Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
File:                     DZHf1FaDQonB_QOg_vG1Kl79HZE.mft (raw, json)
Hash identifier:          kGr1faOV85rc7FWeDc/ug56t120g8KXnWb2vp36N3ms=
Subject key identifier:   42:B2:09:A4:19:78:85:D6:1A:78:B0:DB:EF:B5:17:AC:41:76:4E:63
Authority key identifier: 0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91
Certificate issuer:       /CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
Certificate serial:       019D3752169FE611624C1BF5B09A1D26DFDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
Manifest number:          10F6
Signing time:             Sun 29 Mar 2026 02:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:19 +0000
Files and hashes:         1: DZHf1FaDQonB_QOg_vG1Kl79HZE.crl (hash: q5bxFPdlpZkzQsMMg2QE7PC0RPY1F1UcVoParNmsUVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:16:9f:e6:11:62:4c:1b:f5:b0:9a:1d:26:df:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d91dfd456834289c1fd03a0fef1b52a5efd1d91
        Validity
            Not Before: Mar 29 02:00:19 2026 GMT
            Not After : Mar 30 02:00:19 2026 GMT
        Subject: CN=42b209a4197885d61a78b0dbefb517ac41764e63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5a:d1:a9:60:f1:9e:a6:3e:76:ac:94:b9:a4:
                    70:09:a8:67:75:9d:56:2d:4f:f7:02:6e:36:da:99:
                    00:f0:e9:a0:53:a4:68:83:a9:04:a0:39:04:02:e9:
                    97:db:80:7c:4c:d4:ed:49:94:cd:9b:19:b6:69:c1:
                    c8:38:88:97:4c:c1:40:b5:16:23:39:d4:c4:45:34:
                    d8:d2:36:30:11:5a:08:01:45:98:87:90:e7:fb:c5:
                    03:83:ec:53:8a:9b:a2:91:e7:a1:cf:8f:d2:57:87:
                    38:a2:27:c9:37:ba:ff:bb:c0:27:00:2b:d2:b2:86:
                    84:e8:ae:1d:94:1e:c1:86:da:06:39:f9:73:d2:0e:
                    be:1c:88:34:ae:7c:e7:93:7d:03:26:b1:f2:87:58:
                    11:ea:1c:84:93:bf:63:6a:7c:5b:00:fa:92:0d:e5:
                    d9:a4:03:c3:24:9d:b8:41:7a:2d:10:43:6c:76:39:
                    de:64:d9:42:70:c2:f9:da:57:fb:62:1c:3e:e6:93:
                    07:06:32:0d:e7:20:82:cf:5c:8e:48:5e:96:6b:cf:
                    fa:97:cc:f6:8f:d7:ce:99:ac:43:0b:82:51:e3:3e:
                    44:2c:65:45:6d:ec:60:fe:19:e8:30:c2:93:9f:89:
                    96:94:c9:a7:81:00:74:b8:a8:9e:f2:a5:34:aa:76:
                    dd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B2:09:A4:19:78:85:D6:1A:78:B0:DB:EF:B5:17:AC:41:76:4E:63
            X509v3 Authority Key Identifier:
                keyid:0D:91:DF:D4:56:83:42:89:C1:FD:03:A0:FE:F1:B5:2A:5E:FD:1D:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZHf1FaDQonB_QOg_vG1Kl79HZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fbbe41-15b7-4f6e-9e07-8bcce303b919/1/DZHf1FaDQonB_QOg_vG1Kl79HZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:52:3f:88:75:84:fb:2a:0e:92:34:1d:f6:24:b7:3e:dc:68:
         3c:e2:06:65:17:a0:27:ed:f1:cf:f5:b1:9b:94:14:0e:f6:61:
         65:01:43:c6:30:70:72:df:ff:8b:2d:87:ea:8b:8b:14:e1:70:
         0f:ba:2b:84:48:c8:52:4b:a1:e5:74:77:d0:81:16:6f:df:f1:
         00:de:05:28:08:b8:1a:10:5b:dd:a5:0a:78:e9:22:44:fc:9b:
         7c:c7:bb:46:ab:cf:8c:a9:eb:d9:e3:08:32:dd:3d:fc:6a:61:
         d7:d2:9a:d0:20:0f:17:ba:d1:e0:21:cf:06:f4:54:53:80:0a:
         ad:c0:b0:53:9c:6d:17:84:3d:4e:4b:51:08:1f:d5:16:9a:6d:
         d6:b8:50:1d:97:a3:3f:8e:9e:ac:23:b2:9b:8c:a7:ac:85:88:
         d7:51:0d:a5:95:ae:b0:aa:d8:44:d5:9b:d3:10:91:6e:bf:3b:
         5b:6e:09:d7:9a:78:78:4b:d8:77:ad:5b:1f:69:08:98:ce:df:
         69:d0:ea:53:2d:39:c7:3d:bf:01:d5:7a:bf:c3:fc:07:50:09:
         05:89:32:ee:21:5b:b8:4b:79:50:02:7c:08:03:bd:9e:0e:e0:
         56:1d:24:7b:06:9b:0d:8c:42:d0:bb:92:1d:43:2d:0b:a7:d4:
         35:12:4a:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uhaf5hFiTBv1sJodJt/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTFkZmQ0NTY4MzQyODljMWZkMDNhMGZlZjFiNTJhNWVm
ZDFkOTEwHhcNMjYwMzI5MDIwMDE5WhcNMjYwMzMwMDIwMDE5WjAzMTEwLwYDVQQD
Eyg0MmIyMDlhNDE5Nzg4NWQ2MWE3OGIwZGJlZmI1MTdhYzQxNzY0ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlrRqWDxnqY+dqyUuaRwCahndZ1W
LU/3Am422pkA8OmgU6Rog6kEoDkEAumX24B8TNTtSZTNmxm2acHIOIiXTMFAtRYj
OdTERTTY0jYwEVoIAUWYh5Dn+8UDg+xTipuikeehz4/SV4c4oifJN7r/u8AnACvS
soaE6K4dlB7BhtoGOflz0g6+HIg0rnznk30DJrHyh1gR6hyEk79janxbAPqSDeXZ
pAPDJJ24QXotEENsdjneZNlCcML52lf7Yhw+5pMHBjIN5yCCz1yOSF6Wa8/6l8z2
j9fOmaxDC4JR4z5ELGVFbexg/hnoMMKTn4mWlMmngQB0uKie8qU0qnbdlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKyCaQZeIXWGniw2++1F6xBdk5jMB8GA1UdIwQY
MBaAFA2R39RWg0KJwf0DoP7xtSpe/R2RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDct
OGJjY2UzMDNiOTE5LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mYmJlNDEtMTViNy00ZjZlLTllMDctOGJjY2UzMDNiOTE5
LzEvRFpIZjFGYURRb25CX1FPZ192RzFLbDc5SFpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj1I/iHWE
+yoOkjQd9iS3PtxoPOIGZRegJ+3xz/Wxm5QUDvZhZQFDxjBwct//iy2H6ouLFOFw
D7orhEjIUkuh5XR30IEWb9/xAN4FKAi4GhBb3aUKeOkiRPybfMe7RqvPjKnr2eMI
Mt09/Gph19Ka0CAPF7rR4CHPBvRUU4AKrcCwU5xtF4Q9TktRCB/VFppt1rhQHZej
P46erCOym4ynrIWI11ENpZWusKrYRNWb0xCRbr87W24J15p4eEvYd61bH2kImM7f
adDqUy05xz2/AdV6v8P8B1AJBYky7iFbuEt5UAJ8CAO9ng7gVh0kewabDYxC0LuS
HUMtC6fUNRJKsg==
-----END CERTIFICATE-----