Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
File:                     dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft (raw, json)
Hash identifier:          iK1JCenL1KT77eqhOxzVO5cfVfojh0oSej2alZ3MA+g=
Subject key identifier:   5D:A6:30:37:78:DA:2D:6D:A9:9E:BA:60:9E:52:49:90:AB:D5:A2:7F
Authority key identifier: 74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94
Certificate issuer:       /CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
Certificate serial:       019CABD9E7EE39B9B59D07BF69A9A8ED4B88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
Manifest number:          101D
Signing time:             Mon 02 Mar 2026 00:01:50 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:50 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:50 +0000
Files and hashes:         1: dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl (hash: fY+heBIfGL4RuCG1dkppfxu8sBu05Y8j/RhalH3j9wY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:e7:ee:39:b9:b5:9d:07:bf:69:a9:a8:ed:4b:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7422f985cb34a03c7c5581642c6d6eb432c83e94
        Validity
            Not Before: Mar  2 00:01:50 2026 GMT
            Not After : Mar  3 00:01:50 2026 GMT
        Subject: CN=5da6303778da2d6da99eba609e524990abd5a27f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a4:19:d2:d7:9a:c9:21:76:2a:88:73:2d:7f:
                    f6:a1:d1:0f:de:ca:61:4a:9e:c7:28:72:dd:ae:30:
                    55:d0:5a:0e:90:6d:d8:0c:a9:43:cb:2a:df:b8:3c:
                    1c:db:5b:63:fd:1c:9b:a8:64:03:23:4d:29:a0:a5:
                    2e:02:5f:2b:b4:7a:97:04:9f:d6:cb:8e:17:ed:d5:
                    78:77:99:b1:a2:40:35:c0:85:b8:62:b2:de:6e:34:
                    c1:3d:4f:d7:4f:44:13:b5:fd:dd:32:5b:65:ae:ea:
                    3c:d2:f9:02:c7:bf:e3:53:56:ed:73:c5:dc:e4:89:
                    07:bf:74:38:89:26:b9:1e:3f:5e:10:4c:13:46:e9:
                    c6:c8:ee:41:da:f7:eb:50:b6:8e:55:d2:f0:d4:2c:
                    63:96:62:bd:d9:2e:1e:f8:26:80:be:3c:63:cd:6d:
                    4f:8c:b8:71:0b:4c:c7:15:05:ad:b5:b3:da:3a:d9:
                    3e:ae:4a:a9:54:24:5c:49:c6:58:5b:84:40:d2:d2:
                    f5:32:d7:9f:1d:c9:8e:2c:10:0f:6f:58:4f:9f:42:
                    76:31:7d:10:97:3a:c4:e1:51:b3:ec:25:6d:4a:fd:
                    91:ae:33:65:77:a4:c7:4e:ca:af:f3:ba:16:8e:41:
                    de:c9:4d:b0:1c:9b:68:0f:89:d5:57:89:d0:e3:64:
                    2a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:A6:30:37:78:DA:2D:6D:A9:9E:BA:60:9E:52:49:90:AB:D5:A2:7F
            X509v3 Authority Key Identifier:
                keyid:74:22:F9:85:CB:34:A0:3C:7C:55:81:64:2C:6D:6E:B4:32:C8:3E:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCL5hcs0oDx8VYFkLG1utDLIPpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c49ec2-37da-41a9-96fb-5141fa39080a/1/dCL5hcs0oDx8VYFkLG1utDLIPpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:5a:29:95:a3:2a:84:27:56:1f:e4:5c:c8:9f:15:44:43:5b:
         2b:15:26:28:6b:f9:5d:b9:16:5a:bc:92:d4:5c:e0:50:02:94:
         e7:e6:be:a5:43:0a:d8:9a:a1:4d:91:99:26:02:cd:17:39:91:
         31:a7:0a:1e:ea:2e:cc:14:81:1b:c3:5d:52:06:56:86:ed:4e:
         13:f7:63:cf:10:8b:c0:78:07:e8:7f:94:32:ec:db:2f:21:98:
         bf:cf:d4:53:9c:95:59:a8:07:3e:6e:24:1f:90:58:9d:a4:31:
         16:b5:e5:7f:98:a7:56:38:2c:13:d8:01:ae:a0:aa:0c:79:af:
         a6:56:67:da:bb:ac:df:7c:d1:3d:c2:e2:a4:58:de:33:6a:ec:
         1b:96:1f:c3:22:8d:7d:ca:e5:6f:b0:74:55:ae:19:97:b1:3f:
         cf:b0:45:52:86:b4:5c:eb:93:33:0d:69:f4:23:c5:e8:12:aa:
         9f:82:e2:1f:7e:f9:f0:24:87:69:5b:8b:f1:53:f8:6d:4b:19:
         ef:fa:85:29:b2:c5:32:76:e6:c1:c4:e1:13:7e:5a:6f:71:41:
         b3:65:33:a7:f5:9e:7d:e4:86:29:af:f4:c7:ac:41:9d:42:e5:
         6b:c8:1c:a8:7a:05:5b:8c:d3:71:6b:e4:1d:27:38:97:88:71:
         53:80:e9:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2efuObm1nQe/aamo7UuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjJmOTg1Y2IzNGEwM2M3YzU1ODE2NDJjNmQ2ZWI0MzJj
ODNlOTQwHhcNMjYwMzAyMDAwMTUwWhcNMjYwMzAzMDAwMTUwWjAzMTEwLwYDVQQD
Eyg1ZGE2MzAzNzc4ZGEyZDZkYTk5ZWJhNjA5ZTUyNDk5MGFiZDVhMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaQZ0teaySF2KohzLX/2odEP3sph
Sp7HKHLdrjBV0FoOkG3YDKlDyyrfuDwc21tj/RybqGQDI00poKUuAl8rtHqXBJ/W
y44X7dV4d5mxokA1wIW4YrLebjTBPU/XT0QTtf3dMltlruo80vkCx7/jU1btc8Xc
5IkHv3Q4iSa5Hj9eEEwTRunGyO5B2vfrULaOVdLw1CxjlmK92S4e+CaAvjxjzW1P
jLhxC0zHFQWttbPaOtk+rkqpVCRcScZYW4RA0tL1MtefHcmOLBAPb1hPn0J2MX0Q
lzrE4VGz7CVtSv2RrjNld6THTsqv87oWjkHeyU2wHJtoD4nVV4nQ42QqxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2mMDd42i1tqZ66YJ5SSZCr1aJ/MB8GA1UdIwQY
MBaAFHQi+YXLNKA8fFWBZCxtbrQyyD6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmIt
NTE0MWZhMzkwODBhLzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9jNDllYzItMzdkYS00MWE5LTk2ZmItNTE0MWZhMzkwODBh
LzEvZENMNWhjczBvRHg4VllGa0xHMXV0RExJUHBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcFoplaMq
hCdWH+RcyJ8VRENbKxUmKGv5XbkWWryS1FzgUAKU5+a+pUMK2JqhTZGZJgLNFzmR
MacKHuouzBSBG8NdUgZWhu1OE/djzxCLwHgH6H+UMuzbLyGYv8/UU5yVWagHPm4k
H5BYnaQxFrXlf5inVjgsE9gBrqCqDHmvplZn2rus33zRPcLipFjeM2rsG5YfwyKN
fcrlb7B0Va4Zl7E/z7BFUoa0XOuTMw1p9CPF6BKqn4LiH3758CSHaVuL8VP4bUsZ
7/qFKbLFMnbmwcThE35ab3FBs2Uzp/WefeSGKa/0x6xBnULla8gcqHoFW4zTcWvk
HSc4l4hxU4Dpag==
-----END CERTIFICATE-----