Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
File:                     Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft (raw, json)
Hash identifier:          pgaFcdkd9XMDUerzo/EugQY3pupR8gRrz0sQkBYdOjE=
Subject key identifier:   5D:1E:09:05:18:0F:73:B8:70:56:D7:14:74:7A:40:6D:37:D1:AE:B0
Authority key identifier: 0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84
Certificate issuer:       /CN=0e29a482de0d56746c3045269f99205204f95484
Certificate serial:       019D3865AB237D9DFE13A9C2A2DE1F7EDB92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
Manifest number:          1435
Signing time:             Sun 29 Mar 2026 07:01:20 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:20 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:20 +0000
Files and hashes:         1: Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl (hash: 6xaCSoI+vNrW7Rewg+NyIvHXfGt8nAyQNhZd2xW7AzE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:ab:23:7d:9d:fe:13:a9:c2:a2:de:1f:7e:db:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e29a482de0d56746c3045269f99205204f95484
        Validity
            Not Before: Mar 29 07:01:20 2026 GMT
            Not After : Mar 30 07:01:20 2026 GMT
        Subject: CN=5d1e0905180f73b87056d714747a406d37d1aeb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:dd:89:2d:3a:08:58:77:1a:86:50:b8:d5:3b:
                    70:ba:32:07:e4:d3:60:6e:98:8e:61:1f:bc:49:90:
                    f5:d6:f2:83:1d:91:5d:cb:4c:33:2f:b0:4d:03:1e:
                    70:cc:0d:f3:c9:f2:5e:fe:da:0f:fa:b2:3b:45:59:
                    12:f9:73:3d:a9:96:f9:83:78:f1:e5:df:93:3e:50:
                    91:38:f9:0e:4a:09:46:4c:47:87:63:10:02:79:a3:
                    14:ef:40:b2:6d:db:0c:ab:67:ee:a1:e7:90:8b:f8:
                    f6:16:8a:63:0e:c2:66:e6:24:db:c2:41:b1:af:80:
                    cb:c7:ba:27:be:2f:e6:64:de:79:a3:08:69:e1:34:
                    ba:c5:82:25:ef:08:0c:70:6e:77:d7:a0:0b:44:4b:
                    8e:01:d1:9b:aa:16:f9:f0:19:4e:c1:ee:d4:39:b5:
                    16:67:99:61:aa:be:26:9d:2c:43:7b:74:89:59:ba:
                    df:1e:11:bc:ba:58:9c:6b:65:b1:de:9f:04:f3:3c:
                    5a:ef:c9:06:24:c7:a8:26:15:e1:2c:af:55:6a:b4:
                    94:22:a0:4f:ce:42:aa:2f:09:93:5b:50:e8:f8:9c:
                    7f:a7:7e:1b:0c:48:f8:f8:68:35:64:9c:46:82:45:
                    16:67:25:00:92:68:39:c9:25:b1:02:5b:be:22:d3:
                    4c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:1E:09:05:18:0F:73:B8:70:56:D7:14:74:7A:40:6D:37:D1:AE:B0
            X509v3 Authority Key Identifier:
                keyid:0E:29:A4:82:DE:0D:56:74:6C:30:45:26:9F:99:20:52:04:F9:54:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/14a273-8b75-476c-b9e3-8bbd93940eef/1/Dimkgt4NVnRsMEUmn5kgUgT5VIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:ed:67:0c:6e:1e:63:69:bc:ca:87:2d:d1:3d:c3:34:9d:1b:
         85:f2:d0:3c:ba:fc:18:a0:c3:ef:4a:ad:84:dc:45:f7:5d:9f:
         9f:0b:54:7f:8e:98:66:2a:ca:13:7d:0a:7b:11:0f:38:68:ff:
         74:85:cb:ad:36:1d:58:77:d0:cc:18:7c:67:d8:83:c1:12:b9:
         2c:a6:08:26:a3:7d:14:88:6e:e0:11:a0:f3:5b:f6:06:b3:b6:
         73:1d:ea:cb:86:df:cb:a1:6d:04:d4:73:8b:77:ce:f2:f1:91:
         f3:07:1f:7d:52:98:ad:c4:da:47:07:d5:ff:4b:6b:24:9d:20:
         7d:d2:b9:7f:2a:a0:12:03:28:6e:7b:2b:a1:1b:fb:9a:0b:56:
         18:fd:a8:17:e1:8d:01:6d:7b:75:c5:86:ca:dd:d7:ce:53:7a:
         6c:66:69:af:d6:03:b4:0b:aa:0a:8f:2b:b8:c4:6d:9c:a2:30:
         4c:c6:af:f1:61:25:67:43:34:12:da:ac:05:06:20:3d:78:97:
         59:e4:4c:f5:49:2f:81:f4:fe:fd:be:1e:ff:d5:c9:0b:95:24:
         ee:a1:10:8a:11:b0:11:20:6e:6e:35:04:24:7b:b8:fd:95:f2:
         38:60:68:79:47:e9:10:00:3e:a3:3e:20:2b:53:7a:31:3f:82:
         f7:9a:c3:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZasjfZ3+E6nCot4fftuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjlhNDgyZGUwZDU2NzQ2YzMwNDUyNjlmOTkyMDUyMDRm
OTU0ODQwHhcNMjYwMzI5MDcwMTIwWhcNMjYwMzMwMDcwMTIwWjAzMTEwLwYDVQQD
Eyg1ZDFlMDkwNTE4MGY3M2I4NzA1NmQ3MTQ3NDdhNDA2ZDM3ZDFhZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy92JLToIWHcahlC41TtwujIH5NNg
bpiOYR+8SZD11vKDHZFdy0wzL7BNAx5wzA3zyfJe/toP+rI7RVkS+XM9qZb5g3jx
5d+TPlCROPkOSglGTEeHYxACeaMU70CybdsMq2fuoeeQi/j2FopjDsJm5iTbwkGx
r4DLx7onvi/mZN55owhp4TS6xYIl7wgMcG5316ALREuOAdGbqhb58BlOwe7UObUW
Z5lhqr4mnSxDe3SJWbrfHhG8ulica2Wx3p8E8zxa78kGJMeoJhXhLK9VarSUIqBP
zkKqLwmTW1Do+Jx/p34bDEj4+Gg1ZJxGgkUWZyUAkmg5ySWxAlu+ItNMUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0eCQUYD3O4cFbXFHR6QG030a6wMB8GA1UdIwQY
MBaAFA4ppILeDVZ0bDBFJp+ZIFIE+VSEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMt
OGJiZDkzOTQwZWVmLzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xNGEyNzMtOGI3NS00NzZjLWI5ZTMtOGJiZDkzOTQwZWVm
LzEvRGlta2d0NE5WblJzTUVVbW41a2dVZ1Q1VklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs+1nDG4e
Y2m8yoct0T3DNJ0bhfLQPLr8GKDD70qthNxF912fnwtUf46YZirKE30KexEPOGj/
dIXLrTYdWHfQzBh8Z9iDwRK5LKYIJqN9FIhu4BGg81v2BrO2cx3qy4bfy6FtBNRz
i3fO8vGR8wcffVKYrcTaRwfV/0trJJ0gfdK5fyqgEgMobnsroRv7mgtWGP2oF+GN
AW17dcWGyt3XzlN6bGZpr9YDtAuqCo8ruMRtnKIwTMav8WElZ0M0EtqsBQYgPXiX
WeRM9UkvgfT+/b4e/9XJC5Uk7qEQihGwESBubjUEJHu4/ZXyOGBoeUfpEAA+oz4g
K1N6MT+C95rDRg==
-----END CERTIFICATE-----