Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          nJmak1NEmQrzoB+W9lNnVsijlryTWHT69zFtZllxxcE=
Subject key identifier:   EE:3A:FE:08:AF:75:E4:B3:84:6D:F4:F4:62:6D:C5:8A:F8:43:C3:71
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       019D25BA156F45590000BE117818339021BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          112C
Signing time:             Wed 25 Mar 2026 16:00:45 +0000
Manifest this update:     Wed 25 Mar 2026 16:00:45 +0000
Manifest next update:     Thu 26 Mar 2026 16:00:45 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: Vs978jSPFy91y+1qZU8f0SsVqS6b5k0KDqofrikcvOw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:15:6f:45:59:00:00:be:11:78:18:33:90:21:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Mar 25 16:00:45 2026 GMT
            Not After : Mar 26 16:00:45 2026 GMT
        Subject: CN=ee3afe08af75e4b3846df4f4626dc58af843c371
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:f7:0d:b3:3d:45:ab:cc:47:e9:f5:fe:a1:61:
                    e0:2c:d9:f4:a0:04:81:8f:f7:b6:2f:20:e7:63:a2:
                    68:fb:fe:30:59:bb:ad:1f:2a:30:b3:29:63:5e:99:
                    57:58:98:d3:21:aa:72:7e:94:23:cf:52:19:2d:52:
                    f5:54:39:f6:58:18:4e:b9:18:6c:f3:47:62:dd:03:
                    dd:0d:e6:b0:b6:c6:7a:fe:7e:31:53:a9:5f:ed:c9:
                    50:63:ed:67:38:93:96:23:9c:c7:95:66:ed:af:4e:
                    7d:82:97:3b:34:38:d5:3a:d9:94:e4:1d:d3:1a:13:
                    0b:60:e8:1f:fe:9f:ff:ee:b1:68:f0:80:5d:cd:36:
                    c9:f1:53:c1:4c:6f:55:b9:cd:43:18:40:5e:ea:98:
                    b7:ed:b4:c2:f7:a6:c4:d5:41:b3:dd:51:ef:b0:ee:
                    68:4a:ec:aa:a8:65:2e:9b:bc:c6:1f:6b:9d:92:7a:
                    c2:8b:e0:6e:1f:55:b7:6f:7b:4d:37:54:fa:1f:bc:
                    35:86:20:0e:b3:9a:33:52:f0:86:49:76:04:43:b1:
                    de:84:5c:a5:f0:c2:43:c6:fa:eb:cf:31:25:bb:9e:
                    85:b3:73:3d:0f:69:14:67:16:c7:64:00:ac:99:3c:
                    ec:c0:5a:af:e3:e4:31:b0:8c:e9:97:f1:1a:92:67:
                    3a:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:3A:FE:08:AF:75:E4:B3:84:6D:F4:F4:62:6D:C5:8A:F8:43:C3:71
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:55:9a:30:3e:5a:63:d2:b8:d1:e6:a6:2f:29:73:00:33:ee:
         5a:75:97:55:89:e9:39:21:99:f0:68:9e:26:87:e4:b6:85:0d:
         57:9d:91:02:c6:15:06:cc:af:e0:92:c2:21:63:ee:dc:70:b2:
         5c:88:21:2d:69:a9:94:22:d8:c8:bd:23:a0:6a:69:fe:6d:00:
         ca:44:3a:9a:c4:8b:b1:b5:85:ff:2c:de:61:cc:54:b3:98:4e:
         c4:66:9d:8d:aa:04:4a:97:4e:6a:c7:e4:25:ab:7e:26:53:82:
         6a:c7:c3:d6:bf:f6:2c:19:64:58:fd:d0:c0:a2:53:9c:f1:42:
         af:6a:3c:ec:29:94:82:15:a2:b0:13:1f:70:b6:86:fb:b7:30:
         c8:37:73:30:30:07:73:87:0c:53:ba:eb:4c:35:f3:7a:b2:62:
         b2:0c:e6:fc:16:b9:45:e7:46:7d:93:09:6c:8c:d6:2a:32:ea:
         12:07:01:09:24:4f:b4:fd:6b:1b:c5:4e:4f:d1:73:50:65:45:
         f2:3f:76:81:b9:14:89:02:be:e1:20:c8:81:59:70:bc:9e:b0:
         99:2a:e1:78:c3:67:5b:f2:73:18:9c:b0:4f:2d:32:77:e2:52:
         11:99:81:8c:eb:a7:dc:28:aa:22:9a:00:97:1d:07:04:c6:2c:
         ba:3f:91:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0luhVvRVkAAL4ReBgzkCG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjYwMzI1MTYwMDQ1WhcNMjYwMzI2MTYwMDQ1WjAzMTEwLwYDVQQD
EyhlZTNhZmUwOGFmNzVlNGIzODQ2ZGY0ZjQ2MjZkYzU4YWY4NDNjMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/cNsz1Fq8xH6fX+oWHgLNn0oASB
j/e2LyDnY6Jo+/4wWbutHyowsyljXplXWJjTIapyfpQjz1IZLVL1VDn2WBhOuRhs
80di3QPdDeawtsZ6/n4xU6lf7clQY+1nOJOWI5zHlWbtr059gpc7NDjVOtmU5B3T
GhMLYOgf/p//7rFo8IBdzTbJ8VPBTG9Vuc1DGEBe6pi37bTC96bE1UGz3VHvsO5o
SuyqqGUum7zGH2udknrCi+BuH1W3b3tNN1T6H7w1hiAOs5ozUvCGSXYEQ7HehFyl
8MJDxvrrzzElu56Fs3M9D2kUZxbHZACsmTzswFqv4+QxsIzpl/Eakmc6AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO46/givdeSzhG309GJtxYr4Q8NxMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADFWaMD5a
Y9K40eamLylzADPuWnWXVYnpOSGZ8GieJofktoUNV52RAsYVBsyv4JLCIWPu3HCy
XIghLWmplCLYyL0joGpp/m0AykQ6msSLsbWF/yzeYcxUs5hOxGadjaoESpdOasfk
Jat+JlOCasfD1r/2LBlkWP3QwKJTnPFCr2o87CmUghWisBMfcLaG+7cwyDdzMDAH
c4cMU7rrTDXzerJisgzm/Ba5RedGfZMJbIzWKjLqEgcBCSRPtP1rG8VOT9FzUGVF
8j92gbkUiQK+4SDIgVlwvJ6wmSrheMNnW/JzGJywTy0yd+JSEZmBjOun3CiqIpoA
lx0HBMYsuj+RwA==
-----END CERTIFICATE-----