZ+lb+HvXKyfwSbmNLvmba2yASdYQwETKnG6tRUuBCZrCn
l2pJDn2J7fkOBkNISqSSSqnTWeh2E0esZK2fs3XsvrxRvE1Aw7Otct9Fwu9EevGN
rZuu5mEZBI2HtOAwgLH3R45SIM7Dq1geYNPeNTRc8tyEE7AfuR8vpht20CqQO4K3
BJ7Uw1JY/GC8Sw==
-----END CERTIFICATE-----