Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          E5wTACip79i0KBMBBakChlcgxOC5XTAIU0cR85bJoJc=
Subject key identifier:   31:B0:EF:CE:98:D4:97:12:4A:B9:2D:E4:1D:BF:C8:AD:0B:20:E8:DD
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       019CAD5A3A3F83A811663393D668454374AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          157F
Signing time:             Mon 02 Mar 2026 07:01:37 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:37 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:37 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: a80wk5/qFGKW7gN1bx2MDLE0ieGm0dwmWBBvYiU+iTQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:3a:3f:83:a8:11:66:33:93:d6:68:45:43:74:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: Mar  2 07:01:37 2026 GMT
            Not After : Mar  3 07:01:37 2026 GMT
        Subject: CN=31b0efce98d497124ab92de41dbfc8ad0b20e8dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ee:d9:f0:54:da:b7:5a:d9:f5:39:ef:16:c3:
                    43:c3:0b:61:3f:e9:6e:44:58:52:69:21:99:a6:78:
                    e5:f7:6e:42:65:42:e1:99:1c:4e:5e:6b:76:60:98:
                    04:2e:fa:8d:f9:e4:1c:aa:d2:a0:b1:c2:a4:16:96:
                    81:03:40:07:0e:9e:61:e0:fa:c4:55:e1:12:df:92:
                    23:14:1c:87:fc:72:7d:f8:a7:6f:d4:77:22:98:28:
                    2f:d1:f8:3d:b3:4c:25:24:7b:5f:e6:92:6a:24:c7:
                    d4:24:7e:67:9e:c7:8f:07:60:93:84:c8:fa:42:c0:
                    11:ae:09:bc:c6:d2:01:fa:55:d6:0e:6f:95:2b:7a:
                    5c:5a:03:1d:6e:99:1d:1a:83:9a:4a:f2:d8:3b:8f:
                    53:0d:7f:12:98:1b:ed:79:95:b5:8f:34:ba:ef:7a:
                    c3:30:b3:f6:54:7e:41:77:f6:8a:8f:67:21:d8:0c:
                    ef:63:09:9a:4d:45:9e:c0:74:1f:57:68:35:c3:83:
                    e6:18:0b:3b:9c:75:3c:c0:1a:ac:16:3c:76:9c:c2:
                    da:47:b2:72:ed:57:8f:0d:83:fe:db:cf:7d:3d:b8:
                    7a:ce:88:52:23:d4:e2:25:39:36:ed:0a:5e:f6:ff:
                    10:0d:4d:fb:f1:77:12:d7:23:f0:78:2d:66:f1:a8:
                    68:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B0:EF:CE:98:D4:97:12:4A:B9:2D:E4:1D:BF:C8:AD:0B:20:E8:DD
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:b4:2d:17:49:bf:60:fb:ab:6e:e5:1e:2e:95:9e:4b:b1:8f:
         56:f6:dc:73:b0:ef:cd:a2:fc:36:8d:aa:c2:28:0f:ef:e5:31:
         bb:00:aa:8b:a3:aa:63:54:f4:08:4b:46:8c:af:1e:a8:0d:17:
         df:3d:08:9c:89:14:bb:cb:25:44:bf:98:b9:a3:4d:ce:bd:f2:
         a9:6a:df:b0:b4:07:73:72:58:fa:3d:7d:fa:90:aa:ad:dd:51:
         81:d4:85:5b:ee:2b:29:77:f3:fc:dc:89:d3:8f:d1:b2:0e:65:
         c1:19:e4:2b:95:83:85:dd:e6:40:20:97:03:5a:05:30:fb:9e:
         eb:18:f1:de:ee:0f:09:60:ba:d5:4b:ce:b9:aa:b7:10:27:92:
         af:50:86:7f:d6:b6:a9:83:84:49:89:ae:1e:40:3e:6b:bc:5e:
         41:a6:50:06:f7:5e:d7:ad:db:59:38:36:f8:7c:2f:49:5e:1f:
         50:bc:c4:f3:ab:5c:3a:15:41:70:fe:7e:8a:eb:e9:df:e7:a2:
         93:5c:ef:df:74:d3:f2:1a:ea:42:05:18:82:30:92:f4:a7:20:
         43:75:e5:63:16:01:03:e6:d6:0d:90:a2:41:bb:07:40:aa:9d:
         50:18:30:de:55:bd:51:c7:4c:81:6b:e1:51:1d:5f:8b:6c:b3:
         62:0d:6f:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWjo/g6gRZjOT1mhFQ3SsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjYwMzAyMDcwMTM3WhcNMjYwMzAzMDcwMTM3WjAzMTEwLwYDVQQD
EygzMWIwZWZjZTk4ZDQ5NzEyNGFiOTJkZTQxZGJmYzhhZDBiMjBlOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO7Z8FTat1rZ9TnvFsNDwwthP+lu
RFhSaSGZpnjl925CZULhmRxOXmt2YJgELvqN+eQcqtKgscKkFpaBA0AHDp5h4PrE
VeES35IjFByH/HJ9+Kdv1HcimCgv0fg9s0wlJHtf5pJqJMfUJH5nnsePB2CThMj6
QsARrgm8xtIB+lXWDm+VK3pcWgMdbpkdGoOaSvLYO49TDX8SmBvteZW1jzS673rD
MLP2VH5Bd/aKj2ch2AzvYwmaTUWewHQfV2g1w4PmGAs7nHU8wBqsFjx2nMLaR7Jy
7VePDYP+2899Pbh6zohSI9TiJTk27Qpe9v8QDU378XcS1yPweC1m8ahoYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGw786Y1JcSSrkt5B2/yK0LIOjdMB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADLQtF0m/
YPurbuUeLpWeS7GPVvbcc7DvzaL8No2qwigP7+UxuwCqi6OqY1T0CEtGjK8eqA0X
3z0InIkUu8slRL+YuaNNzr3yqWrfsLQHc3JY+j19+pCqrd1RgdSFW+4rKXfz/NyJ
04/Rsg5lwRnkK5WDhd3mQCCXA1oFMPue6xjx3u4PCWC61UvOuaq3ECeSr1CGf9a2
qYOESYmuHkA+a7xeQaZQBvde163bWTg2+HwvSV4fULzE86tcOhVBcP5+iuvp3+ei
k1zv33TT8hrqQgUYgjCS9KcgQ3XlYxYBA+bWDZCiQbsHQKqdUBgw3lW9UcdMgWvh
UR1fi2yzYg1vzA==
-----END CERTIFICATE-----