Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          Dj+YBQE+K9cOpoUSNmVh4+hqTLUZR0Xj0sEi5WdpkJY=
Subject key identifier:   52:AC:56:29:1B:22:39:3F:A9:F7:F7:B7:E2:0E:B9:D8:65:D0:E3:EC
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       019D29613A5CC1C7D1A363205278A4DE62E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 09:02:10 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:10 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:10 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: YyS6O7Bqi0/VZ9sotBFAOdj+np1hffU6WWJ5gYSoxhA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:3a:5c:c1:c7:d1:a3:63:20:52:78:a4:de:62:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Mar 26 09:02:10 2026 GMT
            Not After : Mar 27 09:02:10 2026 GMT
        Subject: CN=52ac56291b22393fa9f7f7b7e20eb9d865d0e3ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:5c:dc:c0:59:7e:a5:56:a3:55:f8:05:3e:53:
                    02:8d:f3:a6:ca:47:e8:c0:8b:33:7f:29:ae:6c:c7:
                    74:f6:c5:e7:34:fe:e1:3d:75:19:d0:81:e5:a0:51:
                    d1:82:93:9e:5c:28:89:2d:73:9d:a3:51:b5:ad:ef:
                    a8:1d:a5:76:15:1c:91:15:31:71:1d:a5:0f:f0:2d:
                    43:43:84:a0:93:64:ac:56:85:d8:2c:f6:3d:2a:4d:
                    e7:7f:d0:67:f6:a4:61:f1:05:97:f2:8b:0a:4c:8e:
                    d0:4b:f2:29:3d:9f:84:5c:44:3b:1e:ee:1b:b7:3f:
                    66:01:82:0e:27:43:d9:dd:b4:10:a1:75:e4:56:60:
                    a0:44:e1:7e:82:c5:95:ad:a7:1b:24:3b:b4:b0:be:
                    ab:8c:2b:d4:01:39:23:91:99:40:72:71:5a:a5:85:
                    66:97:65:5b:22:e5:81:36:d2:e1:44:4a:c4:fc:5f:
                    b9:a9:c6:71:5a:71:a9:16:00:14:ba:73:a8:c8:a4:
                    e7:56:7a:d5:a9:26:0e:01:6f:e5:03:55:04:d7:22:
                    b2:d3:8e:91:ef:0a:00:3a:e4:16:4c:b9:24:b7:88:
                    13:1b:df:fa:81:b0:bb:5e:91:bc:74:53:d1:59:55:
                    92:b6:a2:80:b5:a6:73:c1:ee:a6:55:11:c6:1e:ab:
                    b7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:AC:56:29:1B:22:39:3F:A9:F7:F7:B7:E2:0E:B9:D8:65:D0:E3:EC
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:2e:76:2b:cf:3d:8b:d6:e8:a3:b6:e4:03:7c:da:c9:b4:2e:
         17:40:ed:8e:60:99:34:24:a1:99:9e:22:e6:da:31:87:11:af:
         f3:74:5d:e3:d2:6a:b4:26:09:ab:38:04:4e:f3:06:3f:10:14:
         a4:4b:89:5d:43:6c:45:7e:9f:96:3d:2d:3b:6c:23:dc:b0:56:
         db:bf:45:54:47:3e:9c:b2:7a:e6:88:1c:12:97:c4:68:b0:5b:
         ee:48:61:95:9a:71:1e:36:69:f2:51:73:69:8a:ac:17:7e:4a:
         76:1c:fd:a7:c0:8d:e3:30:4f:fc:36:e3:57:04:c4:d7:ed:ef:
         93:eb:f1:b3:c5:6a:3f:23:22:f3:30:17:33:35:27:d6:44:f2:
         1f:09:f1:f4:8b:fb:06:3c:50:2a:87:87:0f:06:32:99:e9:f6:
         f9:b8:43:a0:4f:86:e0:63:ce:a0:87:c1:84:2d:50:ef:46:f5:
         22:59:07:43:36:74:bc:23:61:ed:1b:0e:1f:10:8f:b8:00:e3:
         02:d4:2c:da:b9:0e:ba:f4:97:fb:67:b7:28:e8:81:03:15:a3:
         f1:98:e0:27:20:ca:dd:c6:cc:e9:f9:26:fa:0a:5f:2d:67:22:
         61:f6:36:63:d1:d3:48:2a:ba:8f:ea:1c:1a:c4:39:81:e6:df:
         7e:8f:fb:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYTpcwcfRo2MgUnik3mLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjYwMzI2MDkwMjEwWhcNMjYwMzI3MDkwMjEwWjAzMTEwLwYDVQQD
Eyg1MmFjNTYyOTFiMjIzOTNmYTlmN2Y3YjdlMjBlYjlkODY1ZDBlM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1zcwFl+pVajVfgFPlMCjfOmykfo
wIszfymubMd09sXnNP7hPXUZ0IHloFHRgpOeXCiJLXOdo1G1re+oHaV2FRyRFTFx
HaUP8C1DQ4Sgk2SsVoXYLPY9Kk3nf9Bn9qRh8QWX8osKTI7QS/IpPZ+EXEQ7Hu4b
tz9mAYIOJ0PZ3bQQoXXkVmCgROF+gsWVracbJDu0sL6rjCvUATkjkZlAcnFapYVm
l2VbIuWBNtLhRErE/F+5qcZxWnGpFgAUunOoyKTnVnrVqSYOAW/lA1UE1yKy046R
7woAOuQWTLkkt4gTG9/6gbC7XpG8dFPRWVWStqKAtaZzwe6mVRHGHqu3jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKsVikbIjk/qff3t+IOudhl0OPsMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASS52K889
i9boo7bkA3zaybQuF0DtjmCZNCShmZ4i5toxhxGv83Rd49JqtCYJqzgETvMGPxAU
pEuJXUNsRX6flj0tO2wj3LBW279FVEc+nLJ65ogcEpfEaLBb7khhlZpxHjZp8lFz
aYqsF35Kdhz9p8CN4zBP/DbjVwTE1+3vk+vxs8VqPyMi8zAXMzUn1kTyHwnx9Iv7
BjxQKoeHDwYymen2+bhDoE+G4GPOoIfBhC1Q70b1IlkHQzZ0vCNh7RsOHxCPuADj
AtQs2rkOuvSX+2e3KOiBAxWj8ZjgJyDK3cbM6fkm+gpfLWciYfY2Y9HTSCq6j+oc
GsQ5gebffo/71g==
-----END CERTIFICATE-----