Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/56bfb4-b3fe-465a-b357-52abb53b7513/1/D0OG59TvxHLBH-nP7z0zCXSzP2E.mft
File:                     D0OG59TvxHLBH-nP7z0zCXSzP2E.mft (raw, json)
Hash identifier:          YoFEbF9FbdhsH5xK5J4yRRToX8PsR9jgHRvglXgkmlI=
Subject key identifier:   93:A9:DE:15:9D:33:00:D0:10:8A:53:3A:5B:D1:FB:51:C9:8B:47:C9
Authority key identifier: 0F:43:86:E7:D4:EF:C4:72:C1:1F:E9:CF:EF:3D:33:09:74:B3:3F:61
Certificate issuer:       /CN=0f4386e7d4efc472c11fe9cfef3d330974b33f61
Certificate serial:       019D2703D075286CC41628C21957CFFAE50F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D0OG59TvxHLBH-nP7z0zCXSzP2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/56bfb4-b3fe-465a-b357-52abb53b7513/1/D0OG59TvxHLBH-nP7z0zCXSzP2E.mft
Manifest number:          0B27
Signing time:             Wed 25 Mar 2026 22:00:54 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:54 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:54 +0000
Files and hashes:         1: D0OG59TvxHLBH-nP7z0zCXSzP2E.crl (hash: imFzIe+dKHj4SNYgj9OjiTyQRSI2JgYV4RXnckKkNLc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/56bfb4-b3fe-465a-b357-52abb53b7513/1/D0OG59TvxHLBH-nP7z0zCXSzP2E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/56bfb4-b3fe-465a-b357-52abb53b7513/1/D0OG59TvxHLBH-nP7z0zCXSzP2E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D0OG59TvxHLBH-nP7z0zCXSzP2E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d0:75:28:6c:c4:16:28:c2:19:57:cf:fa:e5:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f4386e7d4efc472c11fe9cfef3d330974b33f61
        Validity
            Not Before: Mar 25 22:00:54 2026 GMT
            Not After : Mar 26 22:00:54 2026 GMT
        Subject: CN=93a9de159d3300d0108a533a5bd1fb51c98b47c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:85:33:1d:b5:3b:9a:42:16:9e:a8:d9:09:a9:
                    df:79:83:35:66:1c:fa:80:ef:78:b3:45:91:1c:cd:
                    d0:96:49:cd:26:8a:06:46:36:88:ef:b4:71:e5:cb:
                    98:94:a2:8f:f6:3a:66:cd:cf:af:62:9f:0f:19:27:
                    78:91:11:db:ec:40:30:00:f6:c7:f7:dc:78:ab:a6:
                    99:b2:1e:16:c6:1f:ac:00:73:ed:9c:fd:f1:61:2b:
                    21:e1:2c:96:04:13:49:bf:90:8b:35:c3:11:fd:f3:
                    c6:cd:64:20:79:03:ec:36:3e:f6:16:d8:68:c9:59:
                    64:f8:1b:b7:ed:70:73:27:ab:de:64:ca:ce:de:3a:
                    eb:48:eb:f9:33:1b:71:25:ae:68:1b:cc:60:22:a6:
                    89:c6:f0:84:ad:45:41:9d:dd:a1:77:5c:b7:8d:8f:
                    5b:0f:cc:64:66:94:1f:59:36:37:08:7a:fa:f5:c6:
                    90:40:3d:c1:e1:03:da:11:de:8a:21:cd:08:17:ec:
                    ec:49:b2:8b:3e:46:ce:22:bd:70:e1:b1:45:cb:38:
                    36:9d:fe:29:85:cb:62:73:60:da:b6:e3:ce:87:7f:
                    e4:73:84:8d:19:8f:33:d2:e9:30:0f:94:92:15:9b:
                    db:b4:e7:a9:b3:76:ab:20:91:bd:02:56:fa:94:8a:
                    5c:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:A9:DE:15:9D:33:00:D0:10:8A:53:3A:5B:D1:FB:51:C9:8B:47:C9
            X509v3 Authority Key Identifier:
                keyid:0F:43:86:E7:D4:EF:C4:72:C1:1F:E9:CF:EF:3D:33:09:74:B3:3F:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D0OG59TvxHLBH-nP7z0zCXSzP2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/56bfb4-b3fe-465a-b357-52abb53b7513/1/D0OG59TvxHLBH-nP7z0zCXSzP2E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/56bfb4-b3fe-465a-b357-52abb53b7513/1/D0OG59TvxHLBH-nP7z0zCXSzP2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:6f:69:ce:6f:ae:79:fb:3d:5b:3b:07:a0:26:1d:48:48:9a:
         54:99:72:0a:94:ea:2a:bc:1f:9f:6c:58:bb:46:ff:e1:26:12:
         d5:ad:c7:aa:39:95:5d:fa:ed:ed:bc:8b:ac:00:99:7a:a5:29:
         d8:bc:13:41:7a:1f:a2:e6:89:92:a0:8d:5b:f3:0b:52:a0:29:
         70:ed:a1:09:28:51:f6:94:60:30:d4:95:0c:cb:b1:7e:a4:14:
         c2:ea:c9:37:2d:91:0b:e6:7c:5e:fc:23:a6:7a:cf:60:8e:8b:
         1a:eb:64:7a:5c:1b:fb:07:1f:e9:5d:d5:a5:8d:eb:ba:a8:2f:
         a0:5f:84:75:75:40:02:7d:0b:7a:30:9e:8d:40:34:0b:23:0b:
         f6:b2:f2:70:06:ea:09:19:0e:4c:92:f9:80:41:4d:12:d5:c0:
         48:fb:b9:be:9b:4b:72:8c:4f:42:ea:00:7b:33:2c:e6:fa:3f:
         11:6f:5a:c6:86:42:d3:70:dd:cf:30:a4:53:09:be:dd:32:f1:
         70:af:17:d4:a1:84:76:4a:f6:60:87:24:21:fc:49:52:14:be:
         6d:a0:ae:b7:c4:c8:cc:ed:ca:11:dd:f3:3c:76:8d:87:58:e5:
         34:46:ef:00:2a:cb:b1:0f:39:8c:aa:a8:72:df:9f:d5:13:20:
         e1:b4:a8:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9B1KGzEFijCGVfP+uUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNDM4NmU3ZDRlZmM0NzJjMTFmZTljZmVmM2QzMzA5NzRi
MzNmNjEwHhcNMjYwMzI1MjIwMDU0WhcNMjYwMzI2MjIwMDU0WjAzMTEwLwYDVQQD
Eyg5M2E5ZGUxNTlkMzMwMGQwMTA4YTUzM2E1YmQxZmI1MWM5OGI0N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4UzHbU7mkIWnqjZCanfeYM1Zhz6
gO94s0WRHM3QlknNJooGRjaI77Rx5cuYlKKP9jpmzc+vYp8PGSd4kRHb7EAwAPbH
99x4q6aZsh4Wxh+sAHPtnP3xYSsh4SyWBBNJv5CLNcMR/fPGzWQgeQPsNj72Ftho
yVlk+Bu37XBzJ6veZMrO3jrrSOv5MxtxJa5oG8xgIqaJxvCErUVBnd2hd1y3jY9b
D8xkZpQfWTY3CHr69caQQD3B4QPaEd6KIc0IF+zsSbKLPkbOIr1w4bFFyzg2nf4p
hctic2DatuPOh3/kc4SNGY8z0ukwD5SSFZvbtOeps3arIJG9Alb6lIpcMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJOp3hWdMwDQEIpTOlvR+1HJi0fJMB8GA1UdIwQY
MBaAFA9DhufU78RywR/pz+89Mwl0sz9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDBPRzU5VHZ4SExCSC1uUDd6MHpDWFN6UDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81NmJmYjQtYjNmZS00NjVhLWIzNTct
NTJhYmI1M2I3NTEzLzEvRDBPRzU5VHZ4SExCSC1uUDd6MHpDWFN6UDJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81NmJmYjQtYjNmZS00NjVhLWIzNTctNTJhYmI1M2I3NTEz
LzEvRDBPRzU5VHZ4SExCSC1uUDd6MHpDWFN6UDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJG9pzm+u
efs9WzsHoCYdSEiaVJlyCpTqKrwfn2xYu0b/4SYS1a3HqjmVXfrt7byLrACZeqUp
2LwTQXofouaJkqCNW/MLUqApcO2hCShR9pRgMNSVDMuxfqQUwurJNy2RC+Z8Xvwj
pnrPYI6LGutkelwb+wcf6V3VpY3ruqgvoF+EdXVAAn0LejCejUA0CyML9rLycAbq
CRkOTJL5gEFNEtXASPu5vptLcoxPQuoAezMs5vo/EW9axoZC03DdzzCkUwm+3TLx
cK8X1KGEdkr2YIckIfxJUhS+baCut8TIzO3KEd3zPHaNh1jlNEbvACrLsQ85jKqo
ct+f1RMg4bSosQ==
-----END CERTIFICATE-----