Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          OW5e87qxEbm/H84ux/gImLqLvCONqXFzn1hJfyCkXME=
Subject key identifier:   24:92:6F:E4:BF:09:3D:52:C1:21:52:E1:9E:F8:BE:66:FD:B3:21:23
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       019CAAC697A1E6D96D2C4479F589C69F5864
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          120B
Signing time:             Sun 01 Mar 2026 19:01:07 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:07 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:07 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: LQkxQvwkq1BadgE3TAObaCyHjfgFamHR7IaZh1h6Mb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:97:a1:e6:d9:6d:2c:44:79:f5:89:c6:9f:58:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Mar  1 19:01:07 2026 GMT
            Not After : Mar  2 19:01:07 2026 GMT
        Subject: CN=24926fe4bf093d52c12152e19ef8be66fdb32123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:7f:13:57:aa:ae:12:9c:a4:19:45:db:1a:3f:
                    54:4c:1d:45:d6:a2:62:07:8e:3f:e2:6f:81:b2:b2:
                    4d:04:35:62:91:01:f8:6c:14:77:e0:68:c2:bc:33:
                    45:6c:9d:ab:0d:29:f0:f3:61:63:bb:9c:fd:7c:1c:
                    dc:6f:ca:5d:80:03:75:9d:22:8b:94:03:95:a2:fd:
                    5a:ee:92:b8:d4:95:bb:ac:4d:4c:82:05:c5:c0:af:
                    42:23:4b:4a:37:57:ce:7b:e4:1d:aa:50:84:8a:77:
                    f5:cc:e7:33:2d:84:88:8f:82:67:3f:cb:c9:63:ff:
                    01:e0:e3:bc:f5:c8:83:95:63:cc:a6:cb:b5:58:56:
                    cd:a9:29:55:3a:9a:24:7f:af:3c:33:87:05:36:98:
                    85:1a:05:19:fb:07:27:ab:f1:49:39:df:98:23:42:
                    dc:e3:df:a2:3a:37:ab:ff:fc:84:f8:62:fc:71:46:
                    94:1c:d3:1a:75:e7:62:d0:1c:f7:49:92:fb:7f:1d:
                    a2:6c:8f:01:74:82:77:26:98:0c:05:c3:78:19:1d:
                    c7:ff:4e:12:ae:05:50:04:33:ff:4e:ad:93:c3:f5:
                    20:77:a2:86:5b:e9:ef:13:e0:a1:82:dc:03:88:6a:
                    ae:94:36:ae:da:51:68:7a:02:b3:ff:04:2d:80:43:
                    12:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:92:6F:E4:BF:09:3D:52:C1:21:52:E1:9E:F8:BE:66:FD:B3:21:23
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:a7:9c:0b:ce:26:59:b0:ea:fe:77:88:79:ab:4b:36:50:8e:
         15:8b:9f:ae:70:16:10:8b:74:fb:47:28:b1:84:7a:09:e1:86:
         4a:88:78:e3:83:20:3c:e2:36:b0:c6:eb:76:6e:19:4e:c5:ba:
         b0:9b:dc:4d:1c:00:95:36:fd:ea:f3:78:c4:47:60:a6:33:29:
         4a:58:47:54:f8:ef:30:0c:d1:06:ad:69:9c:53:e1:32:17:28:
         8c:83:5b:c7:b3:fb:d7:bd:e4:93:12:57:2d:ca:35:a5:2a:1e:
         f0:0c:ef:73:54:df:67:bf:ae:3b:a0:da:bb:95:57:70:19:55:
         9d:78:44:a3:19:a9:11:f6:22:66:b7:37:92:2f:d3:db:3d:b9:
         0f:16:9f:2c:8b:41:64:ff:72:0d:7c:93:76:59:4a:07:79:d6:
         f4:b0:03:29:99:57:ce:8c:16:b1:0b:4b:fa:90:17:4f:ee:64:
         aa:13:8c:46:d0:2f:45:2a:f0:78:10:7f:b5:17:ca:9d:8f:bf:
         77:17:2f:6a:21:64:93:3d:06:88:9a:d6:87:58:9a:70:79:13:
         62:22:4c:b5:64:2e:a6:19:ce:3d:85:70:74:61:d5:30:26:54:
         b3:d7:83:8c:14:bf:24:26:f6:3b:eb:3a:b3:e8:5d:d3:7e:3f:
         0c:75:85:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxpeh5tltLER59YnGn1hkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjYwMzAxMTkwMTA3WhcNMjYwMzAyMTkwMTA3WjAzMTEwLwYDVQQD
EygyNDkyNmZlNGJmMDkzZDUyYzEyMTUyZTE5ZWY4YmU2NmZkYjMyMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5H8TV6quEpykGUXbGj9UTB1F1qJi
B44/4m+BsrJNBDVikQH4bBR34GjCvDNFbJ2rDSnw82Fju5z9fBzcb8pdgAN1nSKL
lAOVov1a7pK41JW7rE1MggXFwK9CI0tKN1fOe+QdqlCEinf1zOczLYSIj4JnP8vJ
Y/8B4OO89ciDlWPMpsu1WFbNqSlVOpokf688M4cFNpiFGgUZ+wcnq/FJOd+YI0Lc
49+iOjer//yE+GL8cUaUHNMadedi0Bz3SZL7fx2ibI8BdIJ3JpgMBcN4GR3H/04S
rgVQBDP/Tq2Tw/Ugd6KGW+nvE+ChgtwDiGqulDau2lFoegKz/wQtgEMSXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSSb+S/CT1SwSFS4Z74vmb9syEjMB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKecC84m
WbDq/neIeatLNlCOFYufrnAWEIt0+0cosYR6CeGGSoh444MgPOI2sMbrdm4ZTsW6
sJvcTRwAlTb96vN4xEdgpjMpSlhHVPjvMAzRBq1pnFPhMhcojINbx7P7173kkxJX
Lco1pSoe8Azvc1TfZ7+uO6Dau5VXcBlVnXhEoxmpEfYiZrc3ki/T2z25DxafLItB
ZP9yDXyTdllKB3nW9LADKZlXzowWsQtL+pAXT+5kqhOMRtAvRSrweBB/tRfKnY+/
dxcvaiFkkz0GiJrWh1iacHkTYiJMtWQuphnOPYVwdGHVMCZUs9eDjBS/JCb2O+s6
s+hd034/DHWFdA==
-----END CERTIFICATE-----