Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          xHUliwK28JFlJ0Wm4G/6lr73EPP7AVF0txG+C7b8AZw=
Subject key identifier:   27:B8:D1:45:E2:1E:2E:8B:94:48:20:EA:4C:04:84:29:DC:D6:0C:B2
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019D25F1F95B643FB5AFE5BA70F36555837F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0782
Signing time:             Wed 25 Mar 2026 17:01:48 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:48 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:48 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: ZVhSXf1qh5ZDQnD5rJc/sClXkFnDK2y19mL8AqtOF8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:f9:5b:64:3f:b5:af:e5:ba:70:f3:65:55:83:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Mar 25 17:01:48 2026 GMT
            Not After : Mar 26 17:01:48 2026 GMT
        Subject: CN=27b8d145e21e2e8b944820ea4c048429dcd60cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:e2:a7:7a:ec:dc:88:b7:fc:12:94:9a:4f:e7:
                    a1:0f:24:5d:fd:5c:77:18:8b:29:ee:e2:11:48:8e:
                    0a:ba:61:0a:39:b4:cf:e3:ad:c2:63:e2:08:f8:d4:
                    5f:e3:27:77:f5:ee:3d:e3:44:e1:73:69:8b:dc:dd:
                    8c:3f:d4:0d:62:c3:09:45:6d:8b:87:fa:c0:81:f5:
                    f8:90:5d:5e:ee:1f:bb:1e:d3:db:0e:53:ce:30:20:
                    12:f8:c3:8a:96:c9:4f:62:4d:f7:21:eb:38:ae:fc:
                    50:6c:74:d8:15:9f:bd:2b:19:05:32:70:60:bf:54:
                    28:5e:ee:79:2a:28:94:f6:94:5f:ed:1f:41:2f:23:
                    a2:de:ec:e8:77:00:b9:b7:75:2a:6e:b1:d8:81:4a:
                    c9:7b:54:65:2e:73:b5:fa:4d:b7:94:fb:fc:54:6d:
                    0c:39:c4:f9:dd:7f:e9:d8:51:96:4c:a2:28:62:21:
                    82:1d:5d:ed:27:5b:19:dc:13:9a:33:5d:80:dc:3b:
                    80:bf:aa:b8:e2:65:07:1f:d9:3a:64:1e:f1:a1:36:
                    7f:5d:cf:5c:b0:f0:46:75:3f:b6:ad:89:8b:7d:24:
                    a2:fa:c7:e4:f0:d1:ba:dc:53:2c:f8:05:4b:b0:82:
                    86:8d:0a:a2:ce:d2:23:2a:f1:6f:d7:3e:ad:b8:46:
                    0b:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B8:D1:45:E2:1E:2E:8B:94:48:20:EA:4C:04:84:29:DC:D6:0C:B2
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:96:9d:36:b0:0b:15:e5:41:05:ff:9e:c1:e5:6d:2a:a8:ec:
         3b:ee:5b:93:49:a9:65:d8:e8:03:48:ae:f9:86:8a:ea:64:e0:
         47:38:01:9d:b1:df:01:ff:c9:67:17:e6:7d:38:e8:b6:d5:ae:
         8e:66:a1:74:e7:71:78:b4:21:f4:29:f2:0b:4b:9a:11:40:60:
         f8:58:ba:ed:49:67:35:65:f7:14:69:58:98:7b:70:da:03:fe:
         cd:73:95:6e:ed:27:14:dc:1f:2d:68:c1:af:11:12:c5:57:7c:
         29:61:e6:ff:ce:46:27:ef:2f:06:54:df:4f:c6:02:52:d6:b3:
         a5:cf:fd:46:49:43:83:26:d1:3b:7e:3f:0e:e9:bb:dc:13:13:
         15:49:d3:5d:bb:5c:99:04:da:a6:84:ce:99:b5:92:17:11:73:
         ce:b6:c5:d3:b2:63:6a:3f:a5:4e:17:76:3d:85:d5:61:88:46:
         60:a5:82:10:f6:42:78:36:ad:86:83:1f:73:74:6c:b2:aa:6d:
         9a:53:67:fd:8e:ad:a3:d2:26:6a:82:e2:22:2f:2d:86:73:61:
         fb:9a:b9:f2:ac:be:14:d0:b8:e4:b9:de:cb:f5:07:77:ce:4c:
         76:97:df:54:86:f8:5f:96:52:8a:08:f3:29:7f:26:8d:8f:b6:
         1b:f3:e5:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8flbZD+1r+W6cPNlVYN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjYwMzI1MTcwMTQ4WhcNMjYwMzI2MTcwMTQ4WjAzMTEwLwYDVQQD
EygyN2I4ZDE0NWUyMWUyZThiOTQ0ODIwZWE0YzA0ODQyOWRjZDYwY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuKneuzciLf8EpSaT+ehDyRd/Vx3
GIsp7uIRSI4KumEKObTP463CY+II+NRf4yd39e4940Thc2mL3N2MP9QNYsMJRW2L
h/rAgfX4kF1e7h+7HtPbDlPOMCAS+MOKlslPYk33Ies4rvxQbHTYFZ+9KxkFMnBg
v1QoXu55KiiU9pRf7R9BLyOi3uzodwC5t3UqbrHYgUrJe1RlLnO1+k23lPv8VG0M
OcT53X/p2FGWTKIoYiGCHV3tJ1sZ3BOaM12A3DuAv6q44mUHH9k6ZB7xoTZ/Xc9c
sPBGdT+2rYmLfSSi+sfk8NG63FMs+AVLsIKGjQqiztIjKvFv1z6tuEYLewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCe40UXiHi6LlEgg6kwEhCnc1gyyMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXJadNrAL
FeVBBf+eweVtKqjsO+5bk0mpZdjoA0iu+YaK6mTgRzgBnbHfAf/JZxfmfTjottWu
jmahdOdxeLQh9CnyC0uaEUBg+Fi67UlnNWX3FGlYmHtw2gP+zXOVbu0nFNwfLWjB
rxESxVd8KWHm/85GJ+8vBlTfT8YCUtazpc/9RklDgybRO34/Dum73BMTFUnTXbtc
mQTapoTOmbWSFxFzzrbF07Jjaj+lThd2PYXVYYhGYKWCEPZCeDathoMfc3Rssqpt
mlNn/Y6to9ImaoLiIi8thnNh+5q58qy+FNC45Lney/UHd85MdpffVIb4X5ZSigjz
KX8mjY+2G/PlDw==
-----END CERTIFICATE-----