Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft
File:                     0DjDOLEo-Drewvadk8MsU1PKA5g.mft (raw, json)
Hash identifier:          Zzvs6VJMv9Asecl/aUN+xv0ghO+tmOoOO503bAOY+jE=
Subject key identifier:   EB:EC:C4:D9:9F:00:FD:CF:DC:B9:6A:48:FF:BB:76:61:7B:68:6F:D1
Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98
Certificate issuer:       /CN=d038c338b128f83adec2f69d93c32c5353ca0398
Certificate serial:       019CAD59A7D85D68C463185C478AE03CAB39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft
Manifest number:          14E5
Signing time:             Mon 02 Mar 2026 07:00:59 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:59 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:59 +0000
Files and hashes:         1: 0DjDOLEo-Drewvadk8MsU1PKA5g.crl (hash: uhwPhYe/5E8Iobr1AhxMXNeER8wc/ZOBZ387ldtKKvA=)
                          2: iYtloRWl9kFypd8JJUfmPgfj4cA.roa (hash: S73CmXUZ6HVY4mwA83JVTETkq549rHQpfRMzqNjQiJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:a7:d8:5d:68:c4:63:18:5c:47:8a:e0:3c:ab:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398
        Validity
            Not Before: Mar  2 07:00:59 2026 GMT
            Not After : Mar  3 07:00:59 2026 GMT
        Subject: CN=ebecc4d99f00fdcfdcb96a48ffbb76617b686fd1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:45:83:55:04:8e:ff:b9:0c:bd:e3:f0:b0:f8:
                    d0:05:be:21:fc:45:80:56:1b:03:14:ac:1a:d0:0b:
                    94:a6:19:98:21:48:84:8d:0a:b7:ae:b5:3a:2c:d7:
                    f6:79:f7:b2:96:ad:a9:f3:b2:3b:2c:2a:9e:09:57:
                    b3:4f:fb:4c:e3:d7:bb:c7:93:71:9b:f0:e8:01:1e:
                    22:44:6f:54:81:b5:a0:95:b8:f9:ff:9a:a1:42:27:
                    3e:70:1e:4f:fe:2e:c5:18:bd:b4:26:70:12:2d:f0:
                    9c:4d:9b:72:bd:60:75:91:53:68:60:5c:c5:bd:99:
                    bd:bd:48:cd:9e:79:44:3c:eb:cc:3f:17:f1:a0:66:
                    b3:ba:3b:41:7d:92:fe:92:69:77:4c:4e:2a:a5:0c:
                    4f:b4:64:35:4a:88:b4:a5:77:e8:63:56:b6:fb:16:
                    0b:28:b6:f2:66:14:f9:91:32:5b:b3:e7:1c:87:8b:
                    14:6d:a2:a9:a8:74:fc:1d:ae:18:04:bf:96:0d:b9:
                    e4:1c:57:80:6d:a5:0e:46:c1:b6:2a:b2:89:74:0b:
                    fd:0b:d4:af:c9:39:23:8c:91:0e:87:7e:00:3d:f5:
                    89:a9:95:b2:c8:8b:7c:1e:13:a6:5f:6c:6b:9d:c5:
                    a6:81:bc:0c:65:91:af:4a:56:ea:05:7c:7a:8b:bd:
                    c1:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:EC:C4:D9:9F:00:FD:CF:DC:B9:6A:48:FF:BB:76:61:7B:68:6F:D1
            X509v3 Authority Key Identifier:
                keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:e9:06:62:8e:67:dc:da:53:d4:ef:30:c7:e2:ac:06:8a:72:
         45:0d:9f:d4:1e:e4:91:3e:bc:f6:a3:c5:82:90:ed:e5:da:53:
         5a:ba:45:b7:b8:2a:4d:22:19:0e:42:5e:0c:64:f8:70:4a:65:
         df:c0:5a:49:db:ba:64:06:d6:84:d8:bb:67:6c:48:57:e4:61:
         2e:2f:02:72:e9:a5:72:f5:75:b3:0a:91:c6:6d:05:43:41:b2:
         cd:ce:70:85:cb:ff:11:b6:30:d3:93:3d:03:3d:cf:8b:03:70:
         83:33:f5:fc:7d:c3:45:e4:10:2d:94:bf:60:de:34:ae:3d:1d:
         d0:7f:81:79:54:d7:35:69:76:fb:e2:2f:e3:bd:84:69:32:61:
         4f:0d:31:a6:a1:3d:d5:04:29:18:9c:df:2d:73:95:00:f2:56:
         da:d0:05:16:3a:dc:cc:77:c3:a7:70:09:78:56:07:47:d2:8f:
         14:7b:fd:ee:85:4b:cf:6b:6c:d3:3f:f0:56:e2:c5:9e:a6:55:
         0c:fd:2f:ef:d9:01:0d:3b:3f:93:e0:80:2c:4c:a3:68:8f:46:
         3d:92:a1:41:8c:5a:d4:4d:2a:fd:96:57:cf:43:42:dc:cf:be:
         70:d5:33:13:66:31:42:13:d6:a6:3c:9f:56:08:2a:a7:33:e8:
         bb:4d:7f:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWafYXWjEYxhcR4rgPKs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzhjMzM4YjEyOGY4M2FkZWMyZjY5ZDkzYzMyYzUzNTNj
YTAzOTgwHhcNMjYwMzAyMDcwMDU5WhcNMjYwMzAzMDcwMDU5WjAzMTEwLwYDVQQD
EyhlYmVjYzRkOTlmMDBmZGNmZGNiOTZhNDhmZmJiNzY2MTdiNjg2ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukWDVQSO/7kMvePwsPjQBb4h/EWA
VhsDFKwa0AuUphmYIUiEjQq3rrU6LNf2efeylq2p87I7LCqeCVezT/tM49e7x5Nx
m/DoAR4iRG9UgbWglbj5/5qhQic+cB5P/i7FGL20JnASLfCcTZtyvWB1kVNoYFzF
vZm9vUjNnnlEPOvMPxfxoGazujtBfZL+kml3TE4qpQxPtGQ1Soi0pXfoY1a2+xYL
KLbyZhT5kTJbs+cch4sUbaKpqHT8Ha4YBL+WDbnkHFeAbaUORsG2KrKJdAv9C9Sv
yTkjjJEOh34APfWJqZWyyIt8HhOmX2xrncWmgbwMZZGvSlbqBXx6i73BswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvsxNmfAP3P3LlqSP+7dmF7aG/RMB8GA1UdIwQY
MBaAFNA4wzixKPg63sL2nZPDLFNTygOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDkt
OWJmOGIxZWYyZTk2LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDktOWJmOGIxZWYyZTk2
LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsekGYo5n
3NpT1O8wx+KsBopyRQ2f1B7kkT689qPFgpDt5dpTWrpFt7gqTSIZDkJeDGT4cEpl
38BaSdu6ZAbWhNi7Z2xIV+RhLi8CcumlcvV1swqRxm0FQ0Gyzc5whcv/EbYw05M9
Az3PiwNwgzP1/H3DReQQLZS/YN40rj0d0H+BeVTXNWl2++Iv472EaTJhTw0xpqE9
1QQpGJzfLXOVAPJW2tAFFjrczHfDp3AJeFYHR9KPFHv97oVLz2ts0z/wVuLFnqZV
DP0v79kBDTs/k+CALEyjaI9GPZKhQYxa1E0q/ZZXz0NC3M++cNUzE2YxQhPWpjyf
VggqpzPou01/1w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:41:51 2026 by rpki-client