Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          bmMtyiXxQkzFmHtclTBCjHiphilVVnILolQJnXOxGmQ=
Subject key identifier:   0A:C6:51:0B:92:3F:BE:4D:E4:47:6D:EA:47:3E:BF:F3:92:42:99:78
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       019CABD9D3DE961ECADDE4A24F0EEB17959F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          1667
Signing time:             Mon 02 Mar 2026 00:01:45 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:45 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:45 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: no204OgvPOJgey3xuC2nVI3Plt9UNabmpMNlbveXjgY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:d3:de:96:1e:ca:dd:e4:a2:4f:0e:eb:17:95:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Mar  2 00:01:45 2026 GMT
            Not After : Mar  3 00:01:45 2026 GMT
        Subject: CN=0ac6510b923fbe4de4476dea473ebff392429978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:53:72:18:ad:14:a9:28:d9:03:53:00:63:db:
                    1f:9f:fa:46:82:57:cf:99:dd:eb:8f:07:1f:3d:22:
                    2a:95:52:06:18:e1:70:8c:f8:b0:48:59:5a:a7:73:
                    db:5c:de:b1:fe:85:b3:9e:f0:77:3c:8c:c6:58:07:
                    56:52:a0:54:41:1f:d3:d5:ea:34:c3:80:36:16:25:
                    4a:bc:b7:c1:ca:a9:ac:d6:75:64:7e:c9:69:9c:5e:
                    f4:a5:06:2c:44:3b:f3:88:d7:81:45:5c:d0:7c:83:
                    c8:ba:73:fb:6f:d7:cb:14:b4:77:be:8f:61:a0:e4:
                    e4:c4:64:73:b9:7f:ad:9f:ba:f0:94:60:7b:cb:87:
                    48:31:10:86:d7:56:62:a4:ae:24:9e:3b:ef:7a:44:
                    31:d6:12:0f:bf:a6:21:bd:09:66:49:6f:1e:be:6b:
                    6e:63:55:38:1e:10:0c:a7:28:5e:34:5d:02:b8:35:
                    fb:ba:7e:4c:6b:9c:2a:29:89:95:14:83:85:cc:64:
                    b1:d8:7b:c9:38:af:c7:9d:86:e3:ab:2b:41:5e:d6:
                    39:4a:22:c9:cb:4f:12:be:1f:ab:11:c2:60:c7:fa:
                    b1:dc:1d:ea:0d:ee:d2:1c:8e:96:03:10:e7:cf:ae:
                    be:ec:c7:40:b2:d2:ee:1c:5f:4c:ce:00:f3:b6:9d:
                    e1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:C6:51:0B:92:3F:BE:4D:E4:47:6D:EA:47:3E:BF:F3:92:42:99:78
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:e1:6c:40:c4:42:4b:b3:26:96:e1:1d:fd:dd:ba:7c:f6:e5:
         57:60:c0:7b:ca:61:b5:c3:8c:ef:a4:a1:38:c9:73:4d:de:13:
         c0:53:7f:f3:34:bf:c4:05:a1:e6:9d:93:e6:19:71:12:c1:4b:
         70:9c:ba:2c:e6:aa:cd:40:36:67:67:f7:c4:db:1a:d5:84:50:
         e2:56:64:8d:98:c6:37:49:06:04:cb:4c:9b:98:fa:af:e9:99:
         f7:d7:3e:14:35:52:f6:94:71:6e:2b:61:4b:7b:60:37:56:54:
         32:5c:d2:6c:2e:63:52:d7:9e:76:fd:dc:e5:c0:f3:6f:3a:0c:
         b0:80:67:56:4b:a8:7f:81:8e:40:7b:0d:da:52:8b:3a:af:d6:
         d5:e5:5b:10:17:ec:77:7f:e8:88:9a:da:12:43:e8:1a:a1:eb:
         2f:a8:04:9c:47:fd:24:17:84:c2:9d:db:26:f4:98:5d:e7:c7:
         76:1b:e1:12:73:46:6d:a2:b3:09:80:67:f0:d6:19:5f:87:f5:
         3a:03:a7:c4:01:a6:13:91:ed:46:5a:2d:75:2f:b1:6d:08:0b:
         2e:8f:a2:d2:ef:b6:cb:a8:a2:b1:bf:a2:dc:69:5a:45:bf:8d:
         86:f0:4e:5e:99:2f:80:da:a1:b3:7c:63:9f:dc:4a:82:eb:08:
         f8:c2:e1:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2dPelh7K3eSiTw7rF5WfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjYwMzAyMDAwMTQ1WhcNMjYwMzAzMDAwMTQ1WjAzMTEwLwYDVQQD
EygwYWM2NTEwYjkyM2ZiZTRkZTQ0NzZkZWE0NzNlYmZmMzkyNDI5OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVNyGK0UqSjZA1MAY9sfn/pGglfP
md3rjwcfPSIqlVIGGOFwjPiwSFlap3PbXN6x/oWznvB3PIzGWAdWUqBUQR/T1eo0
w4A2FiVKvLfByqms1nVkfslpnF70pQYsRDvziNeBRVzQfIPIunP7b9fLFLR3vo9h
oOTkxGRzuX+tn7rwlGB7y4dIMRCG11ZipK4knjvvekQx1hIPv6YhvQlmSW8evmtu
Y1U4HhAMpyheNF0CuDX7un5Ma5wqKYmVFIOFzGSx2HvJOK/HnYbjqytBXtY5SiLJ
y08Svh+rEcJgx/qx3B3qDe7SHI6WAxDnz66+7MdAstLuHF9MzgDztp3heQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArGUQuSP75N5Edt6kc+v/OSQpl4MB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj+FsQMRC
S7MmluEd/d26fPblV2DAe8phtcOM76ShOMlzTd4TwFN/8zS/xAWh5p2T5hlxEsFL
cJy6LOaqzUA2Z2f3xNsa1YRQ4lZkjZjGN0kGBMtMm5j6r+mZ99c+FDVS9pRxbith
S3tgN1ZUMlzSbC5jUteedv3c5cDzbzoMsIBnVkuof4GOQHsN2lKLOq/W1eVbEBfs
d3/oiJraEkPoGqHrL6gEnEf9JBeEwp3bJvSYXefHdhvhEnNGbaKzCYBn8NYZX4f1
OgOnxAGmE5HtRlotdS+xbQgLLo+i0u+2y6iisb+i3GlaRb+NhvBOXpkvgNqhs3xj
n9xKgusI+MLhIA==
-----END CERTIFICATE-----