Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
File:                     DcHMqlhPs5FOeS_VOQ47otMDM4w.mft (raw, json)
Hash identifier:          rlP17i9w7gSnCJzDKHBKBVqM+cQwdqi2vIDbfNgBEsQ=
Subject key identifier:   40:80:58:AF:47:D7:92:05:DE:D9:BE:B5:AB:8B:D1:07:7B:20:20:B8
Authority key identifier: 0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C
Certificate issuer:       /CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
Certificate serial:       019EBFC91280D87638507FFADB0A09EECB32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
Manifest number:          131F
Signing time:             Sat 13 Jun 2026 07:01:26 +0000
Manifest this update:     Sat 13 Jun 2026 07:01:26 +0000
Manifest next update:     Sun 14 Jun 2026 07:01:26 +0000
Files and hashes:         1: DcHMqlhPs5FOeS_VOQ47otMDM4w.crl (hash: DWgnKWDpAVvmZfvDRD8wOvjN0YJlqOPTA0oMGlT2xZs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:bf:c9:12:80:d8:76:38:50:7f:fa:db:0a:09:ee:cb:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dc1ccaa584fb3914e792fd5390e3ba2d303338c
        Validity
            Not Before: Jun 13 07:01:26 2026 GMT
            Not After : Jun 14 07:01:26 2026 GMT
        Subject: CN=408058af47d79205ded9beb5ab8bd1077b2020b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:93:4d:0b:57:66:39:90:b0:2a:15:22:b5:d1:
                    5c:ef:cb:0b:1e:bb:93:f3:af:2c:87:85:79:5a:39:
                    9b:9d:c6:27:31:a7:94:b4:17:d8:38:fe:6f:fc:7f:
                    cd:17:e7:55:ca:d5:fc:73:8a:d4:df:fc:58:0d:38:
                    ef:03:ec:be:0a:e7:0c:fe:3b:ca:1a:4a:4e:ff:75:
                    94:14:9c:c4:15:ef:a1:11:31:d4:ec:49:8d:e5:d9:
                    23:cd:c4:61:ba:bc:29:23:83:9a:8a:da:29:b9:37:
                    08:03:34:ca:87:07:3e:7d:b9:94:a0:04:6b:db:97:
                    2b:2d:3c:12:9a:23:5c:34:c9:1a:9f:d1:d5:35:ab:
                    3d:48:ae:32:49:b2:2d:ff:cd:53:ad:f8:2b:5d:28:
                    28:98:d5:df:53:a7:28:58:a5:52:69:60:78:38:1f:
                    94:64:64:08:0d:c6:c4:36:0a:d4:1c:85:fa:b5:96:
                    6d:50:48:fc:dc:6e:0b:00:26:e0:9f:88:e0:70:4f:
                    35:7f:06:a0:f0:e0:53:ac:47:3a:af:4d:70:76:90:
                    23:36:08:6d:f7:b7:5f:ae:fa:3e:e6:c9:5b:fb:83:
                    f5:0b:43:a9:8f:a0:f7:f3:e1:29:7f:c2:95:50:ae:
                    53:6b:88:f7:eb:b4:ef:09:c0:02:29:73:ee:9d:d9:
                    10:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:80:58:AF:47:D7:92:05:DE:D9:BE:B5:AB:8B:D1:07:7B:20:20:B8
            X509v3 Authority Key Identifier:
                keyid:0D:C1:CC:AA:58:4F:B3:91:4E:79:2F:D5:39:0E:3B:A2:D3:03:33:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DcHMqlhPs5FOeS_VOQ47otMDM4w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/23da1c-435c-4c83-a295-bf85cd25427e/1/DcHMqlhPs5FOeS_VOQ47otMDM4w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:cc:a1:59:f6:8e:40:69:4c:00:c8:16:0c:f5:c8:1d:bb:f4:
         0e:f2:6f:30:a9:7b:63:3d:36:0a:25:ea:c3:88:d9:09:c6:fa:
         f7:ee:bb:fa:6e:8f:a5:93:16:4c:18:62:ec:cc:36:83:8a:09:
         96:ed:21:99:b9:0c:e0:7e:9c:34:1a:0f:4e:fa:b8:85:9e:72:
         11:18:d4:40:15:3a:1b:b4:69:57:4e:85:4d:aa:cd:65:1f:b8:
         2c:85:00:ba:0b:67:e1:60:7a:9f:89:70:a3:0d:cd:ab:c5:b7:
         f1:de:13:92:4c:43:41:07:b0:df:9b:18:2b:d8:0f:ad:ca:c4:
         1f:b7:44:33:65:ff:42:ee:0f:ac:82:70:38:86:c2:9d:3d:dd:
         ca:55:f9:78:e9:36:7f:e6:c0:12:31:8a:bd:db:c8:08:bf:ac:
         f3:02:7a:c8:cd:36:aa:84:4d:0e:c4:e6:0d:d5:d6:86:73:5a:
         bf:63:9a:0d:a1:8e:f3:2a:de:f2:0c:d4:a1:3a:32:31:90:5a:
         c3:e0:dc:b9:c5:9a:8a:b4:0f:ce:15:51:b9:87:3f:41:2a:8f:
         b8:f2:08:fd:e8:c8:21:98:19:9e:e2:51:55:17:86:d5:37:40:
         65:dd:0e:b4:25:90:12:7d:36:d8:d7:d7:bb:1f:53:c5:08:32:
         c7:7f:5a:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6/yRKA2HY4UH/62woJ7ssyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYzFjY2FhNTg0ZmIzOTE0ZTc5MmZkNTM5MGUzYmEyZDMw
MzMzOGMwHhcNMjYwNjEzMDcwMTI2WhcNMjYwNjE0MDcwMTI2WjAzMTEwLwYDVQQD
Eyg0MDgwNThhZjQ3ZDc5MjA1ZGVkOWJlYjVhYjhiZDEwNzdiMjAyMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJNNC1dmOZCwKhUitdFc78sLHruT
868sh4V5WjmbncYnMaeUtBfYOP5v/H/NF+dVytX8c4rU3/xYDTjvA+y+CucM/jvK
GkpO/3WUFJzEFe+hETHU7EmN5dkjzcRhurwpI4OaitopuTcIAzTKhwc+fbmUoARr
25crLTwSmiNcNMkan9HVNas9SK4ySbIt/81TrfgrXSgomNXfU6coWKVSaWB4OB+U
ZGQIDcbENgrUHIX6tZZtUEj83G4LACbgn4jgcE81fwag8OBTrEc6r01wdpAjNght
97dfrvo+5slb+4P1C0Opj6D38+Epf8KVUK5Ta4j367TvCcACKXPundkQiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECAWK9H15IF3tm+tauL0Qd7ICC4MB8GA1UdIwQY
MBaAFA3BzKpYT7ORTnkv1TkOO6LTAzOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUt
YmY4NWNkMjU0MjdlLzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yM2RhMWMtNDM1Yy00YzgzLWEyOTUtYmY4NWNkMjU0Mjdl
LzEvRGNITXFsaFBzNUZPZVNfVk9RNDdvdE1ETTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMyhWfaO
QGlMAMgWDPXIHbv0DvJvMKl7Yz02CiXqw4jZCcb69+67+m6PpZMWTBhi7Mw2g4oJ
lu0hmbkM4H6cNBoPTvq4hZ5yERjUQBU6G7RpV06FTarNZR+4LIUAugtn4WB6n4lw
ow3Nq8W38d4TkkxDQQew35sYK9gPrcrEH7dEM2X/Qu4PrIJwOIbCnT3dylX5eOk2
f+bAEjGKvdvICL+s8wJ6yM02qoRNDsTmDdXWhnNav2OaDaGO8yre8gzUoToyMZBa
w+DcucWairQPzhVRuYc/QSqPuPII/ejIIZgZnuJRVReG1TdAZd0OtCWQEn022NfX
ux9TxQgyx39aWQ==
-----END CERTIFICATE-----