Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          pRJLWs6dHmQQg1cD0YRfVYR/8Y4Ie0s1q8CKprOWXSI=
Subject key identifier:   0C:98:6A:02:31:99:C9:2A:6C:4C:1B:B8:AB:E6:5B:AB:53:29:9A:96
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019D382E22A666A06B80C6980B925174F8BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          141E
Signing time:             Sun 29 Mar 2026 06:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:40 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: M8WemWJxYg+cqtMp8Aw/aJTAC/7SYu+J2zYCJdfzcCc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:22:a6:66:a0:6b:80:c6:98:0b:92:51:74:f8:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Mar 29 06:00:40 2026 GMT
            Not After : Mar 30 06:00:40 2026 GMT
        Subject: CN=0c986a023199c92a6c4c1bb8abe65bab53299a96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:99:ff:97:db:07:9e:0a:6b:b0:6c:04:32:11:
                    41:a5:62:de:9c:c1:e7:99:ea:f8:f9:10:07:70:91:
                    1f:5d:97:4d:a1:49:b7:11:c7:81:58:e7:3b:a5:f9:
                    cc:8b:c0:84:02:f6:3f:89:41:9c:bf:be:a5:3c:41:
                    34:a5:43:c4:f6:44:ad:c8:51:5f:b9:bb:cc:fa:33:
                    2b:09:3f:e9:0e:33:78:a5:e1:4d:c3:55:30:aa:6a:
                    d9:b5:7f:e5:f9:de:d0:57:a7:58:b0:5b:32:a5:bc:
                    c9:12:14:03:26:bd:04:b4:5d:23:f2:67:ec:ef:05:
                    b0:80:42:ab:ea:97:da:4e:6d:0b:32:8d:2c:85:cc:
                    25:65:70:04:b7:77:12:1e:22:df:52:56:8c:df:56:
                    84:4f:e8:4c:92:ab:d3:e8:0f:e1:1d:3f:43:31:05:
                    98:af:f2:e1:8c:c5:38:cf:f0:c2:06:61:29:ec:b3:
                    1c:3e:a1:4e:5f:03:78:7d:22:48:b2:d8:1b:2b:9a:
                    50:82:d6:ec:86:42:c0:79:93:7f:c5:ea:15:19:de:
                    d8:63:39:f3:0e:bc:42:f3:1c:46:d0:5b:81:7f:c4:
                    ff:25:26:24:a7:db:b3:74:25:58:1b:71:e1:71:46:
                    66:17:86:6d:15:04:9a:5c:3f:6f:81:53:d5:32:87:
                    1b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:98:6A:02:31:99:C9:2A:6C:4C:1B:B8:AB:E6:5B:AB:53:29:9A:96
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:4f:09:a0:c1:31:33:99:ee:a1:28:ab:0b:87:21:94:69:c3:
         3c:55:ad:e1:d2:ee:66:cc:12:86:59:66:42:2a:fb:1c:c8:6b:
         e7:60:41:8d:65:b0:c6:8f:e8:08:76:50:84:29:37:b8:12:e7:
         66:d5:2d:57:b8:53:05:62:ef:fb:95:3d:c1:19:29:40:eb:78:
         fa:c6:85:11:bf:d8:17:41:f5:2e:77:91:27:c1:93:6e:d6:e3:
         66:6b:37:95:30:87:4a:55:ec:23:57:33:6c:56:b7:99:4b:8d:
         ae:2b:ce:80:8e:50:8c:41:64:5d:1a:65:aa:7f:bd:13:e4:68:
         47:70:c3:29:8a:b5:0d:78:c2:fe:67:29:2f:06:1a:2d:5b:1f:
         d8:17:99:c9:2e:7b:c7:e0:15:12:9f:a0:5c:c8:0d:ab:ad:fb:
         cc:16:7c:c2:0e:46:43:b2:ed:b1:e3:1e:82:e7:ec:cb:3c:5f:
         1c:8d:74:f7:d3:9e:20:d6:fd:81:e3:21:58:e5:b0:2c:b1:35:
         40:72:c6:de:5d:0d:a3:29:17:e6:f7:04:cf:2c:3c:56:5d:48:
         e9:79:fe:62:a7:91:a0:b9:f5:f1:52:b6:53:ad:6b:d8:ca:1e:
         1f:30:05:0b:ed:14:50:75:84:83:fc:12:5d:a0:ca:d3:c9:94:
         c4:89:8c:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LiKmZqBrgMaYC5JRdPi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwMzI5MDYwMDQwWhcNMjYwMzMwMDYwMDQwWjAzMTEwLwYDVQQD
EygwYzk4NmEwMjMxOTljOTJhNmM0YzFiYjhhYmU2NWJhYjUzMjk5YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZn/l9sHngprsGwEMhFBpWLenMHn
mer4+RAHcJEfXZdNoUm3EceBWOc7pfnMi8CEAvY/iUGcv76lPEE0pUPE9kStyFFf
ubvM+jMrCT/pDjN4peFNw1UwqmrZtX/l+d7QV6dYsFsypbzJEhQDJr0EtF0j8mfs
7wWwgEKr6pfaTm0LMo0shcwlZXAEt3cSHiLfUlaM31aET+hMkqvT6A/hHT9DMQWY
r/LhjMU4z/DCBmEp7LMcPqFOXwN4fSJIstgbK5pQgtbshkLAeZN/xeoVGd7YYznz
DrxC8xxG0FuBf8T/JSYkp9uzdCVYG3HhcUZmF4ZtFQSaXD9vgVPVMocbmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAyYagIxmckqbEwbuKvmW6tTKZqWMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK08JoMEx
M5nuoSirC4chlGnDPFWt4dLuZswShllmQir7HMhr52BBjWWwxo/oCHZQhCk3uBLn
ZtUtV7hTBWLv+5U9wRkpQOt4+saFEb/YF0H1LneRJ8GTbtbjZms3lTCHSlXsI1cz
bFa3mUuNrivOgI5QjEFkXRplqn+9E+RoR3DDKYq1DXjC/mcpLwYaLVsf2BeZyS57
x+AVEp+gXMgNq637zBZ8wg5GQ7LtseMegufsyzxfHI1099OeINb9geMhWOWwLLE1
QHLG3l0NoykX5vcEzyw8Vl1I6Xn+YqeRoLn18VK2U61r2MoeHzAFC+0UUHWEg/wS
XaDK08mUxImM+A==
-----END CERTIFICATE-----