Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
File:                     D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft (raw, json)
Hash identifier:          47zKk0Cq5e+LQmnZVJBxlWrh69A4Zu0VGMg/FJd+fUY=
Subject key identifier:   A1:E8:51:CD:6D:97:79:92:D9:76:A0:4E:E5:E2:8A:EF:E2:FA:15:BD
Authority key identifier: 0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB
Certificate issuer:       /CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
Certificate serial:       019D9AAB88A88FD361D2E6A0EB53BF53D37D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
Manifest number:          0DCD
Signing time:             Fri 17 Apr 2026 09:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 09:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 09:00:26 +0000
Files and hashes:         1: D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl (hash: +UBHkOvV/MBR0wlcqsMM2xZXqBYAcvkr8LGRx6qYjWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ab:88:a8:8f:d3:61:d2:e6:a0:eb:53:bf:53:d3:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f49c49a75cf6e248c9b51c7054db2f8d9dcedcb
        Validity
            Not Before: Apr 17 09:00:26 2026 GMT
            Not After : Apr 18 09:00:26 2026 GMT
        Subject: CN=a1e851cd6d977992d976a04ee5e28aefe2fa15bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c2:aa:8f:ce:c7:be:2f:b5:3f:6c:d7:25:0c:
                    e3:e2:fe:89:03:fe:46:f3:d6:43:36:d7:69:7b:c1:
                    d7:54:ae:1c:6c:a6:c7:db:84:37:f7:ae:9d:24:ba:
                    43:41:0a:c3:75:c3:e8:09:1a:8d:e1:a3:a1:04:e9:
                    24:d0:d6:57:59:89:6f:52:39:a0:4d:18:c5:a6:3e:
                    23:a6:47:5c:a9:98:d1:d9:18:7a:c2:bd:64:ec:fd:
                    52:f9:75:bc:b4:4a:bf:bc:67:30:7d:c5:a0:e8:65:
                    03:d9:bc:03:3a:70:07:f7:54:88:90:ea:e2:e0:67:
                    cc:17:9b:45:38:4f:ab:2c:14:77:47:5e:0d:0a:7d:
                    2f:fd:b7:fb:a3:7c:1c:ed:24:49:cf:24:6a:21:74:
                    f9:ab:be:46:e7:85:94:62:57:82:f7:e4:53:91:14:
                    fb:32:06:c8:5d:e4:4b:52:2d:b3:b9:22:b9:1e:f8:
                    14:ea:5c:60:3f:c1:e4:ff:64:74:54:cc:4f:4b:ea:
                    33:7d:dd:8f:40:07:b1:9e:86:16:55:5d:32:fb:c7:
                    a8:d6:30:04:31:85:e0:ee:cc:f7:28:6e:4f:23:70:
                    d2:42:aa:c7:81:87:ea:b9:ca:50:3d:fe:c0:d4:94:
                    be:02:eb:76:23:c5:01:e1:16:2b:e0:ed:35:85:75:
                    72:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:E8:51:CD:6D:97:79:92:D9:76:A0:4E:E5:E2:8A:EF:E2:FA:15:BD
            X509v3 Authority Key Identifier:
                keyid:0F:49:C4:9A:75:CF:6E:24:8C:9B:51:C7:05:4D:B2:F8:D9:DC:ED:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/cea161-cb5c-4e41-b836-d80077e12b5d/1/D0nEmnXPbiSMm1HHBU2y-Nnc7cs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:41:1d:49:da:fe:b0:9a:f6:d1:ab:7d:c0:aa:f5:be:fc:59:
         8b:8f:14:68:84:1e:5e:e1:99:86:d1:f6:39:b9:b8:b1:59:66:
         fc:68:25:68:1e:80:17:1e:cf:ed:48:82:8d:d3:99:31:c1:03:
         08:d4:88:9a:90:88:5e:44:70:e4:c4:2f:cc:f7:54:0b:14:ed:
         a2:5c:28:a3:8c:cb:71:d5:23:28:ee:e4:23:a2:b7:42:ba:ce:
         c5:82:9f:29:9b:c9:1a:7b:70:39:c0:67:6d:1e:5c:93:99:eb:
         17:cd:fe:45:37:28:ee:a2:60:d7:49:31:27:b6:55:98:77:05:
         18:54:fc:26:2d:62:0d:0b:67:a0:0a:dd:a4:eb:09:2b:d7:44:
         8f:7e:93:06:ce:0c:d0:62:44:0f:b9:f8:03:4f:cb:76:01:d2:
         e5:f5:0f:68:50:34:79:51:90:65:51:bc:0c:f1:59:eb:40:00:
         97:c2:cb:23:56:80:f3:29:39:24:c1:f5:54:e4:af:1c:d6:d6:
         71:02:a3:c7:b9:bb:d0:25:11:1e:b1:4f:22:b2:19:3d:0e:8a:
         37:05:f7:42:17:b1:96:1b:44:3e:52:e1:e0:9a:95:1d:1d:c2:
         4b:9b:fa:04:f5:74:f9:f4:68:18:bb:db:58:48:0b:5a:14:e7:
         39:8f:bb:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aq4ioj9Nh0uag61O/U9N9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDljNDlhNzVjZjZlMjQ4YzliNTFjNzA1NGRiMmY4ZDlk
Y2VkY2IwHhcNMjYwNDE3MDkwMDI2WhcNMjYwNDE4MDkwMDI2WjAzMTEwLwYDVQQD
EyhhMWU4NTFjZDZkOTc3OTkyZDk3NmEwNGVlNWUyOGFlZmUyZmExNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusKqj87Hvi+1P2zXJQzj4v6JA/5G
89ZDNtdpe8HXVK4cbKbH24Q3966dJLpDQQrDdcPoCRqN4aOhBOkk0NZXWYlvUjmg
TRjFpj4jpkdcqZjR2Rh6wr1k7P1S+XW8tEq/vGcwfcWg6GUD2bwDOnAH91SIkOri
4GfMF5tFOE+rLBR3R14NCn0v/bf7o3wc7SRJzyRqIXT5q75G54WUYleC9+RTkRT7
MgbIXeRLUi2zuSK5HvgU6lxgP8Hk/2R0VMxPS+ozfd2PQAexnoYWVV0y+8eo1jAE
MYXg7sz3KG5PI3DSQqrHgYfqucpQPf7A1JS+Aut2I8UB4RYr4O01hXVy2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHoUc1tl3mS2XagTuXiiu/i+hW9MB8GA1UdIwQY
MBaAFA9JxJp1z24kjJtRxwVNsvjZ3O3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYt
ZDgwMDc3ZTEyYjVkLzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9jZWExNjEtY2I1Yy00ZTQxLWI4MzYtZDgwMDc3ZTEyYjVk
LzEvRDBuRW1uWFBiaVNNbTFISEJVMnktTm5jN2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEEdSdr+
sJr20at9wKr1vvxZi48UaIQeXuGZhtH2Obm4sVlm/GglaB6AFx7P7UiCjdOZMcED
CNSImpCIXkRw5MQvzPdUCxTtolwoo4zLcdUjKO7kI6K3QrrOxYKfKZvJGntwOcBn
bR5ck5nrF83+RTco7qJg10kxJ7ZVmHcFGFT8Ji1iDQtnoArdpOsJK9dEj36TBs4M
0GJED7n4A0/LdgHS5fUPaFA0eVGQZVG8DPFZ60AAl8LLI1aA8yk5JMH1VOSvHNbW
cQKjx7m70CURHrFPIrIZPQ6KNwX3QhexlhtEPlLh4JqVHR3CS5v6BPV0+fRoGLvb
WEgLWhTnOY+7Hg==
-----END CERTIFICATE-----