Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
File:                     dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft (raw, json)
Hash identifier:          0OvzM7+SIWwec9ab+kD/Ff6iCmHm60eo3wWF0CU3GNI=
Subject key identifier:   EA:30:17:3C:74:9F:87:B1:15:7C:82:1B:5E:70:A4:E2:96:F9:38:46
Authority key identifier: 75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6
Certificate issuer:       /CN=7571c892999bb4564bce480c921b6ff17205ecc6
Certificate serial:       019D375314D59F2436806F0521FBE405D098
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
Manifest number:          086D
Signing time:             Sun 29 Mar 2026 02:01:24 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:24 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:24 +0000
Files and hashes:         1: dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl (hash: 2Bv+YlKgU1cN+QoUYyZN3THUozI5UbvI1dEL49Hcz/8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:53:14:d5:9f:24:36:80:6f:05:21:fb:e4:05:d0:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7571c892999bb4564bce480c921b6ff17205ecc6
        Validity
            Not Before: Mar 29 02:01:24 2026 GMT
            Not After : Mar 30 02:01:24 2026 GMT
        Subject: CN=ea30173c749f87b1157c821b5e70a4e296f93846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ab:03:58:46:f2:ff:6d:7c:e6:cb:b7:f0:0a:
                    87:79:28:9e:ce:57:45:a6:66:4e:ac:b2:c4:bf:65:
                    62:23:42:30:80:f9:72:30:2b:db:41:a1:c6:c7:35:
                    2f:a2:e6:14:98:67:4f:23:56:49:90:5c:dd:c2:fe:
                    e8:6e:8b:ca:a3:bb:71:93:3b:9d:3f:51:bf:1c:ee:
                    67:98:d2:a7:e6:55:4f:db:23:b1:04:8c:3b:48:c3:
                    c2:39:29:d5:e4:d1:7b:21:3d:53:9b:d0:61:89:fe:
                    53:10:3d:32:28:d9:16:07:3b:0c:8d:4e:4f:fd:3f:
                    75:73:49:68:3e:1a:2b:4b:3a:73:3d:b6:1e:54:31:
                    9c:f7:e3:b5:5c:59:f8:2f:71:c3:11:be:36:ea:f3:
                    1b:46:a3:b2:84:af:10:a6:cf:6f:de:c1:cb:78:b5:
                    a4:c3:b1:f5:72:88:13:53:4d:b5:87:9c:53:bc:a6:
                    52:2a:bc:ce:6b:01:9d:14:34:63:ba:30:b2:73:24:
                    d1:8a:0c:d6:3f:16:fc:73:10:80:a8:c1:7a:79:61:
                    97:9b:76:db:b6:14:16:ab:00:db:72:cf:c0:3f:1a:
                    c9:0e:c0:61:11:7f:9c:68:e3:fe:43:14:0c:77:44:
                    db:53:b0:ec:7a:0b:4b:b3:48:7b:79:2d:52:45:d5:
                    5c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:30:17:3C:74:9F:87:B1:15:7C:82:1B:5E:70:A4:E2:96:F9:38:46
            X509v3 Authority Key Identifier:
                keyid:75:71:C8:92:99:9B:B4:56:4B:CE:48:0C:92:1B:6F:F1:72:05:EC:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXHIkpmbtFZLzkgMkhtv8XIF7MY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/818ac5-93dd-40fd-bf6f-e04f8fcc2ca1/1/dXHIkpmbtFZLzkgMkhtv8XIF7MY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:a5:1e:44:8b:9f:fb:67:02:d8:28:45:9b:d3:75:c2:a0:9b:
         49:99:e2:97:3f:66:21:b1:8f:a0:dc:ac:38:d1:72:93:17:5d:
         d9:d9:8e:7d:f2:3f:7d:b6:6b:ef:af:8c:60:d9:34:be:b6:26:
         81:22:d4:0e:d6:81:96:ed:65:5b:8f:3a:8a:56:05:5f:f7:14:
         3f:17:aa:cf:88:9b:9b:9d:f0:7f:67:fc:2b:1f:91:02:7f:8e:
         de:be:06:34:fd:50:cd:af:12:ce:b5:f8:f2:d3:32:81:f1:c3:
         66:6f:76:9a:57:c5:fc:10:03:c7:8a:93:54:e3:ce:8a:8e:e4:
         b9:81:ec:63:dc:64:16:ea:72:11:87:f3:58:95:ad:21:15:55:
         3c:17:31:c2:69:37:68:af:30:07:d3:8d:08:29:f8:90:ef:e2:
         41:3c:38:a3:25:8c:9e:95:5e:f4:c2:c0:1d:d8:df:51:41:01:
         26:09:95:56:81:93:c8:37:c4:60:77:ea:a1:e9:87:c3:d9:26:
         17:f2:a2:29:9b:25:ba:7c:7a:83:e7:96:89:07:ab:d8:e2:e1:
         69:08:7b:1a:6e:d9:fd:74:d8:0b:c1:e4:37:d2:89:3e:4a:a7:
         38:f2:56:90:5f:3a:44:a2:f0:f7:07:9d:f9:e6:6e:13:d3:2d:
         eb:29:9a:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UxTVnyQ2gG8FIfvkBdCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzFjODkyOTk5YmI0NTY0YmNlNDgwYzkyMWI2ZmYxNzIw
NWVjYzYwHhcNMjYwMzI5MDIwMTI0WhcNMjYwMzMwMDIwMTI0WjAzMTEwLwYDVQQD
EyhlYTMwMTczYzc0OWY4N2IxMTU3YzgyMWI1ZTcwYTRlMjk2ZjkzODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsasDWEby/2185su38AqHeSiezldF
pmZOrLLEv2ViI0IwgPlyMCvbQaHGxzUvouYUmGdPI1ZJkFzdwv7obovKo7txkzud
P1G/HO5nmNKn5lVP2yOxBIw7SMPCOSnV5NF7IT1Tm9Bhif5TED0yKNkWBzsMjU5P
/T91c0loPhorSzpzPbYeVDGc9+O1XFn4L3HDEb426vMbRqOyhK8Qps9v3sHLeLWk
w7H1cogTU021h5xTvKZSKrzOawGdFDRjujCycyTRigzWPxb8cxCAqMF6eWGXm3bb
thQWqwDbcs/APxrJDsBhEX+caOP+QxQMd0TbU7DsegtLs0h7eS1SRdVcXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOowFzx0n4exFXyCG15wpOKW+ThGMB8GA1UdIwQY
MBaAFHVxyJKZm7RWS85IDJIbb/FyBezGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYt
ZTA0ZjhmY2MyY2ExLzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MThhYzUtOTNkZC00MGZkLWJmNmYtZTA0ZjhmY2MyY2Ex
LzEvZFhISWtwbWJ0RlpMemtnTWtodHY4WElGN01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbqUeRIuf
+2cC2ChFm9N1wqCbSZnilz9mIbGPoNysONFykxdd2dmOffI/fbZr76+MYNk0vrYm
gSLUDtaBlu1lW486ilYFX/cUPxeqz4ibm53wf2f8Kx+RAn+O3r4GNP1Qza8SzrX4
8tMygfHDZm92mlfF/BADx4qTVOPOio7kuYHsY9xkFupyEYfzWJWtIRVVPBcxwmk3
aK8wB9ONCCn4kO/iQTw4oyWMnpVe9MLAHdjfUUEBJgmVVoGTyDfEYHfqoemHw9km
F/KiKZslunx6g+eWiQer2OLhaQh7Gm7Z/XTYC8HkN9KJPkqnOPJWkF86RKLw9wed
+eZuE9Mt6ymacA==
-----END CERTIFICATE-----