Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          fSrARx2BQy4qvLst1NCTPRLuZlHQR+Uj5+HmdXzCG3s=
Subject key identifier:   0E:F6:34:CF:16:08:28:FE:2E:4A:61:8F:66:2A:13:43:58:30:A2:37
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       019D2703986D2FF3B294EEA10A7EAAA09903
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          07D9
Signing time:             Wed 25 Mar 2026 22:00:40 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:40 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:40 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: E01eaXlLQjEu4h0GMcnGAeN7STDxq5bolCjcJoEiRTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:98:6d:2f:f3:b2:94:ee:a1:0a:7e:aa:a0:99:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Mar 25 22:00:40 2026 GMT
            Not After : Mar 26 22:00:40 2026 GMT
        Subject: CN=0ef634cf160828fe2e4a618f662a13435830a237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:1a:b5:06:89:1d:84:88:ea:07:2e:10:15:60:
                    e1:da:d5:bb:8a:10:8e:97:63:31:b5:30:cc:b5:3a:
                    3d:ff:da:d5:7e:f7:07:fb:f8:4d:e9:4d:9d:2d:20:
                    b2:27:ea:aa:cf:4e:d3:77:28:a4:04:05:13:b6:9c:
                    b1:05:93:1c:2d:f6:b8:65:3e:24:f4:e6:12:9a:b3:
                    f9:44:64:69:2b:70:b2:c0:05:a1:cf:a4:ed:6d:33:
                    9a:80:7e:87:c8:e8:19:7d:46:81:e6:9c:bf:82:3a:
                    c1:29:d2:2c:f4:3c:02:db:8a:92:99:45:70:95:fb:
                    4b:53:d3:1e:0a:af:b3:71:4a:0e:25:c8:75:db:b0:
                    bf:ff:7f:10:7e:cd:18:4d:33:cf:6e:5a:0d:47:7d:
                    8f:f5:1c:59:65:c5:eb:80:f1:0a:65:1a:ed:49:99:
                    34:0c:e0:a7:cd:a4:c0:4c:4e:9b:ee:c9:f5:94:32:
                    15:bd:54:4d:0a:b3:5b:f3:50:54:59:12:7e:85:0f:
                    b6:10:ae:c0:97:02:64:cf:c5:02:6b:14:f1:37:0c:
                    9b:36:d1:28:91:33:88:7b:6d:36:ca:8f:26:17:09:
                    5e:d5:6f:97:0c:6b:d0:48:c1:f5:5d:7b:34:79:1e:
                    1a:23:1c:e4:ab:3a:c4:d6:44:39:58:29:58:8a:37:
                    ad:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:F6:34:CF:16:08:28:FE:2E:4A:61:8F:66:2A:13:43:58:30:A2:37
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:1b:37:b1:1f:03:f3:30:76:b7:1a:65:c6:5e:c4:ec:14:94:
         13:22:6e:7d:fb:fd:bb:21:05:85:ac:2f:b2:35:53:7c:b6:96:
         4b:81:07:a5:76:b5:f4:8b:e3:44:03:fc:38:dd:36:16:0c:e3:
         1c:a0:c0:9c:d3:2d:57:79:e2:09:4f:17:6a:50:05:ff:19:73:
         ce:73:4b:0b:8c:79:1c:95:84:7c:ca:b2:1d:09:53:8d:e3:e5:
         18:4f:be:9c:1e:35:9a:3d:15:57:17:d4:26:a4:9e:68:54:ba:
         94:60:26:9b:9c:9b:2e:a8:f2:8f:5e:2d:97:46:a2:09:0e:7d:
         94:93:a0:93:54:c6:99:26:ac:ef:85:4d:96:1f:d1:f6:00:13:
         e1:84:f6:94:6b:df:13:eb:6f:5b:09:05:cc:7c:19:94:c2:9d:
         2d:c9:6c:56:b8:9f:3c:a6:b7:fa:12:75:b8:9b:09:36:ff:ba:
         df:fc:08:87:02:5c:8d:1a:11:1e:80:39:88:97:88:59:2a:92:
         40:11:2a:b0:87:df:c8:a8:5d:db:17:86:93:a2:0b:a6:59:a2:
         20:23:bc:69:43:37:0b:bd:24:a3:3a:64:ee:14:0c:37:8c:b3:
         31:63:db:22:83:e5:97:13:31:0d:7a:ad:10:19:2e:09:a0:c7:
         21:c5:92:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA5htL/OylO6hCn6qoJkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjYwMzI1MjIwMDQwWhcNMjYwMzI2MjIwMDQwWjAzMTEwLwYDVQQD
EygwZWY2MzRjZjE2MDgyOGZlMmU0YTYxOGY2NjJhMTM0MzU4MzBhMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhq1BokdhIjqBy4QFWDh2tW7ihCO
l2MxtTDMtTo9/9rVfvcH+/hN6U2dLSCyJ+qqz07TdyikBAUTtpyxBZMcLfa4ZT4k
9OYSmrP5RGRpK3CywAWhz6TtbTOagH6HyOgZfUaB5py/gjrBKdIs9DwC24qSmUVw
lftLU9MeCq+zcUoOJch127C//38Qfs0YTTPPbloNR32P9RxZZcXrgPEKZRrtSZk0
DOCnzaTATE6b7sn1lDIVvVRNCrNb81BUWRJ+hQ+2EK7AlwJkz8UCaxTxNwybNtEo
kTOIe202yo8mFwle1W+XDGvQSMH1XXs0eR4aIxzkqzrE1kQ5WClYijetZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA72NM8WCCj+Lkphj2YqE0NYMKI3MB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMRs3sR8D
8zB2txplxl7E7BSUEyJuffv9uyEFhawvsjVTfLaWS4EHpXa19IvjRAP8ON02Fgzj
HKDAnNMtV3niCU8XalAF/xlzznNLC4x5HJWEfMqyHQlTjePlGE++nB41mj0VVxfU
JqSeaFS6lGAmm5ybLqjyj14tl0aiCQ59lJOgk1TGmSas74VNlh/R9gAT4YT2lGvf
E+tvWwkFzHwZlMKdLclsVrifPKa3+hJ1uJsJNv+63/wIhwJcjRoRHoA5iJeIWSqS
QBEqsIffyKhd2xeGk6ILplmiICO8aUM3C70kozpk7hQMN4yzMWPbIoPllxMxDXqt
EBkuCaDHIcWSbw==
-----END CERTIFICATE-----