Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
File:                     oOWh7YHyM49feJpE6u2w7uP3EJ4.mft (raw, json)
Hash identifier:          gumYpYIXbyYZcUt6MguiO3XAeGoN7AUAEsAnCMwbwAI=
Subject key identifier:   57:0A:29:C1:38:1D:64:08:CF:EA:DB:70:47:30:71:00:4F:86:21:09
Authority key identifier: A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E
Certificate issuer:       /CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e
Certificate serial:       019D2816AD96F92AA5707F5371318E364F5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
Manifest number:          016A
Signing time:             Thu 26 Mar 2026 03:01:07 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:07 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:07 +0000
Files and hashes:         1: oOWh7YHyM49feJpE6u2w7uP3EJ4.crl (hash: l89yZp5gTiAs5HvffMnQFOR2AqF1uaxoDzQUuaQLUcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:ad:96:f9:2a:a5:70:7f:53:71:31:8e:36:4f:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e
        Validity
            Not Before: Mar 26 03:01:07 2026 GMT
            Not After : Mar 27 03:01:07 2026 GMT
        Subject: CN=570a29c1381d6408cfeadb70473071004f862109
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ba:f6:dc:78:1a:d8:95:2f:c8:71:4c:27:ce:
                    8b:b5:31:45:37:11:77:26:d7:17:27:b5:45:54:07:
                    55:9f:d7:10:9e:af:fa:8e:9d:4d:0b:06:92:4f:48:
                    93:31:e2:ff:43:4f:23:29:a3:7e:cd:26:fc:38:62:
                    26:81:e8:27:1d:00:8c:18:cf:aa:a1:d3:c4:ba:38:
                    7e:51:4f:40:46:49:4b:1e:e3:62:ee:87:2f:f9:61:
                    a9:01:2c:04:89:d3:57:44:07:c3:42:ca:ca:71:ed:
                    11:fe:d0:fc:da:8f:7a:4a:03:27:3b:15:02:ac:fd:
                    ed:2c:3f:7b:0b:90:9b:b2:7e:24:1a:74:e2:f7:31:
                    03:fb:73:ca:67:e6:c2:fe:f0:c5:3c:fb:3e:b8:90:
                    56:84:83:ec:ae:e6:7c:d9:6a:bd:d9:8a:d8:a1:27:
                    e6:a0:0e:97:8d:7d:e4:56:61:2b:f8:fa:7f:00:7d:
                    91:2a:57:4e:9c:46:7e:a4:aa:52:55:c5:27:17:12:
                    f6:90:80:12:4f:b0:32:39:63:f7:fd:fc:10:44:a1:
                    20:df:77:e2:c0:d2:51:d3:1c:aa:3a:73:da:37:7f:
                    bd:60:69:e4:32:a4:98:fd:7d:88:d5:4f:d1:2b:ec:
                    27:d6:df:9a:fe:20:6b:e6:2e:9c:ad:ba:78:89:c8:
                    23:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:0A:29:C1:38:1D:64:08:CF:EA:DB:70:47:30:71:00:4F:86:21:09
            X509v3 Authority Key Identifier:
                keyid:A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:94:6f:3c:35:7c:46:97:32:17:c4:31:0f:5b:b1:18:f5:c0:
         07:c8:76:80:ed:eb:b4:05:49:b9:52:4d:5a:21:00:34:4c:d8:
         c2:5f:cb:f2:d3:0f:90:56:20:52:80:c2:e3:dc:26:50:ce:28:
         44:d0:4c:1b:75:fa:45:04:87:44:3f:ec:f8:6f:46:96:8c:6b:
         9e:58:8a:57:0a:86:bb:b0:9f:7c:ee:72:6d:31:a2:0e:57:c8:
         65:15:56:cc:5f:aa:93:4f:c2:f2:71:a8:11:4a:95:f4:20:be:
         9b:77:5d:94:92:f7:da:84:8d:9b:08:c5:80:a6:69:aa:d3:12:
         bc:7a:07:d6:73:15:10:77:48:44:16:b5:20:d5:27:6b:86:bf:
         cf:08:b0:40:7a:21:8b:c9:18:4c:c1:52:71:08:1e:7c:69:f6:
         69:af:2e:bc:0a:30:cd:e1:6e:38:2c:c1:2f:d4:4c:dc:86:de:
         d6:98:bf:ff:9f:4a:35:b8:33:78:dc:77:f5:42:20:15:d7:f4:
         d8:cf:57:42:2e:fd:51:15:ad:07:82:ca:20:4e:05:56:1e:0c:
         db:a9:f3:49:be:d6:62:7c:8f:5b:dd:31:67:4c:e8:9b:35:eb:
         68:49:0b:35:23:68:78:e9:1b:04:0b:7a:3f:84:d2:61:9e:7a:
         ac:9c:a0:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFq2W+SqlcH9TcTGONk9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTVhMWVkODFmMjMzOGY1Zjc4OWE0NGVhZWRiMGVlZTNm
NzEwOWUwHhcNMjYwMzI2MDMwMTA3WhcNMjYwMzI3MDMwMTA3WjAzMTEwLwYDVQQD
Eyg1NzBhMjljMTM4MWQ2NDA4Y2ZlYWRiNzA0NzMwNzEwMDRmODYyMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7r23Hga2JUvyHFMJ86LtTFFNxF3
JtcXJ7VFVAdVn9cQnq/6jp1NCwaST0iTMeL/Q08jKaN+zSb8OGImgegnHQCMGM+q
odPEujh+UU9ARklLHuNi7ocv+WGpASwEidNXRAfDQsrKce0R/tD82o96SgMnOxUC
rP3tLD97C5Cbsn4kGnTi9zED+3PKZ+bC/vDFPPs+uJBWhIPsruZ82Wq92YrYoSfm
oA6XjX3kVmEr+Pp/AH2RKldOnEZ+pKpSVcUnFxL2kIAST7AyOWP3/fwQRKEg33fi
wNJR0xyqOnPaN3+9YGnkMqSY/X2I1U/RK+wn1t+a/iBr5i6crbp4icgjWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcKKcE4HWQIz+rbcEcwcQBPhiEJMB8GA1UdIwQY
MBaAFKDloe2B8jOPX3iaROrtsO7j9xCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2Et
MGQ1M2ZjMTBhOGU5LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2EtMGQ1M2ZjMTBhOGU5
LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpRvPDV8
RpcyF8QxD1uxGPXAB8h2gO3rtAVJuVJNWiEANEzYwl/L8tMPkFYgUoDC49wmUM4o
RNBMG3X6RQSHRD/s+G9GloxrnliKVwqGu7CffO5ybTGiDlfIZRVWzF+qk0/C8nGo
EUqV9CC+m3ddlJL32oSNmwjFgKZpqtMSvHoH1nMVEHdIRBa1INUna4a/zwiwQHoh
i8kYTMFScQgefGn2aa8uvAowzeFuOCzBL9RM3Ibe1pi//59KNbgzeNx39UIgFdf0
2M9XQi79URWtB4LKIE4FVh4M26nzSb7WYnyPW90xZ0zomzXraEkLNSNoeOkbBAt6
P4TSYZ56rJygGg==
-----END CERTIFICATE-----