Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
File:                     D1pCPdyX3TDeyLhnPCSWjic3JnY.mft (raw, json)
Hash identifier:          pmNI1Ve1leViSy94uR8xh+Na4UlmDRTu5m2HYsAh66g=
Subject key identifier:   C4:AC:15:2C:85:C8:59:72:24:A6:18:89:78:80:7C:98:31:54:8D:34
Authority key identifier: 0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76
Certificate issuer:       /CN=0f5a423ddc97dd30dec8b8673c24968e27372676
Certificate serial:       019D3752D95BF044887E14556B3D8DF95F95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
Manifest number:          0352
Signing time:             Sun 29 Mar 2026 02:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:09 +0000
Files and hashes:         1: D1pCPdyX3TDeyLhnPCSWjic3JnY.crl (hash: hddOPB03ObCoSEMsDDZ/OY9xUj/tEfQ3Mv2TIFptLvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:d9:5b:f0:44:88:7e:14:55:6b:3d:8d:f9:5f:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f5a423ddc97dd30dec8b8673c24968e27372676
        Validity
            Not Before: Mar 29 02:01:09 2026 GMT
            Not After : Mar 30 02:01:09 2026 GMT
        Subject: CN=c4ac152c85c8597224a6188978807c9831548d34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:43:a4:59:ac:bd:b6:c1:de:b8:c0:40:bc:f0:
                    c0:74:6b:6c:9a:d7:e4:b5:91:33:33:2d:ad:78:21:
                    bd:a1:9c:42:97:33:13:5e:24:c6:41:80:7b:4b:24:
                    9d:6f:6e:30:e9:40:07:c8:1a:f8:d6:bd:21:eb:56:
                    ee:18:f1:24:67:3a:ae:97:d5:e3:a9:56:23:96:bf:
                    29:66:8f:da:35:5b:53:22:8d:18:7c:bc:7b:74:05:
                    a8:a0:88:ad:fc:04:0d:79:66:96:9f:4f:fe:67:82:
                    b2:56:e1:0a:25:3b:02:48:93:57:4f:6f:df:88:3c:
                    2a:54:86:fe:08:ff:f8:81:4a:2b:2d:8d:ef:f3:c5:
                    d2:6a:80:1a:4c:56:6f:d4:29:a6:2a:ee:86:0b:ab:
                    21:fc:61:3c:d7:c3:9c:6e:6e:02:23:50:b9:d5:87:
                    42:47:81:a1:ba:48:f0:7d:a5:3b:12:36:d7:ce:49:
                    ee:92:72:26:f1:0e:52:f2:3a:d3:fd:ad:07:99:9d:
                    c8:98:d2:19:35:e6:a9:c9:32:2e:30:b0:9f:a2:88:
                    04:9d:21:d7:94:59:9b:a0:aa:a7:28:96:a6:03:43:
                    a7:04:0f:0d:7e:89:43:44:97:3b:21:02:24:e9:83:
                    f6:98:d6:7a:a4:40:99:05:14:1d:39:ee:de:a6:7d:
                    95:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:AC:15:2C:85:C8:59:72:24:A6:18:89:78:80:7C:98:31:54:8D:34
            X509v3 Authority Key Identifier:
                keyid:0F:5A:42:3D:DC:97:DD:30:DE:C8:B8:67:3C:24:96:8E:27:37:26:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D1pCPdyX3TDeyLhnPCSWjic3JnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/37cd50-5769-4cdd-95ea-cf89be5a5fea/1/D1pCPdyX3TDeyLhnPCSWjic3JnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:f8:0c:47:2b:55:0d:ca:15:c5:b0:df:9b:4d:04:a5:11:3c:
         33:36:d4:a0:e5:bd:84:15:34:27:0f:22:ce:d2:6d:0f:b6:30:
         03:8b:f6:ba:90:26:42:29:f9:75:39:6d:ea:56:12:89:07:a8:
         fa:28:2c:d7:e3:fa:1b:c7:a7:67:ce:ce:84:ba:e7:8a:7f:81:
         a0:26:dd:cf:27:e4:d0:b7:6b:84:4e:51:66:98:fb:c6:f0:bc:
         44:51:cb:05:34:21:ea:d4:ac:60:a6:be:03:f0:1e:34:c8:61:
         14:20:2f:cd:eb:6d:31:e3:f5:d5:e6:74:6f:85:2f:f2:59:ff:
         39:f1:59:e1:c6:15:dc:b6:4a:e9:ba:6d:85:b7:b6:78:05:c9:
         9a:06:41:d4:94:db:db:bb:d5:ec:28:12:21:03:d4:b9:68:f7:
         9c:24:7e:79:c9:d8:2b:f6:76:a1:8c:35:41:bf:9d:29:9d:3f:
         12:9b:fd:25:dc:62:61:fc:a6:f1:13:6a:2d:7a:9e:89:16:6e:
         e4:75:2a:9e:29:f3:b7:27:17:75:f3:cd:64:70:95:7a:4b:61:
         e8:5d:6f:86:0c:cd:6a:aa:ce:dd:a9:6b:86:bd:a9:a4:44:69:
         07:05:30:0a:b8:af:58:bf:10:d3:2a:18:f7:f3:c8:50:61:e7:
         e8:16:4d:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Utlb8ESIfhRVaz2N+V+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNWE0MjNkZGM5N2RkMzBkZWM4Yjg2NzNjMjQ5NjhlMjcz
NzI2NzYwHhcNMjYwMzI5MDIwMTA5WhcNMjYwMzMwMDIwMTA5WjAzMTEwLwYDVQQD
EyhjNGFjMTUyYzg1Yzg1OTcyMjRhNjE4ODk3ODgwN2M5ODMxNTQ4ZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EOkWay9tsHeuMBAvPDAdGtsmtfk
tZEzMy2teCG9oZxClzMTXiTGQYB7SySdb24w6UAHyBr41r0h61buGPEkZzqul9Xj
qVYjlr8pZo/aNVtTIo0YfLx7dAWooIit/AQNeWaWn0/+Z4KyVuEKJTsCSJNXT2/f
iDwqVIb+CP/4gUorLY3v88XSaoAaTFZv1CmmKu6GC6sh/GE818Ocbm4CI1C51YdC
R4GhukjwfaU7EjbXzknuknIm8Q5S8jrT/a0HmZ3ImNIZNeapyTIuMLCfoogEnSHX
lFmboKqnKJamA0OnBA8NfolDRJc7IQIk6YP2mNZ6pECZBRQdOe7epn2V3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMSsFSyFyFlyJKYYiXiAfJgxVI00MB8GA1UdIwQY
MBaAFA9aQj3cl90w3si4Zzwklo4nNyZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEt
Y2Y4OWJlNWE1ZmVhLzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zN2NkNTAtNTc2OS00Y2RkLTk1ZWEtY2Y4OWJlNWE1ZmVh
LzEvRDFwQ1BkeVgzVERleUxoblBDU1dqaWMzSm5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/gMRytV
DcoVxbDfm00EpRE8MzbUoOW9hBU0Jw8iztJtD7YwA4v2upAmQin5dTlt6lYSiQeo
+igs1+P6G8enZ87OhLrnin+BoCbdzyfk0LdrhE5RZpj7xvC8RFHLBTQh6tSsYKa+
A/AeNMhhFCAvzettMeP11eZ0b4Uv8ln/OfFZ4cYV3LZK6bpthbe2eAXJmgZB1JTb
27vV7CgSIQPUuWj3nCR+ecnYK/Z2oYw1Qb+dKZ0/Epv9JdxiYfym8RNqLXqeiRZu
5HUqninztycXdfPNZHCVekth6F1vhgzNaqrO3alrhr2ppERpBwUwCrivWL8Q0yoY
9/PIUGHn6BZNaQ==
-----END CERTIFICATE-----