Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
File:                     DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft (raw, json)
Hash identifier:          W8A6p4qpM2xl4cVt4AiCQyubpq9LVJZx5i6AgsiMx3c=
Subject key identifier:   24:EA:BE:4B:96:E1:D0:45:51:61:BD:89:46:98:63:B6:05:53:F6:73
Authority key identifier: 0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8
Certificate issuer:       /CN=0ddc509b4db35203ab616f4781f85dd5860443d8
Certificate serial:       019D9AE31A126E16E6B1897C1C6EBC282B37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
Manifest number:          15FA
Signing time:             Fri 17 Apr 2026 10:01:07 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:07 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:07 +0000
Files and hashes:         1: DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl (hash: fO/XxhcW0qM2jGSPw9rDb+0+pamXzvIqEX/nHB+Orm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 10:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:1a:12:6e:16:e6:b1:89:7c:1c:6e:bc:28:2b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ddc509b4db35203ab616f4781f85dd5860443d8
        Validity
            Not Before: Apr 17 10:01:07 2026 GMT
            Not After : Apr 18 10:01:07 2026 GMT
        Subject: CN=24eabe4b96e1d0455161bd89469863b60553f673
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9b:63:b8:c1:6c:ec:2c:41:0a:ef:56:6a:6f:
                    f6:1c:31:32:65:29:dc:37:2d:40:ab:27:bd:9d:be:
                    a3:bf:da:20:d0:e8:f9:38:2a:4b:bc:a9:d5:dd:d1:
                    21:1e:95:cd:92:8e:82:3a:87:9f:96:d4:52:5b:cc:
                    52:37:3e:b2:e5:c4:24:e2:ad:58:e5:28:6e:2c:db:
                    a9:47:0f:e4:63:4b:82:78:63:b7:7e:4c:51:a7:2b:
                    ab:b3:16:32:4b:4d:aa:71:f3:c4:dd:57:96:4b:16:
                    23:fd:19:77:bd:de:76:5c:5c:5a:cf:52:b0:2f:a4:
                    02:a4:61:4f:24:dd:f7:70:13:d0:80:37:69:39:7a:
                    5c:94:6d:1b:28:10:df:a2:90:eb:39:d4:2a:53:b2:
                    58:35:10:2e:85:8c:18:db:39:e9:fd:3e:c9:04:ec:
                    ac:03:37:84:b9:e3:35:e2:33:0b:28:96:7e:eb:6a:
                    c3:a3:a7:c6:43:17:41:1e:c0:f0:6d:7a:22:6e:b4:
                    84:93:11:72:b5:27:82:61:29:0f:9d:ce:9c:c0:fb:
                    e7:67:85:98:18:47:db:1c:5b:7e:77:57:76:ac:54:
                    79:e2:23:ae:13:3a:24:6b:1f:0e:05:13:1d:88:d5:
                    60:19:97:c2:bd:4d:b6:7b:04:c1:4b:87:81:b5:ea:
                    ca:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:EA:BE:4B:96:E1:D0:45:51:61:BD:89:46:98:63:B6:05:53:F6:73
            X509v3 Authority Key Identifier:
                keyid:0D:DC:50:9B:4D:B3:52:03:AB:61:6F:47:81:F8:5D:D5:86:04:43:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/191481-dbb7-4032-9c4f-87e5757b97e3/1/DdxQm02zUgOrYW9Hgfhd1YYEQ9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:d2:a5:d4:e7:dc:70:27:09:a6:c8:eb:24:48:c1:0d:4a:be:
         29:62:95:1b:7b:f7:89:35:79:e6:af:2a:65:e8:63:be:d2:b0:
         13:c2:78:bc:c1:21:e9:6a:d6:f7:6d:11:22:f4:77:af:f3:9f:
         a0:6a:b7:78:fb:c1:51:db:30:ba:6a:24:7e:38:72:07:8e:25:
         f9:26:e1:50:91:7e:b1:15:0d:32:5e:0d:ab:3b:ff:a6:b3:3a:
         ef:27:c1:84:dd:2c:a7:c8:4a:e2:30:ba:ee:7a:8a:bd:f2:a3:
         3c:ac:f2:65:8a:d1:6a:a6:be:76:e6:4b:99:9b:34:e1:f8:62:
         76:6c:84:94:41:7c:08:79:24:70:0b:20:ce:22:d3:39:5b:4f:
         a4:73:3a:8c:e7:50:d3:18:30:ab:ea:05:48:a1:bb:51:4e:b1:
         d7:82:b7:0f:fc:32:8e:a4:08:9c:b3:7a:fb:12:f2:65:31:fa:
         17:d1:65:c5:2f:f8:33:49:74:61:81:5b:1d:cf:e6:17:b9:3f:
         c5:7f:13:8b:18:b4:c8:39:86:57:92:81:10:77:f3:59:ba:fa:
         41:b5:ad:e2:92:2f:3d:32:fe:35:4c:7a:6f:0e:db:1e:92:32:
         96:f7:d8:08:f7:71:b5:b4:3e:c0:55:fc:98:c0:d8:f6:36:e3:
         9e:4c:3c:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4xoSbhbmsYl8HG68KCs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZGM1MDliNGRiMzUyMDNhYjYxNmY0NzgxZjg1ZGQ1ODYw
NDQzZDgwHhcNMjYwNDE3MTAwMTA3WhcNMjYwNDE4MTAwMTA3WjAzMTEwLwYDVQQD
EygyNGVhYmU0Yjk2ZTFkMDQ1NTE2MWJkODk0Njk4NjNiNjA1NTNmNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvptjuMFs7CxBCu9Wam/2HDEyZSnc
Ny1Aqye9nb6jv9og0Oj5OCpLvKnV3dEhHpXNko6COoefltRSW8xSNz6y5cQk4q1Y
5ShuLNupRw/kY0uCeGO3fkxRpyursxYyS02qcfPE3VeWSxYj/Rl3vd52XFxaz1Kw
L6QCpGFPJN33cBPQgDdpOXpclG0bKBDfopDrOdQqU7JYNRAuhYwY2znp/T7JBOys
AzeEueM14jMLKJZ+62rDo6fGQxdBHsDwbXoibrSEkxFytSeCYSkPnc6cwPvnZ4WY
GEfbHFt+d1d2rFR54iOuEzokax8OBRMdiNVgGZfCvU22ewTBS4eBterKjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTqvkuW4dBFUWG9iUaYY7YFU/ZzMB8GA1UdIwQY
MBaAFA3cUJtNs1IDq2FvR4H4XdWGBEPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYt
ODdlNTc1N2I5N2UzLzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xOTE0ODEtZGJiNy00MDMyLTljNGYtODdlNTc1N2I5N2Uz
LzEvRGR4UW0wMnpVZ09yWVc5SGdmaGQxWVlFUTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaNKl1Ofc
cCcJpsjrJEjBDUq+KWKVG3v3iTV55q8qZehjvtKwE8J4vMEh6WrW920RIvR3r/Of
oGq3ePvBUdswumokfjhyB44l+SbhUJF+sRUNMl4Nqzv/prM67yfBhN0sp8hK4jC6
7nqKvfKjPKzyZYrRaqa+duZLmZs04fhidmyElEF8CHkkcAsgziLTOVtPpHM6jOdQ
0xgwq+oFSKG7UU6x14K3D/wyjqQInLN6+xLyZTH6F9FlxS/4M0l0YYFbHc/mF7k/
xX8Tixi0yDmGV5KBEHfzWbr6QbWt4pIvPTL+NUx6bw7bHpIylvfYCPdxtbQ+wFX8
mMDY9jbjnkw8hQ==
-----END CERTIFICATE-----