Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
File:                     DZxWoYyYei0aLnBEt-MbMhv3rBY.mft (raw, json)
Hash identifier:          2777jr7+Bthsdv3dDm0TkjlPK39YhD16NUECcTqE7FU=
Subject key identifier:   DD:F4:CA:63:E6:7C:14:CC:63:86:CE:EB:60:18:08:10:B8:0D:2B:12
Authority key identifier: 0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16
Certificate issuer:       /CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
Certificate serial:       019CAD5A24C63D5472CBE4CD6504AF8C27A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
Manifest number:          09D8
Signing time:             Mon 02 Mar 2026 07:01:31 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:31 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:31 +0000
Files and hashes:         1: DZxWoYyYei0aLnBEt-MbMhv3rBY.crl (hash: TSBQhBx1FkHxkhG+DOEWWdFOGULCcmZEwQboHmjUcss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:24:c6:3d:54:72:cb:e4:cd:65:04:af:8c:27:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
        Validity
            Not Before: Mar  2 07:01:31 2026 GMT
            Not After : Mar  3 07:01:31 2026 GMT
        Subject: CN=ddf4ca63e67c14cc6386ceeb60180810b80d2b12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:63:cb:e7:15:0c:24:9f:4c:81:47:9a:ae:3b:
                    f8:43:ae:42:c9:fc:28:01:c4:32:31:b3:3f:33:6e:
                    cb:64:fb:17:a7:83:94:5f:2f:9f:fb:17:4b:c0:6e:
                    c0:4c:97:c9:48:1d:e9:5e:2c:5d:23:44:e5:64:19:
                    27:58:50:46:6c:70:e3:a2:fe:64:e6:32:99:c5:f8:
                    85:3c:9a:5b:c2:39:e2:8a:0b:dc:56:ca:9b:16:e2:
                    d4:32:d8:4f:fe:5e:e9:0c:65:4e:17:eb:83:77:b8:
                    71:17:29:02:62:08:30:6a:a1:ef:30:7d:d3:95:06:
                    cd:fb:66:34:b2:f2:70:aa:1a:cc:66:9a:6d:c4:14:
                    f3:c0:3a:e3:24:6e:db:40:e6:d7:df:24:f6:60:de:
                    e0:b2:4b:6a:55:87:65:d3:86:37:46:63:bc:9a:6a:
                    3a:dc:5d:39:dd:db:d1:1f:d7:9b:0d:3d:e1:99:10:
                    11:cd:cf:97:95:3d:76:cd:15:9c:1e:e6:48:96:3b:
                    5c:54:a7:f7:17:06:8f:2a:19:f0:1f:b1:fd:3f:21:
                    68:31:36:b7:a1:74:66:96:71:ff:d8:e4:2c:c8:de:
                    57:e8:d3:b9:c3:09:fa:02:31:a4:b1:3f:90:32:74:
                    9c:d1:7f:2a:c5:71:87:e7:e1:f3:0b:df:67:ed:ed:
                    ae:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F4:CA:63:E6:7C:14:CC:63:86:CE:EB:60:18:08:10:B8:0D:2B:12
            X509v3 Authority Key Identifier:
                keyid:0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:2c:de:2c:ba:dc:8c:23:83:0c:8b:7d:87:0b:8a:82:6a:30:
         e1:44:73:03:04:18:25:73:36:f9:de:6e:f0:f5:17:97:f6:95:
         a7:10:72:ea:61:de:94:f7:de:17:0a:a2:f8:46:8c:08:a7:29:
         a6:df:7d:78:c5:5b:1b:6e:49:36:26:97:87:85:b6:05:dd:ff:
         61:9f:1c:f2:07:3e:7c:3a:59:f7:af:b6:26:58:de:13:a9:80:
         ea:48:0e:01:bc:0a:eb:d3:40:94:34:83:b7:da:c3:51:1a:2c:
         62:b0:53:27:87:12:4b:99:7c:0d:e4:7d:6d:11:0a:1d:c5:e8:
         27:02:db:af:63:6d:28:d1:04:fc:a7:3f:d0:96:d2:95:65:d1:
         b6:2b:a8:33:96:3d:9f:40:7e:78:e3:de:34:d6:2f:24:b3:44:
         53:ac:a7:c7:dc:5e:2a:d6:b3:d0:34:1a:24:c3:70:f2:8f:f1:
         9a:af:f0:99:91:8a:90:67:e9:c6:6f:61:db:e2:db:52:c0:c7:
         0e:24:72:6f:6a:ab:f6:48:7b:1b:ff:a7:64:a3:99:ff:28:21:
         68:c2:4e:e2:60:42:89:a5:a7:19:d4:89:de:70:ef:ad:83:99:
         cc:27:c0:8f:42:85:ea:c0:cd:1e:14:70:03:99:95:23:ef:69:
         6d:dd:a0:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWiTGPVRyy+TNZQSvjCegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOWM1NmExOGM5ODdhMmQxYTJlNzA0NGI3ZTMxYjMyMWJm
N2FjMTYwHhcNMjYwMzAyMDcwMTMxWhcNMjYwMzAzMDcwMTMxWjAzMTEwLwYDVQQD
EyhkZGY0Y2E2M2U2N2MxNGNjNjM4NmNlZWI2MDE4MDgxMGI4MGQyYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomPL5xUMJJ9MgUearjv4Q65Cyfwo
AcQyMbM/M27LZPsXp4OUXy+f+xdLwG7ATJfJSB3pXixdI0TlZBknWFBGbHDjov5k
5jKZxfiFPJpbwjniigvcVsqbFuLUMthP/l7pDGVOF+uDd7hxFykCYggwaqHvMH3T
lQbN+2Y0svJwqhrMZpptxBTzwDrjJG7bQObX3yT2YN7gsktqVYdl04Y3RmO8mmo6
3F053dvRH9ebDT3hmRARzc+XlT12zRWcHuZIljtcVKf3FwaPKhnwH7H9PyFoMTa3
oXRmlnH/2OQsyN5X6NO5wwn6AjGksT+QMnSc0X8qxXGH5+HzC99n7e2uiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN30ymPmfBTMY4bO62AYCBC4DSsSMB8GA1UdIwQY
MBaAFA2cVqGMmHotGi5wRLfjGzIb96wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYt
NDVhYjNmNTIwZjAwLzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYtNDVhYjNmNTIwZjAw
LzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKSzeLLrc
jCODDIt9hwuKgmow4URzAwQYJXM2+d5u8PUXl/aVpxBy6mHelPfeFwqi+EaMCKcp
pt99eMVbG25JNiaXh4W2Bd3/YZ8c8gc+fDpZ96+2JljeE6mA6kgOAbwK69NAlDSD
t9rDURosYrBTJ4cSS5l8DeR9bREKHcXoJwLbr2NtKNEE/Kc/0JbSlWXRtiuoM5Y9
n0B+eOPeNNYvJLNEU6ynx9xeKtaz0DQaJMNw8o/xmq/wmZGKkGfpxm9h2+LbUsDH
DiRyb2qr9kh7G/+nZKOZ/yghaMJO4mBCiaWnGdSJ3nDvrYOZzCfAj0KF6sDNHhRw
A5mVI+9pbd2gkw==
-----END CERTIFICATE-----