Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
File:                     DZxWoYyYei0aLnBEt-MbMhv3rBY.mft (raw, json)
Hash identifier:          ulJvPjClgZlYJ5d4Ru0V5GCqHwqCZIGq7xYLS0PRpRQ=
Subject key identifier:   15:F2:15:F2:4F:23:93:C0:DE:84:91:C4:4E:5D:A7:10:56:60:0F:FF
Authority key identifier: 0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16
Certificate issuer:       /CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
Certificate serial:       019D98F45B90EB4165DDBFCB06961EB36F9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
Manifest number:          0A52
Signing time:             Fri 17 Apr 2026 01:00:44 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:44 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:44 +0000
Files and hashes:         1: DZxWoYyYei0aLnBEt-MbMhv3rBY.crl (hash: XlBbNi+UtYllZyw/5hzgBDJOSxp5574XJ/YPFvi/JaA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:5b:90:eb:41:65:dd:bf:cb:06:96:1e:b3:6f:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d9c56a18c987a2d1a2e7044b7e31b321bf7ac16
        Validity
            Not Before: Apr 17 01:00:44 2026 GMT
            Not After : Apr 18 01:00:44 2026 GMT
        Subject: CN=15f215f24f2393c0de8491c44e5da71056600fff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5b:4e:e1:2d:f7:99:00:63:32:58:b1:9a:37:
                    74:99:63:cd:28:93:b5:ba:2a:33:62:a5:74:20:d7:
                    b1:8a:a8:cd:2a:f2:8a:63:e5:73:5d:12:a2:ab:8f:
                    8e:1e:25:2d:0e:47:1d:3e:47:4d:48:d7:40:cb:a5:
                    f5:4a:5f:c2:ec:9d:62:62:a2:f1:33:ad:96:de:33:
                    67:a8:57:b4:48:df:4a:3d:82:d0:7d:8b:03:cb:fc:
                    af:e8:8e:3b:51:4f:2e:01:b7:9b:6e:59:8f:cf:0d:
                    41:f9:15:0f:01:a7:5f:64:06:5e:bd:eb:3a:9c:e5:
                    30:d6:87:55:a8:c2:84:50:df:4b:db:59:a6:7a:96:
                    e4:f8:0c:52:7a:33:cd:ab:fe:4a:5f:cb:1a:d6:59:
                    7b:92:07:ed:3c:98:d9:bf:20:43:a7:4f:d5:7c:fc:
                    f5:56:87:0a:52:d7:ca:a0:ee:cc:11:a6:a9:5b:bf:
                    4b:f2:80:1f:a6:ef:ff:30:f6:74:b7:81:42:2c:dd:
                    df:80:00:75:e9:b8:ab:bc:f9:2e:fe:75:ca:cb:2c:
                    e6:4b:cc:35:19:b2:13:7f:fa:be:fa:7a:e1:68:30:
                    d7:f2:e0:b5:87:c2:d2:f0:36:6b:c6:ed:b3:3a:3a:
                    34:2a:b9:1c:92:f8:3c:bb:53:c0:07:fc:91:67:91:
                    5b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:F2:15:F2:4F:23:93:C0:DE:84:91:C4:4E:5D:A7:10:56:60:0F:FF
            X509v3 Authority Key Identifier:
                keyid:0D:9C:56:A1:8C:98:7A:2D:1A:2E:70:44:B7:E3:1B:32:1B:F7:AC:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZxWoYyYei0aLnBEt-MbMhv3rBY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/bd1b8f-d065-4cc7-9a1f-45ab3f520f00/1/DZxWoYyYei0aLnBEt-MbMhv3rBY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:46:96:7b:dd:a2:c9:20:f3:d3:5c:c8:e2:60:e7:98:5b:39:
         47:d2:bc:a7:56:52:70:93:4f:52:6e:72:c0:3c:70:cb:97:42:
         c5:fc:da:e3:68:39:a7:42:b2:cc:64:bf:fd:a4:de:d8:af:28:
         9d:ae:3c:9a:ca:ce:e7:59:b3:2d:0f:dc:2b:7e:8a:8e:33:eb:
         1d:93:90:51:db:19:03:79:87:22:f9:19:67:7e:ea:3f:14:f8:
         57:0a:1d:ff:bd:1f:07:9e:66:1f:f0:22:f9:1b:fd:7d:39:8e:
         ec:32:af:b3:37:80:87:0f:6a:73:52:45:12:b9:3e:a3:f2:22:
         82:f6:21:a3:60:03:fc:39:64:0d:b8:c6:b5:bc:87:d3:a7:21:
         ad:68:81:f8:8f:e5:e5:65:aa:cf:25:01:30:fd:b0:2f:4c:cc:
         44:a1:bf:23:d1:81:0c:3c:5a:a0:94:85:5e:47:d3:0f:16:e1:
         76:bd:eb:4b:a9:73:06:4a:91:8d:25:90:69:25:50:fe:8b:dd:
         9d:e3:9f:56:d6:ce:a5:17:8d:4c:d5:8e:1e:a2:08:52:b2:fc:
         e6:0a:a2:bc:38:ba:00:05:73:5f:92:37:d4:77:b6:15:08:ae:
         bd:14:ec:90:dc:bd:9c:0f:c1:e0:fd:2f:35:49:75:15:b6:88:
         c1:1e:f5:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9FuQ60Fl3b/LBpYes2+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOWM1NmExOGM5ODdhMmQxYTJlNzA0NGI3ZTMxYjMyMWJm
N2FjMTYwHhcNMjYwNDE3MDEwMDQ0WhcNMjYwNDE4MDEwMDQ0WjAzMTEwLwYDVQQD
EygxNWYyMTVmMjRmMjM5M2MwZGU4NDkxYzQ0ZTVkYTcxMDU2NjAwZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVtO4S33mQBjMlixmjd0mWPNKJO1
uiozYqV0INexiqjNKvKKY+VzXRKiq4+OHiUtDkcdPkdNSNdAy6X1Sl/C7J1iYqLx
M62W3jNnqFe0SN9KPYLQfYsDy/yv6I47UU8uAbebblmPzw1B+RUPAadfZAZeves6
nOUw1odVqMKEUN9L21mmepbk+AxSejPNq/5KX8sa1ll7kgftPJjZvyBDp0/VfPz1
VocKUtfKoO7MEaapW79L8oAfpu//MPZ0t4FCLN3fgAB16birvPku/nXKyyzmS8w1
GbITf/q++nrhaDDX8uC1h8LS8DZrxu2zOjo0Krkckvg8u1PAB/yRZ5Fb8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXyFfJPI5PA3oSRxE5dpxBWYA//MB8GA1UdIwQY
MBaAFA2cVqGMmHotGi5wRLfjGzIb96wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYt
NDVhYjNmNTIwZjAwLzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iZDFiOGYtZDA2NS00Y2M3LTlhMWYtNDVhYjNmNTIwZjAw
LzEvRFp4V29ZeVllaTBhTG5CRXQtTWJNaHYzckJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdUaWe92i
ySDz01zI4mDnmFs5R9K8p1ZScJNPUm5ywDxwy5dCxfza42g5p0KyzGS//aTe2K8o
na48msrO51mzLQ/cK36KjjPrHZOQUdsZA3mHIvkZZ37qPxT4Vwod/70fB55mH/Ai
+Rv9fTmO7DKvszeAhw9qc1JFErk+o/IigvYho2AD/DlkDbjGtbyH06chrWiB+I/l
5WWqzyUBMP2wL0zMRKG/I9GBDDxaoJSFXkfTDxbhdr3rS6lzBkqRjSWQaSVQ/ovd
neOfVtbOpReNTNWOHqIIUrL85gqivDi6AAVzX5I31He2FQiuvRTskNy9nA/B4P0v
NUl1FbaIwR71pA==
-----END CERTIFICATE-----