Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
File:                     Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft (raw, json)
Hash identifier:          PMU7YMSp7H44uqmZ16Y0bn9j99uwGSLW1M7N9Wo2Bzk=
Subject key identifier:   28:5C:08:D8:7F:C8:D9:C1:C2:DF:C4:BC:37:93:83:7B:0F:B6:E3:6B
Authority key identifier: 0E:8C:E0:A6:AB:B8:EE:50:D4:4B:3B:AE:42:D4:A2:54:9F:FB:82:40
Certificate issuer:       /CN=0e8ce0a6abb8ee50d44b3bae42d4a2549ffb8240
Certificate serial:       019CAB6B796DF11FA4129BBF81B10BE00FFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
Manifest number:          1683
Signing time:             Sun 01 Mar 2026 22:01:13 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:13 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:13 +0000
Files and hashes:         1: Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl (hash: EAfcLqpV62O5BNPad4q2YGRqwbZD0cVyU6q7WTRwkvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:79:6d:f1:1f:a4:12:9b:bf:81:b1:0b:e0:0f:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e8ce0a6abb8ee50d44b3bae42d4a2549ffb8240
        Validity
            Not Before: Mar  1 22:01:13 2026 GMT
            Not After : Mar  2 22:01:13 2026 GMT
        Subject: CN=285c08d87fc8d9c1c2dfc4bc3793837b0fb6e36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:3a:a9:0e:5f:b4:cb:50:47:44:26:8a:1a:2a:
                    91:f3:19:b1:2a:b6:b0:41:04:e1:ff:2c:3e:28:6b:
                    6c:91:55:e6:9e:2d:c5:1d:f4:5b:d1:71:2b:84:83:
                    56:0c:1c:d9:27:6b:1e:c5:70:66:b4:1d:c3:15:0e:
                    0c:95:ef:6c:14:5d:07:9d:d3:84:88:cd:70:72:ec:
                    3b:3b:7d:71:7d:3c:a0:0c:80:65:0a:81:ea:9a:b9:
                    0a:99:66:43:02:1d:fe:95:0c:e6:bf:b3:94:d4:ee:
                    89:88:3a:72:ca:11:99:33:05:1d:b9:01:54:2e:bb:
                    20:40:e0:ca:88:a7:07:33:ca:57:b7:ba:c3:a9:9a:
                    12:52:cf:15:85:90:1a:f4:20:c2:11:8c:98:83:e2:
                    ee:7f:67:14:9a:a1:a1:d2:d9:b7:8a:9e:ca:16:62:
                    33:6c:e5:2b:d2:91:ee:cb:bf:2f:25:9c:73:af:5d:
                    69:c7:b9:3c:08:c7:4f:41:45:b2:8f:1e:90:65:e2:
                    56:c4:37:08:1a:bb:fb:cd:aa:d3:6b:0a:54:3a:60:
                    08:41:e6:29:50:3a:63:32:5e:4a:cf:a2:e9:32:d9:
                    0d:9e:40:ce:f5:e4:74:70:16:f0:aa:e4:18:c0:55:
                    6b:53:47:93:a8:bf:ca:3d:8d:88:28:99:c7:7d:ad:
                    1f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:5C:08:D8:7F:C8:D9:C1:C2:DF:C4:BC:37:93:83:7B:0F:B6:E3:6B
            X509v3 Authority Key Identifier:
                keyid:0E:8C:E0:A6:AB:B8:EE:50:D4:4B:3B:AE:42:D4:A2:54:9F:FB:82:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:e1:a8:04:29:07:c0:52:5b:1a:28:99:5c:60:95:42:a7:2b:
         77:c4:fb:57:f8:8f:e0:71:71:23:d2:df:99:f0:a4:16:e4:14:
         fb:1c:aa:84:b4:16:7f:9e:1f:fc:32:2f:b7:d9:70:09:ff:7b:
         a9:51:d8:b5:82:61:8c:84:94:91:06:72:96:48:bf:80:1b:3b:
         92:8a:a2:ed:80:74:4d:e2:8c:4c:da:3b:43:24:23:34:83:bb:
         c2:56:2f:6b:64:cf:40:6d:c8:74:b8:77:0d:18:9a:fd:e5:95:
         6a:a7:61:eb:5e:22:be:15:48:85:55:77:a3:1f:7e:3d:19:28:
         2d:87:cd:11:b4:4e:41:ba:fd:16:ce:19:cc:56:6f:b9:b8:2b:
         c2:29:6d:b7:df:79:31:e1:2d:0e:7e:94:88:a9:ca:bc:c0:28:
         c7:6d:6b:6b:10:52:d4:dc:0c:e0:bc:32:aa:24:69:1b:d9:77:
         0a:21:a5:d2:a8:e7:ba:34:97:d7:d6:7c:2f:63:80:c2:41:c7:
         81:d9:4a:6d:3e:c4:05:ee:d0:4a:f7:15:e5:19:3b:6c:43:43:
         ac:21:b1:43:d8:ec:bc:f1:3a:dc:56:94:d3:1d:7b:17:ae:a1:
         70:5d:6c:08:ad:91:8b:2a:50:a5:f0:34:15:de:87:25:d6:bb:
         bc:ef:e2:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra3lt8R+kEpu/gbEL4A/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOGNlMGE2YWJiOGVlNTBkNDRiM2JhZTQyZDRhMjU0OWZm
YjgyNDAwHhcNMjYwMzAxMjIwMTEzWhcNMjYwMzAyMjIwMTEzWjAzMTEwLwYDVQQD
EygyODVjMDhkODdmYzhkOWMxYzJkZmM0YmMzNzkzODM3YjBmYjZlMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zqpDl+0y1BHRCaKGiqR8xmxKraw
QQTh/yw+KGtskVXmni3FHfRb0XErhINWDBzZJ2sexXBmtB3DFQ4Mle9sFF0HndOE
iM1wcuw7O31xfTygDIBlCoHqmrkKmWZDAh3+lQzmv7OU1O6JiDpyyhGZMwUduQFU
LrsgQODKiKcHM8pXt7rDqZoSUs8VhZAa9CDCEYyYg+Luf2cUmqGh0tm3ip7KFmIz
bOUr0pHuy78vJZxzr11px7k8CMdPQUWyjx6QZeJWxDcIGrv7zarTawpUOmAIQeYp
UDpjMl5Kz6LpMtkNnkDO9eR0cBbwquQYwFVrU0eTqL/KPY2IKJnHfa0fCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFChcCNh/yNnBwt/EvDeTg3sPtuNrMB8GA1UdIwQY
MBaAFA6M4KaruO5Q1Es7rkLUolSf+4JAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85ZjIwNzctZGY0Zi00OTdlLThlOTAt
YzQ5OTc1NWEyNjg5LzEvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85ZjIwNzctZGY0Zi00OTdlLThlOTAtYzQ5OTc1NWEyNjg5
LzEvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+GoBCkH
wFJbGiiZXGCVQqcrd8T7V/iP4HFxI9LfmfCkFuQU+xyqhLQWf54f/DIvt9lwCf97
qVHYtYJhjISUkQZylki/gBs7koqi7YB0TeKMTNo7QyQjNIO7wlYva2TPQG3IdLh3
DRia/eWVaqdh614ivhVIhVV3ox9+PRkoLYfNEbROQbr9Fs4ZzFZvubgrwiltt995
MeEtDn6UiKnKvMAox21raxBS1NwM4LwyqiRpG9l3CiGl0qjnujSX19Z8L2OAwkHH
gdlKbT7EBe7QSvcV5Rk7bENDrCGxQ9jsvPE63FaU0x17F66hcF1sCK2RiypQpfA0
Fd6HJda7vO/iMw==
-----END CERTIFICATE-----