Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
File:                     DY05iX3-Ia7thQlskKRzlvyknUE.mft (raw, json)
Hash identifier:          MubXbuUeE38z3SIpplUfy+qhF7oXokoH//m9D8371hA=
Subject key identifier:   52:31:FA:50:94:8E:67:1A:68:19:A0:3F:6B:AC:3E:FA:F4:B8:16:7C
Authority key identifier: 0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41
Certificate issuer:       /CN=0d8d39897dfe21aeed85096c90a47396fca49d41
Certificate serial:       019D9AE35BF51EAA89C3BBFEAB074396FD6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
Manifest number:          1850
Signing time:             Fri 17 Apr 2026 10:01:24 +0000
Manifest this update:     Fri 17 Apr 2026 10:01:24 +0000
Manifest next update:     Sat 18 Apr 2026 10:01:24 +0000
Files and hashes:         1: DY05iX3-Ia7thQlskKRzlvyknUE.crl (hash: DtDVwfT1OZt116peCaldhz9jW3pGHwT34IFPj6379ZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:e3:5b:f5:1e:aa:89:c3:bb:fe:ab:07:43:96:fd:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d8d39897dfe21aeed85096c90a47396fca49d41
        Validity
            Not Before: Apr 17 10:01:24 2026 GMT
            Not After : Apr 18 10:01:24 2026 GMT
        Subject: CN=5231fa50948e671a6819a03f6bac3efaf4b8167c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:74:54:c3:8b:28:81:3f:14:cf:f0:33:17:14:
                    7d:d4:45:4f:73:95:fb:71:7b:0a:a6:45:fb:f9:05:
                    fe:21:9a:19:a5:9b:4b:75:ca:c7:3c:58:d3:19:59:
                    0f:01:d5:c8:92:81:11:90:85:fe:7b:52:07:5c:07:
                    82:94:9e:26:39:73:00:d4:06:28:a4:7c:5f:4d:66:
                    3c:34:14:0c:6f:1c:e0:3f:f7:ce:12:41:3e:ec:05:
                    c2:86:a2:71:f1:c3:83:68:9a:36:be:2f:8f:ef:d1:
                    fa:09:d4:24:7f:1d:f6:a2:e9:69:3e:be:9f:59:ef:
                    a1:27:51:7b:a7:6b:c0:31:17:7a:73:b5:54:c5:2e:
                    3c:ca:dd:47:e4:32:17:70:76:e5:0a:75:60:4b:36:
                    c3:b2:da:e8:c6:b7:73:c9:b0:b1:2d:c9:64:7c:11:
                    76:1c:29:a3:6d:66:df:bf:0d:36:cd:c8:8b:49:99:
                    89:b3:e9:ee:3d:70:2d:17:32:f0:c7:a1:7e:f7:bc:
                    32:88:fa:57:e0:7e:40:d8:eb:9c:86:3c:56:64:3f:
                    ab:4f:91:d4:de:59:ec:20:89:67:6f:15:b8:15:f9:
                    8c:01:c1:cf:80:2a:55:21:93:ac:a0:e3:da:eb:49:
                    3d:24:ba:a3:05:23:be:90:0a:1e:30:72:3d:1b:57:
                    64:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:31:FA:50:94:8E:67:1A:68:19:A0:3F:6B:AC:3E:FA:F4:B8:16:7C
            X509v3 Authority Key Identifier:
                keyid:0D:8D:39:89:7D:FE:21:AE:ED:85:09:6C:90:A4:73:96:FC:A4:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DY05iX3-Ia7thQlskKRzlvyknUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/508c68-a737-43a9-af10-be823109855e/1/DY05iX3-Ia7thQlskKRzlvyknUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:fc:40:65:74:9e:ed:a3:88:aa:cd:a9:23:c0:97:67:72:d1:
         da:eb:17:38:ca:0a:62:74:f2:06:3e:0b:dc:61:48:cd:dd:3f:
         5c:81:24:84:e7:ef:10:4d:c0:50:0d:3e:78:c8:21:e7:18:49:
         d3:5a:1f:2c:c6:e0:e8:17:bf:63:9f:10:a0:2a:b5:e8:50:db:
         74:69:66:d6:62:fc:ed:89:dd:13:66:0f:2a:31:57:4f:67:af:
         ad:8f:35:60:01:07:2a:e0:8e:39:08:e0:21:4d:14:2b:b2:a7:
         d7:7b:99:db:27:be:e4:39:de:dd:ed:c7:25:4a:47:65:be:f5:
         38:98:79:12:08:12:cd:ae:17:2c:8c:b6:1c:b7:3f:8b:50:63:
         ca:bd:f0:55:f0:15:40:ad:07:d8:ab:bb:76:8e:b9:fc:7d:78:
         10:00:af:b0:5a:70:4f:a2:9c:90:f2:86:81:84:e4:7f:a6:6b:
         4d:0b:bd:3a:5c:2b:92:91:a1:b8:60:97:33:a7:50:18:46:e7:
         e8:4f:2d:9a:29:e5:29:1d:a6:32:47:30:97:84:09:bd:0c:41:
         fa:48:bc:39:26:0d:ed:d9:3a:c1:b1:be:e4:af:95:11:ce:7a:
         41:24:76:b2:03:02:fd:c6:82:43:68:b7:09:0d:fb:a5:ad:83:
         48:4f:ed:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a41v1HqqJw7v+qwdDlv1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGQzOTg5N2RmZTIxYWVlZDg1MDk2YzkwYTQ3Mzk2ZmNh
NDlkNDEwHhcNMjYwNDE3MTAwMTI0WhcNMjYwNDE4MTAwMTI0WjAzMTEwLwYDVQQD
Eyg1MjMxZmE1MDk0OGU2NzFhNjgxOWEwM2Y2YmFjM2VmYWY0YjgxNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nRUw4sogT8Uz/AzFxR91EVPc5X7
cXsKpkX7+QX+IZoZpZtLdcrHPFjTGVkPAdXIkoERkIX+e1IHXAeClJ4mOXMA1AYo
pHxfTWY8NBQMbxzgP/fOEkE+7AXChqJx8cODaJo2vi+P79H6CdQkfx32oulpPr6f
We+hJ1F7p2vAMRd6c7VUxS48yt1H5DIXcHblCnVgSzbDstroxrdzybCxLclkfBF2
HCmjbWbfvw02zciLSZmJs+nuPXAtFzLwx6F+97wyiPpX4H5A2OuchjxWZD+rT5HU
3lnsIIlnbxW4FfmMAcHPgCpVIZOsoOPa60k9JLqjBSO+kAoeMHI9G1dkUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIx+lCUjmcaaBmgP2usPvr0uBZ8MB8GA1UdIwQY
MBaAFA2NOYl9/iGu7YUJbJCkc5b8pJ1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAt
YmU4MjMxMDk4NTVlLzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MDhjNjgtYTczNy00M2E5LWFmMTAtYmU4MjMxMDk4NTVl
LzEvRFkwNWlYMy1JYTd0aFFsc2tLUnpsdnlrblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT/xAZXSe
7aOIqs2pI8CXZ3LR2usXOMoKYnTyBj4L3GFIzd0/XIEkhOfvEE3AUA0+eMgh5xhJ
01ofLMbg6Be/Y58QoCq16FDbdGlm1mL87YndE2YPKjFXT2evrY81YAEHKuCOOQjg
IU0UK7Kn13uZ2ye+5Dne3e3HJUpHZb71OJh5EggSza4XLIy2HLc/i1Bjyr3wVfAV
QK0H2Ku7do65/H14EACvsFpwT6KckPKGgYTkf6ZrTQu9OlwrkpGhuGCXM6dQGEbn
6E8tminlKR2mMkcwl4QJvQxB+ki8OSYN7dk6wbG+5K+VEc56QSR2sgMC/caCQ2i3
CQ37pa2DSE/tJw==
-----END CERTIFICATE-----