Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
File:                     Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft (raw, json)
Hash identifier:          Pqy0Kq4QrYf7pMreR3jLY81mdt3xoAZJWPKAlRYOxb8=
Subject key identifier:   25:69:21:57:CB:48:F5:EC:34:97:56:AB:2E:C9:9D:55:B8:79:8A:E9
Authority key identifier: 0E:8C:E0:A6:AB:B8:EE:50:D4:4B:3B:AE:42:D4:A2:54:9F:FB:82:40
Certificate issuer:       /CN=0e8ce0a6abb8ee50d44b3bae42d4a2549ffb8240
Certificate serial:       019D9AE275DB64BA148191626A0944A3B2D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
Manifest number:          16FF
Signing time:             Fri 17 Apr 2026 10:00:25 +0000
Manifest this update:     Fri 17 Apr 2026 10:00:25 +0000
Manifest next update:     Sat 18 Apr 2026 10:00:25 +0000
Files and hashes:         1: Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl (hash: BVlF+BL4WdEws+qN2oKaPI74sLTzcvolVO3droAoHLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e2:75:db:64:ba:14:81:91:62:6a:09:44:a3:b2:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e8ce0a6abb8ee50d44b3bae42d4a2549ffb8240
        Validity
            Not Before: Apr 17 10:00:25 2026 GMT
            Not After : Apr 18 10:00:25 2026 GMT
        Subject: CN=25692157cb48f5ec349756ab2ec99d55b8798ae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ac:84:34:dc:c5:01:83:02:0f:9f:dc:14:eb:
                    ca:00:98:3d:79:cf:6f:e2:e5:69:11:d3:7c:7b:90:
                    e4:55:56:a5:d2:af:3d:9f:f4:aa:1c:9d:bf:0b:50:
                    5a:79:db:45:d9:23:9d:a5:63:75:b2:1e:b4:e2:af:
                    d3:c5:d5:fc:40:c6:8c:ba:60:e9:a7:2d:db:00:1a:
                    4f:fc:a4:49:c2:e9:5a:85:56:93:d3:ff:2a:71:f0:
                    a8:de:83:b0:8b:76:3c:38:cb:53:f1:a8:d4:de:97:
                    03:09:d6:a2:d1:f7:7d:95:d3:a3:9d:90:22:07:ec:
                    3b:58:d2:70:72:fe:5a:0f:76:42:0c:22:c4:68:73:
                    90:ec:80:25:65:6a:9b:d1:07:ce:19:cb:2a:7a:89:
                    d7:4a:ba:b9:db:13:5d:ac:4a:d9:8b:1c:f6:c7:76:
                    46:b9:a3:55:bf:92:9c:11:7f:e4:ed:bb:78:bb:43:
                    eb:af:b8:37:37:83:07:46:a7:4a:d1:99:37:a3:b9:
                    ba:8c:65:42:35:ab:bd:ec:cd:a7:54:a4:64:24:08:
                    f7:48:cc:7f:fa:1e:14:a5:ea:76:e5:c8:90:c7:27:
                    5b:fe:ef:14:9d:a0:32:38:fa:a7:f5:f2:69:08:e2:
                    cb:0a:70:a7:07:19:41:ec:a1:1e:d3:d0:c8:b3:64:
                    81:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:69:21:57:CB:48:F5:EC:34:97:56:AB:2E:C9:9D:55:B8:79:8A:E9
            X509v3 Authority Key Identifier:
                keyid:0E:8C:E0:A6:AB:B8:EE:50:D4:4B:3B:AE:42:D4:A2:54:9F:FB:82:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dozgpqu47lDUSzuuQtSiVJ_7gkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9f2077-df4f-497e-8e90-c499755a2689/1/Dozgpqu47lDUSzuuQtSiVJ_7gkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:48:7b:13:d1:04:dd:a6:3a:5b:33:61:87:ab:ee:50:df:a5:
         6e:12:e2:e8:c6:11:99:09:8f:d9:62:8e:3d:a5:0c:c4:1e:14:
         f9:29:1a:11:15:b4:2c:13:fb:00:9d:05:18:33:f3:6d:1b:52:
         d8:f6:44:98:a3:43:e2:0c:49:df:37:40:b8:79:20:49:96:07:
         14:ff:a1:b2:1a:b3:0a:06:00:aa:78:06:d7:0f:23:b4:dd:ef:
         a1:0a:82:ab:d5:82:7c:8d:33:51:38:db:ee:b6:03:d9:bb:f2:
         6c:7b:fd:f6:f9:81:c9:f4:7d:ff:77:ac:64:65:c7:fb:52:47:
         01:e4:6f:8e:8b:6e:f8:5d:dc:df:8d:ff:df:66:f3:58:0f:1f:
         2d:0b:bc:a1:5b:19:73:3b:7d:8b:84:bf:2b:00:34:fd:4b:5d:
         d2:0e:da:9b:16:ce:6d:2f:7e:51:c4:f5:59:74:9e:f4:17:94:
         e6:c1:f9:c2:92:a9:14:4f:6b:ae:9d:d7:0d:82:40:02:58:f6:
         2b:70:98:89:b5:8a:95:5d:29:82:10:4a:88:78:ee:d6:5f:9d:
         d1:64:fd:43:ac:c1:5e:dd:6b:2a:95:7c:78:e9:d5:ed:22:12:
         9e:0e:1b:a2:68:59:ee:ed:19:0d:30:d6:8a:d2:32:95:58:fa:
         28:0e:a0:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a4nXbZLoUgZFiaglEo7LRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOGNlMGE2YWJiOGVlNTBkNDRiM2JhZTQyZDRhMjU0OWZm
YjgyNDAwHhcNMjYwNDE3MTAwMDI1WhcNMjYwNDE4MTAwMDI1WjAzMTEwLwYDVQQD
EygyNTY5MjE1N2NiNDhmNWVjMzQ5NzU2YWIyZWM5OWQ1NWI4Nzk4YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKyENNzFAYMCD5/cFOvKAJg9ec9v
4uVpEdN8e5DkVVal0q89n/SqHJ2/C1BaedtF2SOdpWN1sh604q/TxdX8QMaMumDp
py3bABpP/KRJwulahVaT0/8qcfCo3oOwi3Y8OMtT8ajU3pcDCdai0fd9ldOjnZAi
B+w7WNJwcv5aD3ZCDCLEaHOQ7IAlZWqb0QfOGcsqeonXSrq52xNdrErZixz2x3ZG
uaNVv5KcEX/k7bt4u0Prr7g3N4MHRqdK0Zk3o7m6jGVCNau97M2nVKRkJAj3SMx/
+h4Upep25ciQxydb/u8UnaAyOPqn9fJpCOLLCnCnBxlB7KEe09DIs2SBUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVpIVfLSPXsNJdWqy7JnVW4eYrpMB8GA1UdIwQY
MBaAFA6M4KaruO5Q1Es7rkLUolSf+4JAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85ZjIwNzctZGY0Zi00OTdlLThlOTAt
YzQ5OTc1NWEyNjg5LzEvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85ZjIwNzctZGY0Zi00OTdlLThlOTAtYzQ5OTc1NWEyNjg5
LzEvRG96Z3BxdTQ3bERVU3p1dVF0U2lWSl83Z2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh0h7E9EE
3aY6WzNhh6vuUN+lbhLi6MYRmQmP2WKOPaUMxB4U+SkaERW0LBP7AJ0FGDPzbRtS
2PZEmKND4gxJ3zdAuHkgSZYHFP+hshqzCgYAqngG1w8jtN3voQqCq9WCfI0zUTjb
7rYD2bvybHv99vmByfR9/3esZGXH+1JHAeRvjotu+F3c343/32bzWA8fLQu8oVsZ
czt9i4S/KwA0/Utd0g7amxbObS9+UcT1WXSe9BeU5sH5wpKpFE9rrp3XDYJAAlj2
K3CYibWKlV0pghBKiHju1l+d0WT9Q6zBXt1rKpV8eOnV7SISng4bomhZ7u0ZDTDW
itIylVj6KA6guQ==
-----END CERTIFICATE-----