Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          olmLlhj70lMHARhWUwbCHc+5Npw22LclDf/ZmDx2xDY=
Subject key identifier:   67:36:93:04:0F:81:28:5A:D1:1C:91:BC:B5:C0:DC:5F:7C:3C:76:62
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       019D322BC727E2E54C1B2F44715F050EF502
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          0465
Signing time:             Sat 28 Mar 2026 02:00:22 +0000
Manifest this update:     Sat 28 Mar 2026 02:00:22 +0000
Manifest next update:     Sun 29 Mar 2026 02:00:22 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: +hYGBZKIPSpqi1XYhvB9cx/sc4r/mZOd2OmPqDjEpMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:2b:c7:27:e2:e5:4c:1b:2f:44:71:5f:05:0e:f5:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Mar 28 02:00:22 2026 GMT
            Not After : Mar 29 02:00:22 2026 GMT
        Subject: CN=673693040f81285ad11c91bcb5c0dc5f7c3c7662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:5b:e3:43:0a:a5:3c:4c:ca:40:04:fc:8e:b2:
                    ca:b3:ee:cb:dd:1e:9f:5c:f7:2c:96:49:21:6e:cb:
                    0b:b8:50:6f:8d:b4:64:ae:36:37:14:0c:71:74:bd:
                    5a:a5:b8:67:32:9f:fc:0c:94:39:d2:99:75:82:eb:
                    55:3f:c3:84:4d:05:1d:33:f3:a6:b0:b3:6c:27:c4:
                    25:53:ba:99:97:0b:a9:a2:1f:6c:43:48:63:ac:fc:
                    79:d6:6a:62:bc:ff:59:ee:90:be:64:f3:72:ff:57:
                    20:d8:f4:b4:ed:ae:a8:25:e7:98:02:23:c5:f7:66:
                    b7:e8:58:74:ce:4f:fd:cf:68:c5:8c:ca:50:95:29:
                    65:eb:66:50:d4:06:f5:df:5d:95:43:78:4a:6d:71:
                    4a:08:74:34:bc:c2:0f:24:10:89:18:1e:a6:f4:74:
                    73:40:8a:e8:f0:34:14:2a:c4:a3:9e:98:c9:e0:3d:
                    85:df:58:5f:3d:20:82:f0:fa:74:95:b9:42:0d:62:
                    70:ff:b3:c4:9f:c9:a5:4f:88:91:4a:5c:81:6a:61:
                    2e:bc:01:a6:9c:bd:d3:62:51:d9:1b:4a:94:dd:35:
                    e7:b8:29:43:25:e4:7e:79:88:a8:da:ec:fa:86:9a:
                    a9:83:0e:51:c8:07:56:63:df:39:6d:8a:c3:c6:48:
                    4c:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:36:93:04:0F:81:28:5A:D1:1C:91:BC:B5:C0:DC:5F:7C:3C:76:62
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:2e:95:17:40:50:ae:56:ed:d0:b0:41:84:6e:60:ca:db:d3:
         4c:07:47:9a:3e:0b:fd:34:88:30:6e:d3:5c:5d:d5:71:48:d1:
         5a:01:eb:f5:78:55:4e:2b:04:98:a4:03:3b:7c:f4:0b:f2:49:
         4b:43:d7:00:21:37:cc:8c:f5:10:29:41:56:2a:bf:6c:95:f0:
         c5:ca:13:cf:e6:c5:92:45:90:13:cf:f8:97:54:81:e9:30:fa:
         1a:e2:f4:14:ef:1d:57:41:fb:a2:06:59:fe:7d:a5:89:d5:86:
         fa:f0:22:f7:8e:3a:73:77:ef:47:71:8e:60:31:05:fc:c4:57:
         01:33:22:22:23:e5:71:65:8f:ed:48:11:50:d0:9a:ce:22:06:
         6a:13:a9:88:50:97:92:0d:be:89:0b:49:7f:f9:2e:64:61:b1:
         bd:48:d5:71:92:8d:c7:85:3c:0d:2c:15:2e:98:b3:3e:e8:e0:
         77:37:77:30:27:95:a4:cc:af:81:f0:73:74:e4:d3:43:fc:c0:
         74:bd:c4:11:46:bf:a7:68:62:9f:c5:07:a6:43:94:c5:b0:cc:
         0b:1c:ce:90:21:d2:1b:1c:c9:5f:7e:af:fb:d4:6f:66:d5:7f:
         7f:d3:3e:9f:ae:81:32:af:ac:79:bb:90:2c:0f:33:91:bd:b5:
         aa:5d:ef:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yK8cn4uVMGy9EcV8FDvUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjYwMzI4MDIwMDIyWhcNMjYwMzI5MDIwMDIyWjAzMTEwLwYDVQQD
Eyg2NzM2OTMwNDBmODEyODVhZDExYzkxYmNiNWMwZGM1ZjdjM2M3NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FvjQwqlPEzKQAT8jrLKs+7L3R6f
XPcslkkhbssLuFBvjbRkrjY3FAxxdL1apbhnMp/8DJQ50pl1gutVP8OETQUdM/Om
sLNsJ8QlU7qZlwupoh9sQ0hjrPx51mpivP9Z7pC+ZPNy/1cg2PS07a6oJeeYAiPF
92a36Fh0zk/9z2jFjMpQlSll62ZQ1Ab1312VQ3hKbXFKCHQ0vMIPJBCJGB6m9HRz
QIro8DQUKsSjnpjJ4D2F31hfPSCC8Pp0lblCDWJw/7PEn8mlT4iRSlyBamEuvAGm
nL3TYlHZG0qU3TXnuClDJeR+eYio2uz6hpqpgw5RyAdWY985bYrDxkhM4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGc2kwQPgSha0RyRvLXA3F98PHZiMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdi6VF0BQ
rlbt0LBBhG5gytvTTAdHmj4L/TSIMG7TXF3VcUjRWgHr9XhVTisEmKQDO3z0C/JJ
S0PXACE3zIz1EClBViq/bJXwxcoTz+bFkkWQE8/4l1SB6TD6GuL0FO8dV0H7ogZZ
/n2lidWG+vAi9446c3fvR3GOYDEF/MRXATMiIiPlcWWP7UgRUNCaziIGahOpiFCX
kg2+iQtJf/kuZGGxvUjVcZKNx4U8DSwVLpizPujgdzd3MCeVpMyvgfBzdOTTQ/zA
dL3EEUa/p2hin8UHpkOUxbDMCxzOkCHSGxzJX36v+9RvZtV/f9M+n66BMq+sebuQ
LA8zkb21ql3vkQ==
-----END CERTIFICATE-----