Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          Y/EdpGW3pNlwpxZQkIaFZAjhoy9ADkR9IHpu9G/E8CU=
Subject key identifier:   31:6E:39:77:0D:E9:76:19:91:28:90:2A:EC:A3:7D:EE:83:F8:9C:34
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019D98F527F68FE35EBC858A083625F6AD4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          094D
Signing time:             Fri 17 Apr 2026 01:01:36 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:36 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:36 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: 3e/zb5/lW35jva4JFIWvTUA89flMqzvj423JM3ub4Tk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:27:f6:8f:e3:5e:bc:85:8a:08:36:25:f6:ad:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Apr 17 01:01:36 2026 GMT
            Not After : Apr 18 01:01:36 2026 GMT
        Subject: CN=316e39770de976199128902aeca37dee83f89c34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:32:26:e6:58:bc:30:cc:ca:49:ee:13:26:a4:
                    72:3d:22:7a:01:d5:14:b0:31:be:4a:3b:29:d7:0a:
                    0d:5d:23:a7:eb:e0:3e:82:42:e4:93:4f:6e:d9:3c:
                    28:c5:d3:f0:e1:38:45:6b:3d:c6:e2:42:2b:ec:d2:
                    59:80:bb:19:d3:93:fe:7e:ac:64:2e:42:e0:57:21:
                    0b:e4:6e:4f:1e:77:97:0f:97:52:e7:cb:bc:ab:32:
                    07:13:81:43:b3:d8:f3:72:9c:03:35:16:27:73:2f:
                    c2:ea:9d:4a:e6:c3:d0:7a:05:4f:55:e2:d1:0c:d0:
                    c7:26:bb:fb:be:b1:1a:ac:4a:f7:4b:80:7f:25:3d:
                    20:3b:a5:4a:c9:b5:d1:93:b0:17:d2:65:ad:a8:4b:
                    06:86:4f:81:17:81:24:00:ac:64:63:b2:9b:45:1a:
                    ce:d7:2d:02:14:e5:91:57:b3:23:96:2d:4c:a3:d4:
                    e3:47:ac:06:31:4e:77:51:2e:e7:d3:ed:78:26:cb:
                    57:46:80:58:48:a4:ca:0c:9b:a4:b3:f1:1e:0e:67:
                    87:de:76:fc:40:f2:1c:11:54:74:4a:21:0c:d0:77:
                    86:5f:d8:7b:15:e2:6c:65:fc:71:89:3d:72:47:3c:
                    c8:bb:2b:95:a5:f8:c3:67:99:76:63:3b:66:cf:2b:
                    b2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:6E:39:77:0D:E9:76:19:91:28:90:2A:EC:A3:7D:EE:83:F8:9C:34
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:20:a8:25:b5:ee:dc:20:ab:9a:05:25:d2:0e:24:ae:f7:16:
         52:20:c5:a1:6c:3e:69:3d:c2:0a:a6:9a:44:12:f0:ce:87:31:
         24:6f:ea:a3:9f:0a:1a:34:1f:dc:c1:f0:60:8e:13:32:d2:ae:
         75:84:3e:42:f3:20:d3:d3:52:3a:00:79:81:62:fc:16:44:7d:
         a3:b7:e5:36:fa:d2:f8:1d:fa:dc:23:bb:9d:e0:b4:dd:96:6e:
         56:4a:42:0a:38:8b:73:1b:04:60:4e:28:61:77:a1:90:3e:5b:
         45:0a:a3:1d:a3:74:e3:01:77:68:61:61:62:fe:0e:7e:84:9c:
         ec:a5:fe:a4:78:ea:dd:b7:4a:d1:4a:35:93:b1:52:29:6d:6c:
         0f:d8:e4:87:95:a0:b7:1f:fd:73:fb:22:d2:f1:0a:51:c4:76:
         e3:58:b6:f6:a4:46:1a:ab:e0:d7:a0:fe:06:07:19:c8:78:67:
         53:48:8f:24:50:68:bc:95:0f:db:a0:ca:c3:c7:b3:26:23:31:
         1b:bc:74:31:30:3d:92:0c:09:20:a8:89:c1:98:f8:83:c7:ab:
         41:3d:7f:57:aa:a9:a2:59:40:f9:c5:cb:09:e0:d8:74:d2:2a:
         50:c1:9d:b0:a0:40:c6:c1:45:4d:56:52:49:1f:11:a4:e5:41:
         e7:7f:0b:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9Sf2j+NevIWKCDYl9q1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwNDE3MDEwMTM2WhcNMjYwNDE4MDEwMTM2WjAzMTEwLwYDVQQD
EygzMTZlMzk3NzBkZTk3NjE5OTEyODkwMmFlY2EzN2RlZTgzZjg5YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DIm5li8MMzKSe4TJqRyPSJ6AdUU
sDG+Sjsp1woNXSOn6+A+gkLkk09u2TwoxdPw4ThFaz3G4kIr7NJZgLsZ05P+fqxk
LkLgVyEL5G5PHneXD5dS58u8qzIHE4FDs9jzcpwDNRYncy/C6p1K5sPQegVPVeLR
DNDHJrv7vrEarEr3S4B/JT0gO6VKybXRk7AX0mWtqEsGhk+BF4EkAKxkY7KbRRrO
1y0CFOWRV7Mjli1Mo9TjR6wGMU53US7n0+14JstXRoBYSKTKDJuks/EeDmeH3nb8
QPIcEVR0SiEM0HeGX9h7FeJsZfxxiT1yRzzIuyuVpfjDZ5l2YztmzyuyaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFuOXcN6XYZkSiQKuyjfe6D+Jw0MB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATyCoJbXu
3CCrmgUl0g4krvcWUiDFoWw+aT3CCqaaRBLwzocxJG/qo58KGjQf3MHwYI4TMtKu
dYQ+QvMg09NSOgB5gWL8FkR9o7flNvrS+B363CO7neC03ZZuVkpCCjiLcxsEYE4o
YXehkD5bRQqjHaN04wF3aGFhYv4OfoSc7KX+pHjq3bdK0Uo1k7FSKW1sD9jkh5Wg
tx/9c/si0vEKUcR241i29qRGGqvg16D+BgcZyHhnU0iPJFBovJUP26DKw8ezJiMx
G7x0MTA9kgwJIKiJwZj4g8erQT1/V6qpollA+cXLCeDYdNIqUMGdsKBAxsFFTVZS
SR8RpOVB538L/g==
-----END CERTIFICATE-----