Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          fE7Oa2tHd9BgIGFiwxkSKxr15aPEr2UJqQBPLgyVA/0=
Subject key identifier:   9A:A7:AC:68:D8:D5:BC:31:51:F7:D7:4E:D9:11:A9:08:97:DE:A3:B6
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       019D27042B72A8E1B4FC92FFDAAB52AC6EBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          112A
Signing time:             Wed 25 Mar 2026 22:01:17 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:17 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:17 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: Fm7noTD78GM5EsIXGsv18M4ACqFyZW9F6SWVY9/wOlA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:2b:72:a8:e1:b4:fc:92:ff:da:ab:52:ac:6e:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Mar 25 22:01:17 2026 GMT
            Not After : Mar 26 22:01:17 2026 GMT
        Subject: CN=9aa7ac68d8d5bc3151f7d74ed911a90897dea3b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ba:2f:bc:f9:a8:b4:a2:ba:42:3f:28:e5:d4:
                    ce:26:2e:71:fc:3f:ee:3c:93:3f:ab:d8:90:a4:8d:
                    2f:60:79:2b:96:1c:d9:b9:e3:4d:d7:bd:f6:02:52:
                    19:5c:f5:d6:7f:27:3c:2f:16:2a:88:8c:57:06:66:
                    c3:f8:d2:21:db:41:48:b5:f1:b3:fd:65:c8:6f:54:
                    bc:8d:6c:51:8e:ef:a2:89:85:6f:25:de:9e:de:72:
                    2d:f1:af:13:50:b4:b9:74:7c:49:ad:10:30:36:f5:
                    b7:d0:09:7f:7f:1d:e0:05:3a:b4:f8:6b:21:00:22:
                    49:58:47:58:b4:d5:27:2d:f6:d3:5a:73:fd:2f:71:
                    0f:c2:64:f8:84:46:d8:f9:6e:f2:cc:26:78:27:f8:
                    bd:e1:ef:63:bc:de:42:e3:b3:29:0d:da:3f:85:00:
                    e5:77:56:39:10:d3:04:0b:e2:65:8a:b6:35:03:d2:
                    ea:7a:40:bc:f3:3d:1a:c2:24:40:d5:93:4e:7c:0c:
                    8a:65:2c:3e:ed:79:6b:51:5e:fc:0a:1b:ab:28:e8:
                    4b:8d:25:9d:21:7a:97:44:07:5b:4a:ed:e4:00:c7:
                    60:f7:29:5f:a0:f2:48:9e:ba:3e:2a:c3:e6:e2:e2:
                    c0:47:66:5c:f5:1d:ba:6c:f4:5f:53:4b:bc:ef:9e:
                    b4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:A7:AC:68:D8:D5:BC:31:51:F7:D7:4E:D9:11:A9:08:97:DE:A3:B6
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:99:26:6e:6f:ec:44:a5:4b:b7:24:95:8d:05:97:67:0f:6f:
         22:df:ec:9f:6d:28:2b:e4:72:52:bb:82:35:b0:9f:cc:07:3a:
         9b:a4:70:78:67:59:0a:63:dd:5a:40:25:4d:3b:83:a2:f6:ec:
         8e:7e:ae:62:a6:0e:f6:53:40:a8:9f:c1:f6:a0:9e:03:fb:8c:
         3f:a4:4c:d3:03:b6:de:4b:f0:9e:ce:99:db:f4:da:1d:12:8a:
         ec:1c:8b:1f:44:52:72:30:13:76:52:72:11:6a:69:48:0e:f6:
         18:23:18:36:23:97:a6:78:71:5b:70:42:64:35:5c:e3:2a:0b:
         1b:23:b9:b6:4c:9d:ab:b2:03:92:f5:23:4b:7a:ed:da:0d:fc:
         8d:d6:9a:25:a9:ad:95:d5:42:6f:8e:7e:d9:db:dc:92:f7:de:
         14:9b:f4:39:78:f9:49:4a:29:c1:7d:08:6d:9e:1a:38:e0:0c:
         bf:3b:67:28:a8:86:3a:b1:e9:9d:8a:f9:63:1b:58:fd:07:24:
         4b:ea:17:81:aa:4c:fd:f1:e3:ff:dd:58:9c:21:a9:df:9b:2d:
         54:09:c6:5b:29:00:8d:ad:25:83:bc:10:ee:1a:7a:86:c1:e8:
         a0:ed:c5:66:9b:d2:4b:7a:e2:36:42:5b:3f:55:37:e1:b3:c0:
         3b:e4:02:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBCtyqOG0/JL/2qtSrG68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjYwMzI1MjIwMTE3WhcNMjYwMzI2MjIwMTE3WjAzMTEwLwYDVQQD
Eyg5YWE3YWM2OGQ4ZDViYzMxNTFmN2Q3NGVkOTExYTkwODk3ZGVhM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrovvPmotKK6Qj8o5dTOJi5x/D/u
PJM/q9iQpI0vYHkrlhzZueNN1732AlIZXPXWfyc8LxYqiIxXBmbD+NIh20FItfGz
/WXIb1S8jWxRju+iiYVvJd6e3nIt8a8TULS5dHxJrRAwNvW30Al/fx3gBTq0+Gsh
ACJJWEdYtNUnLfbTWnP9L3EPwmT4hEbY+W7yzCZ4J/i94e9jvN5C47MpDdo/hQDl
d1Y5ENMEC+JlirY1A9LqekC88z0awiRA1ZNOfAyKZSw+7XlrUV78ChurKOhLjSWd
IXqXRAdbSu3kAMdg9ylfoPJInro+KsPm4uLAR2Zc9R26bPRfU0u87560mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqnrGjY1bwxUffXTtkRqQiX3qO2MB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJkmbm/s
RKVLtySVjQWXZw9vIt/sn20oK+RyUruCNbCfzAc6m6RweGdZCmPdWkAlTTuDovbs
jn6uYqYO9lNAqJ/B9qCeA/uMP6RM0wO23kvwns6Z2/TaHRKK7ByLH0RScjATdlJy
EWppSA72GCMYNiOXpnhxW3BCZDVc4yoLGyO5tkydq7IDkvUjS3rt2g38jdaaJamt
ldVCb45+2dvckvfeFJv0OXj5SUopwX0IbZ4aOOAMvztnKKiGOrHpnYr5YxtY/Qck
S+oXgapM/fHj/91YnCGp35stVAnGWykAja0lg7wQ7hp6hsHooO3FZpvSS3riNkJb
P1U34bPAO+QCgA==
-----END CERTIFICATE-----