Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          7VhXLqNU9aF62fGiDBynMTF9rmkhznf4A5CDI+i0qJI=
Subject key identifier:   6E:A4:B5:3D:82:9F:51:30:65:C2:45:C8:73:2A:92:E3:75:00:02:D6
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019D9AAC469EF1D0F624382F541CB72CD24D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          1451
Signing time:             Fri 17 Apr 2026 09:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 09:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 09:01:14 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: VWxpLZBiWyeFvt7SxuodEEkCQug3NwWOTLIOFNtV920=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:ac:46:9e:f1:d0:f6:24:38:2f:54:1c:b7:2c:d2:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Apr 17 09:01:14 2026 GMT
            Not After : Apr 18 09:01:14 2026 GMT
        Subject: CN=6ea4b53d829f513065c245c8732a92e3750002d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:6e:f7:0e:46:cb:4a:aa:80:3b:a9:2e:ba:6a:
                    11:8f:76:3e:b3:c1:11:7a:b9:9b:5c:ce:c3:3c:65:
                    14:ec:7e:61:2d:d8:a2:5b:aa:23:1c:3b:63:d2:2b:
                    cb:51:bf:f6:86:57:56:e2:cc:fa:18:37:7f:27:3f:
                    b0:0e:34:db:c7:2a:c2:68:a2:1c:da:95:3a:3b:c9:
                    68:06:6d:67:73:43:32:bd:89:b3:5f:5c:f4:61:dd:
                    19:ce:e6:8f:41:24:3f:cf:69:de:96:c3:ba:ad:7e:
                    27:c1:a8:51:f0:15:3e:3f:a5:cf:0c:93:4d:26:d6:
                    57:bd:6b:d4:aa:2b:bc:98:0e:3c:17:73:fd:26:32:
                    4b:a5:f0:03:84:d1:48:32:6f:68:76:6e:10:bb:e1:
                    fe:d7:92:98:a2:31:d7:fd:93:9a:a0:09:5b:cb:a9:
                    3b:c1:10:41:cd:41:9f:fa:9c:c7:ef:45:34:1e:7a:
                    24:da:16:32:2e:c6:5b:f7:df:21:54:de:83:e3:dd:
                    d1:5f:f1:27:ca:2a:16:0b:44:5f:6a:a1:59:09:74:
                    d1:39:c2:cd:9f:8a:08:6b:ab:4e:22:f3:37:3e:54:
                    2b:ff:73:e7:90:b5:aa:5e:1b:c9:c8:8f:1f:64:d1:
                    89:be:81:ec:4d:2b:99:c7:3b:89:d0:6f:28:0b:53:
                    0d:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:A4:B5:3D:82:9F:51:30:65:C2:45:C8:73:2A:92:E3:75:00:02:D6
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:88:f5:2e:81:d0:25:5f:47:a7:b9:7b:82:35:9f:50:89:1b:
         0d:da:49:58:62:ea:44:06:a2:7f:3d:c2:52:cf:41:24:09:90:
         64:46:22:8d:29:0b:b9:39:a5:c0:18:f5:fb:53:9b:4a:7c:36:
         90:45:09:28:c2:aa:a1:09:73:74:e8:ab:f2:5b:d7:f4:01:9e:
         eb:5c:b9:c5:78:d8:89:39:ef:40:eb:0c:97:53:ee:74:ff:d1:
         5c:fd:41:41:d7:36:df:b3:dc:57:c5:a5:ea:e0:78:4f:79:b5:
         e4:9c:a1:95:ec:c7:f1:1b:88:39:da:15:67:8d:9e:1e:2e:5b:
         69:13:74:96:9d:1d:8e:4a:19:16:2d:c6:22:a4:67:28:40:76:
         ab:90:de:6a:4f:b6:04:63:4e:ce:d1:6e:5f:5f:09:52:e0:e5:
         09:82:a5:31:ad:04:a3:09:11:ec:38:f1:9a:b4:b6:bf:fe:19:
         d7:5d:48:78:d6:2b:f3:03:67:ba:b4:cd:da:dc:22:b1:1f:05:
         5f:40:d3:b6:3b:68:9c:37:88:dd:d1:c0:4b:dc:e2:05:00:4c:
         51:6f:06:29:29:60:cc:ba:5e:3b:89:6f:5a:24:bd:4f:34:cf:
         12:1d:1c:e7:da:5f:09:20:f2:d6:a5:96:be:75:b6:fc:4e:0e:
         af:66:fd:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2arEae8dD2JDgvVBy3LNJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwNDE3MDkwMTE0WhcNMjYwNDE4MDkwMTE0WjAzMTEwLwYDVQQD
Eyg2ZWE0YjUzZDgyOWY1MTMwNjVjMjQ1Yzg3MzJhOTJlMzc1MDAwMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq273DkbLSqqAO6kuumoRj3Y+s8ER
ermbXM7DPGUU7H5hLdiiW6ojHDtj0ivLUb/2hldW4sz6GDd/Jz+wDjTbxyrCaKIc
2pU6O8loBm1nc0MyvYmzX1z0Yd0ZzuaPQSQ/z2nelsO6rX4nwahR8BU+P6XPDJNN
JtZXvWvUqiu8mA48F3P9JjJLpfADhNFIMm9odm4Qu+H+15KYojHX/ZOaoAlby6k7
wRBBzUGf+pzH70U0Hnok2hYyLsZb998hVN6D493RX/EnyioWC0RfaqFZCXTROcLN
n4oIa6tOIvM3PlQr/3PnkLWqXhvJyI8fZNGJvoHsTSuZxzuJ0G8oC1MNtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6ktT2Cn1EwZcJFyHMqkuN1AALWMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWoj1LoHQ
JV9Hp7l7gjWfUIkbDdpJWGLqRAaifz3CUs9BJAmQZEYijSkLuTmlwBj1+1ObSnw2
kEUJKMKqoQlzdOir8lvX9AGe61y5xXjYiTnvQOsMl1PudP/RXP1BQdc237PcV8Wl
6uB4T3m15JyhlezH8RuIOdoVZ42eHi5baRN0lp0djkoZFi3GIqRnKEB2q5Deak+2
BGNOztFuX18JUuDlCYKlMa0EowkR7DjxmrS2v/4Z111IeNYr8wNnurTN2twisR8F
X0DTtjtonDeI3dHAS9ziBQBMUW8GKSlgzLpeO4lvWiS9TzTPEh0c59pfCSDy1qWW
vnW2/E4Or2b9eg==
-----END CERTIFICATE-----