Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft
File:                     dgynIUsW9YyV1i3vAFkVhtvSPKo.mft (raw, json)
Hash identifier:          1uiL9F+JyAsYpruFWd7LStySbw79yCJdwrnz93XINxA=
Subject key identifier:   8D:42:04:ED:8C:6C:A5:C7:95:83:19:CA:49:5E:97:BF:EC:DC:AE:FF
Authority key identifier: 76:0C:A7:21:4B:16:F5:8C:95:D6:2D:EF:00:59:15:86:DB:D2:3C:AA
Certificate issuer:       /CN=760ca7214b16f58c95d62def00591586dbd23caa
Certificate serial:       019D3865FB71DAFC0EC31723A47216D9310A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dgynIUsW9YyV1i3vAFkVhtvSPKo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft
Manifest number:          0B01
Signing time:             Sun 29 Mar 2026 07:01:40 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:40 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:40 +0000
Files and hashes:         1: dgynIUsW9YyV1i3vAFkVhtvSPKo.crl (hash: LIK3Mf5cVnTSkecEtQ2CxdNtqA3EhwFsbvU/poA1vT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dgynIUsW9YyV1i3vAFkVhtvSPKo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:fb:71:da:fc:0e:c3:17:23:a4:72:16:d9:31:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=760ca7214b16f58c95d62def00591586dbd23caa
        Validity
            Not Before: Mar 29 07:01:40 2026 GMT
            Not After : Mar 30 07:01:40 2026 GMT
        Subject: CN=8d4204ed8c6ca5c7958319ca495e97bfecdcaeff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c6:a7:7d:70:ba:fe:fe:d1:ab:f3:4d:9d:ef:
                    2e:17:f0:c6:3e:fc:2b:74:53:94:2f:6c:25:9e:32:
                    79:bb:7f:57:0d:8c:80:ab:05:5b:d9:dc:7c:37:d3:
                    13:f9:33:f9:6b:df:e3:7a:72:cc:2f:ee:0d:90:a8:
                    3e:3c:d4:9a:0f:2c:c0:29:ab:ba:2a:52:2a:3c:a2:
                    a0:5a:cd:5c:96:ed:30:aa:20:92:b8:0a:a5:9c:4c:
                    c7:e9:31:ee:aa:bf:0c:04:18:1b:02:f3:76:d3:76:
                    89:96:12:06:e2:48:f3:2e:97:5b:9e:86:8d:53:99:
                    d3:82:d3:bf:6b:1d:4e:14:29:b2:12:02:73:f6:be:
                    b4:17:f6:9d:c0:29:98:d9:f6:1c:e7:ef:3f:a7:34:
                    09:ec:1e:ae:e8:37:9d:86:80:5b:33:64:68:3d:06:
                    74:d1:cb:45:b6:de:34:2a:09:ab:41:b3:9b:01:05:
                    e3:04:5a:33:0a:cc:b6:2a:7e:b6:3e:b3:4f:69:de:
                    ee:25:9e:7a:7d:2f:7a:4d:de:17:2a:67:c1:e9:19:
                    99:31:92:c5:27:91:40:ed:64:b5:74:c2:02:cf:39:
                    02:fe:0a:62:1b:42:c0:9a:0c:02:b7:d3:f6:54:e8:
                    25:80:47:dd:3b:4e:cb:ae:ba:b5:f9:06:59:af:6e:
                    46:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:42:04:ED:8C:6C:A5:C7:95:83:19:CA:49:5E:97:BF:EC:DC:AE:FF
            X509v3 Authority Key Identifier:
                keyid:76:0C:A7:21:4B:16:F5:8C:95:D6:2D:EF:00:59:15:86:DB:D2:3C:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dgynIUsW9YyV1i3vAFkVhtvSPKo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/364413-a6dd-4a37-889c-8aeb38751f12/1/dgynIUsW9YyV1i3vAFkVhtvSPKo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:a1:e5:cc:43:5c:3b:cb:01:78:57:88:d6:87:8a:3d:76:33:
         f5:29:7d:ae:ea:dd:e0:b7:fb:62:7d:23:fa:3d:2e:65:7b:06:
         2b:7c:49:07:b7:a0:61:1d:ae:a4:0a:47:8a:d0:4b:db:df:41:
         76:05:e2:13:1b:ce:14:7b:aa:91:1b:90:27:7f:91:76:d1:3e:
         6f:ce:61:4d:82:99:25:25:17:c4:05:50:0d:99:dd:ca:90:be:
         b8:73:fa:cd:ae:09:0f:41:cc:c4:93:6f:83:91:81:be:7f:d5:
         a0:ee:ce:66:74:d2:bd:1f:c6:c1:be:ac:de:f0:b7:cd:c5:77:
         b1:e5:c2:9c:30:e1:87:d1:ff:44:ea:df:7e:df:01:1b:fc:2d:
         b6:20:bc:31:7b:db:a2:bb:38:46:23:2d:81:43:47:58:c6:d8:
         ad:b0:6a:b6:4c:7d:54:e5:5a:30:e3:52:f6:ee:a5:c9:82:20:
         1e:2f:3b:56:32:5a:4a:7c:e2:55:e1:dd:15:72:ff:63:db:12:
         87:3a:77:29:99:4e:ec:e2:70:cd:ef:56:1b:d0:f1:4c:7f:08:
         8a:32:b7:7a:fc:07:16:c0:3d:37:66:65:f2:90:25:4e:bf:59:
         89:50:d4:d5:fa:30:86:d7:d3:f5:57:cb:b0:1b:79:9c:6c:ef:
         97:ef:4b:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zftx2vwOwxcjpHIW2TEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MGNhNzIxNGIxNmY1OGM5NWQ2MmRlZjAwNTkxNTg2ZGJk
MjNjYWEwHhcNMjYwMzI5MDcwMTQwWhcNMjYwMzMwMDcwMTQwWjAzMTEwLwYDVQQD
Eyg4ZDQyMDRlZDhjNmNhNWM3OTU4MzE5Y2E0OTVlOTdiZmVjZGNhZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sanfXC6/v7Rq/NNne8uF/DGPvwr
dFOUL2wlnjJ5u39XDYyAqwVb2dx8N9MT+TP5a9/jenLML+4NkKg+PNSaDyzAKau6
KlIqPKKgWs1clu0wqiCSuAqlnEzH6THuqr8MBBgbAvN203aJlhIG4kjzLpdbnoaN
U5nTgtO/ax1OFCmyEgJz9r60F/adwCmY2fYc5+8/pzQJ7B6u6DedhoBbM2RoPQZ0
0ctFtt40KgmrQbObAQXjBFozCsy2Kn62PrNPad7uJZ56fS96Td4XKmfB6RmZMZLF
J5FA7WS1dMICzzkC/gpiG0LAmgwCt9P2VOglgEfdO07Lrrq1+QZZr25G/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1CBO2MbKXHlYMZyklel7/s3K7/MB8GA1UdIwQY
MBaAFHYMpyFLFvWMldYt7wBZFYbb0jyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGd5bklVc1c5WXlWMWkzdkFGa1ZodHZTUEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zNjQ0MTMtYTZkZC00YTM3LTg4OWMt
OGFlYjM4NzUxZjEyLzEvZGd5bklVc1c5WXlWMWkzdkFGa1ZodHZTUEtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zNjQ0MTMtYTZkZC00YTM3LTg4OWMtOGFlYjM4NzUxZjEy
LzEvZGd5bklVc1c5WXlWMWkzdkFGa1ZodHZTUEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdqHlzENc
O8sBeFeI1oeKPXYz9Sl9rurd4Lf7Yn0j+j0uZXsGK3xJB7egYR2upApHitBL299B
dgXiExvOFHuqkRuQJ3+RdtE+b85hTYKZJSUXxAVQDZndypC+uHP6za4JD0HMxJNv
g5GBvn/VoO7OZnTSvR/Gwb6s3vC3zcV3seXCnDDhh9H/ROrfft8BG/wttiC8MXvb
ors4RiMtgUNHWMbYrbBqtkx9VOVaMONS9u6lyYIgHi87VjJaSnziVeHdFXL/Y9sS
hzp3KZlO7OJwze9WG9DxTH8IijK3evwHFsA9N2Zl8pAlTr9ZiVDU1fowhtfT9VfL
sBt5nGzvl+9LaQ==
-----END CERTIFICATE-----