Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft
File:                     DOf4uSjz9S4LuXZD007OWeuWNKM.mft (raw, json)
Hash identifier:          fkASaZ5RS+boNJ1aXRRKIPyjMzAdOb+GEplNCuNpIG0=
Subject key identifier:   28:A4:1D:A0:67:6F:F9:76:4B:6C:EC:EC:EE:C1:49:1D:AC:80:D8:F3
Authority key identifier: 0C:E7:F8:B9:28:F3:F5:2E:0B:B9:76:43:D3:4E:CE:59:EB:96:34:A3
Certificate issuer:       /CN=0ce7f8b928f3f52e0bb97643d34ece59eb9634a3
Certificate serial:       019D270427C5D1A2C2B7E5BC0F79B12273F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft
Manifest number:          021A
Signing time:             Wed 25 Mar 2026 22:01:16 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:16 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:16 +0000
Files and hashes:         1: DOf4uSjz9S4LuXZD007OWeuWNKM.crl (hash: rn8Zw7BTPzvl5+hVnF5ScG26AWGkzz1b0cqKSfM9uIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:27:c5:d1:a2:c2:b7:e5:bc:0f:79:b1:22:73:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0ce7f8b928f3f52e0bb97643d34ece59eb9634a3
        Validity
            Not Before: Mar 25 22:01:16 2026 GMT
            Not After : Mar 26 22:01:16 2026 GMT
        Subject: CN=28a41da0676ff9764b6cececeec1491dac80d8f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:3c:d3:80:8e:42:1c:e7:6c:94:e6:cb:b8:25:
                    5c:d3:20:b8:a6:04:71:58:a0:f0:89:79:e8:c1:51:
                    78:1b:24:c6:ae:5a:28:a6:17:49:79:82:4b:75:48:
                    e9:24:6b:4d:c5:e8:d0:f0:a9:36:b1:14:d6:94:f9:
                    01:db:46:18:c6:14:44:26:57:64:08:b3:db:22:bd:
                    47:e3:d0:c3:8d:d5:a2:e8:ae:12:25:be:f4:ab:01:
                    b4:40:d8:0f:3d:2a:2a:6d:ab:fe:2e:da:16:69:fa:
                    09:bd:34:4a:29:40:a4:23:91:c1:fd:4a:c9:8d:09:
                    88:cb:69:5b:97:65:d3:47:69:19:dd:d8:52:20:74:
                    00:6a:ab:c7:05:79:12:09:76:0a:ef:98:31:f7:f7:
                    d2:10:75:fa:f2:98:c6:7f:c1:35:a4:1e:24:ba:2d:
                    01:94:18:7b:0c:63:6e:df:56:13:35:b4:84:a1:3c:
                    2e:b7:e5:90:1c:f6:e1:9b:a1:23:95:c6:00:3d:2f:
                    e8:d9:d4:05:f1:7a:b0:bb:bf:bf:d8:55:10:cc:72:
                    c8:59:aa:64:00:c0:7c:f6:1a:0c:12:3b:de:11:3d:
                    c2:d9:25:1a:9f:d3:c6:19:08:a4:60:ce:1a:87:5a:
                    25:89:b8:69:e6:fe:4d:52:4a:17:14:7e:d3:18:9f:
                    93:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A4:1D:A0:67:6F:F9:76:4B:6C:EC:EC:EE:C1:49:1D:AC:80:D8:F3
            X509v3 Authority Key Identifier:
                keyid:0C:E7:F8:B9:28:F3:F5:2E:0B:B9:76:43:D3:4E:CE:59:EB:96:34:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOf4uSjz9S4LuXZD007OWeuWNKM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/be3593-7972-4da3-ae16-293ec6322966/1/DOf4uSjz9S4LuXZD007OWeuWNKM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:7d:2e:c5:e6:0c:98:2b:82:56:23:0f:bb:15:e5:6f:28:b7:
         86:48:78:7b:99:b0:93:2a:c8:0a:dc:bf:cf:e3:a5:33:87:71:
         a5:a1:37:e9:04:66:a7:c7:76:4c:65:13:43:cc:f8:e0:a2:0d:
         5f:d0:53:40:b3:69:e1:7c:e6:7b:9d:57:d6:c3:4b:ff:d7:05:
         68:d0:79:16:bd:a0:4e:3b:80:0e:4f:2a:46:50:9d:48:1f:5b:
         7a:c8:92:b6:d8:d4:73:d1:69:c6:d2:b8:6f:13:9c:21:a3:fe:
         b9:68:5b:19:c4:29:fd:f3:73:41:ec:19:fb:d2:8d:05:49:41:
         8d:f3:f0:28:7a:2b:1a:04:2e:84:e2:e7:23:dc:de:e7:ed:00:
         e8:37:9f:94:07:c0:6d:29:ee:4a:db:97:1d:bb:c2:7c:94:26:
         4f:5b:7a:6e:0b:ed:5f:c7:fd:b8:b8:cd:85:ba:5c:cf:3e:bc:
         cc:02:8e:e1:94:ac:9c:2d:0b:f9:03:a1:22:3f:bf:4f:f4:1f:
         6c:bd:b4:1d:c6:f6:19:2e:15:78:0a:e8:29:87:81:3f:7f:e9:
         43:ca:1e:e0:65:aa:f4:c9:79:b3:f6:b4:31:33:3e:9b:51:35:
         ea:d9:8a:8b:bb:c9:4c:dd:0f:ce:dc:f3:ee:48:b6:37:e0:fb:
         ee:32:9f:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBCfF0aLCt+W8D3mxInP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTdmOGI5MjhmM2Y1MmUwYmI5NzY0M2QzNGVjZTU5ZWI5
NjM0YTMwHhcNMjYwMzI1MjIwMTE2WhcNMjYwMzI2MjIwMTE2WjAzMTEwLwYDVQQD
EygyOGE0MWRhMDY3NmZmOTc2NGI2Y2VjZWNlZWMxNDkxZGFjODBkOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTzTgI5CHOdslObLuCVc0yC4pgRx
WKDwiXnowVF4GyTGrloophdJeYJLdUjpJGtNxejQ8Kk2sRTWlPkB20YYxhREJldk
CLPbIr1H49DDjdWi6K4SJb70qwG0QNgPPSoqbav+LtoWafoJvTRKKUCkI5HB/UrJ
jQmIy2lbl2XTR2kZ3dhSIHQAaqvHBXkSCXYK75gx9/fSEHX68pjGf8E1pB4kui0B
lBh7DGNu31YTNbSEoTwut+WQHPbhm6EjlcYAPS/o2dQF8Xqwu7+/2FUQzHLIWapk
AMB89hoMEjveET3C2SUan9PGGQikYM4ah1olibhp5v5NUkoXFH7TGJ+TUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCikHaBnb/l2S2zs7O7BSR2sgNjzMB8GA1UdIwQY
MBaAFAzn+Lko8/UuC7l2Q9NOzlnrljSjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iZTM1OTMtNzk3Mi00ZGEzLWFlMTYt
MjkzZWM2MzIyOTY2LzEvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iZTM1OTMtNzk3Mi00ZGEzLWFlMTYtMjkzZWM2MzIyOTY2
LzEvRE9mNHVTano5UzRMdVhaRDAwN09XZXVXTktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdX0uxeYM
mCuCViMPuxXlbyi3hkh4e5mwkyrICty/z+OlM4dxpaE36QRmp8d2TGUTQ8z44KIN
X9BTQLNp4Xzme51X1sNL/9cFaNB5Fr2gTjuADk8qRlCdSB9besiSttjUc9FpxtK4
bxOcIaP+uWhbGcQp/fNzQewZ+9KNBUlBjfPwKHorGgQuhOLnI9ze5+0A6DeflAfA
bSnuStuXHbvCfJQmT1t6bgvtX8f9uLjNhbpczz68zAKO4ZSsnC0L+QOhIj+/T/Qf
bL20Hcb2GS4VeAroKYeBP3/pQ8oe4GWq9Ml5s/a0MTM+m1E16tmKi7vJTN0Pztzz
7ki2N+D77jKfNA==
-----END CERTIFICATE-----