Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          rlQLVwKYkYTUNi3Fox9A/6VnXYQI2d4pE2DRsHgepAY=
Subject key identifier:   DA:23:C5:6F:B6:C3:EB:23:64:C2:2E:A0:B9:4C:AC:DB:88:CD:2E:54
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       019D284DB060904B4567F7A4ED1A95D709CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0C97
Signing time:             Thu 26 Mar 2026 04:01:13 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:13 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:13 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: huc8bxG2yu38EgrPiXHdAmexxFmhVaxGjE9SObAuHH4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:b0:60:90:4b:45:67:f7:a4:ed:1a:95:d7:09:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Mar 26 04:01:13 2026 GMT
            Not After : Mar 27 04:01:13 2026 GMT
        Subject: CN=da23c56fb6c3eb2364c22ea0b94cacdb88cd2e54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:de:e6:6b:f0:56:32:97:a1:5a:93:c1:d5:c4:
                    69:de:8c:b5:68:2d:ff:1b:9b:7f:40:5b:66:0e:05:
                    bf:11:a5:c6:d5:62:ea:b0:e6:e1:3a:f9:c2:e6:9f:
                    0c:71:41:61:bd:5b:06:4d:18:4c:a3:9e:fb:7d:b7:
                    be:8a:58:44:b4:c6:d2:cd:b2:8c:08:49:07:17:92:
                    c5:2e:bf:1d:6c:e2:9d:ba:fe:9f:e8:ab:f7:50:99:
                    5e:f6:7e:64:14:53:a3:16:2c:10:f0:fd:73:8e:9e:
                    88:0d:30:1d:25:c5:21:18:a0:7d:27:cb:4f:a4:e5:
                    75:78:57:2d:e1:92:d2:a3:23:59:1e:d3:e8:ac:41:
                    78:2b:40:50:af:8a:93:47:4e:f8:d0:54:2b:b1:93:
                    9d:25:45:99:4d:36:e6:21:7a:36:2b:17:b2:f2:df:
                    f1:50:8d:8c:c0:8a:61:c4:4e:aa:77:7f:45:53:3e:
                    2a:89:45:6e:31:3e:d4:cc:93:3f:d0:fc:57:27:0c:
                    b6:5c:88:9e:86:e7:40:3b:37:06:10:2e:51:98:30:
                    2a:83:b5:82:08:75:89:1e:52:4e:f3:2d:3c:5a:9f:
                    9d:9e:90:1a:cc:34:f9:05:44:ad:f2:9f:26:83:2a:
                    12:46:06:42:35:13:b4:88:27:6a:06:f2:d2:79:66:
                    19:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:23:C5:6F:B6:C3:EB:23:64:C2:2E:A0:B9:4C:AC:DB:88:CD:2E:54
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:07:8e:c1:8a:23:47:d5:f6:2f:6f:c6:58:78:ee:dd:df:dd:
         b0:df:72:51:3e:51:f5:55:85:62:99:51:e9:37:07:04:a8:5c:
         04:72:ad:b9:0a:8c:0b:3e:45:1f:33:4d:d1:a1:ea:f1:82:a2:
         51:8a:a8:6c:08:e4:05:ce:29:a6:2b:cc:7f:bc:14:07:3c:6b:
         70:10:6f:84:0a:de:d8:10:92:5c:28:b5:1a:5b:a6:34:c0:08:
         9e:23:b2:53:ea:fe:0b:0e:36:bf:ed:85:fb:16:b8:60:d1:7f:
         49:88:c0:75:eb:e8:37:75:0b:c8:b4:27:9e:ab:0c:ae:fd:d2:
         af:4f:3d:34:5a:84:e5:72:03:3b:5e:a4:de:cd:a2:6b:c0:79:
         48:fd:bc:c9:c5:cb:49:e1:4d:09:cf:6c:02:c8:94:7b:02:86:
         e4:72:4e:29:73:06:6c:4d:c4:bd:6a:9f:82:88:9b:13:85:0a:
         62:73:d3:1b:d8:76:fb:e5:6a:f2:96:df:12:9f:87:a5:5f:d7:
         57:2c:d6:7a:cc:18:a5:80:39:68:1f:11:f8:b2:c6:f6:98:3c:
         23:12:f7:64:6a:33:f6:4f:8f:dd:c4:61:e6:c2:44:d0:c2:5c:
         51:0d:38:a4:f0:73:14:6e:f9:cb:98:b8:9b:71:a1:38:7b:77:
         cc:89:e1:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTbBgkEtFZ/ek7RqV1wnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjYwMzI2MDQwMTEzWhcNMjYwMzI3MDQwMTEzWjAzMTEwLwYDVQQD
EyhkYTIzYzU2ZmI2YzNlYjIzNjRjMjJlYTBiOTRjYWNkYjg4Y2QyZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu97ma/BWMpehWpPB1cRp3oy1aC3/
G5t/QFtmDgW/EaXG1WLqsObhOvnC5p8McUFhvVsGTRhMo577fbe+ilhEtMbSzbKM
CEkHF5LFLr8dbOKduv6f6Kv3UJle9n5kFFOjFiwQ8P1zjp6IDTAdJcUhGKB9J8tP
pOV1eFct4ZLSoyNZHtPorEF4K0BQr4qTR0740FQrsZOdJUWZTTbmIXo2Kxey8t/x
UI2MwIphxE6qd39FUz4qiUVuMT7UzJM/0PxXJwy2XIiehudAOzcGEC5RmDAqg7WC
CHWJHlJO8y08Wp+dnpAazDT5BUSt8p8mgyoSRgZCNRO0iCdqBvLSeWYZLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNojxW+2w+sjZMIuoLlMrNuIzS5UMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiweOwYoj
R9X2L2/GWHju3d/dsN9yUT5R9VWFYplR6TcHBKhcBHKtuQqMCz5FHzNN0aHq8YKi
UYqobAjkBc4ppivMf7wUBzxrcBBvhAre2BCSXCi1GlumNMAIniOyU+r+Cw42v+2F
+xa4YNF/SYjAdevoN3ULyLQnnqsMrv3Sr089NFqE5XIDO16k3s2ia8B5SP28ycXL
SeFNCc9sAsiUewKG5HJOKXMGbE3EvWqfgoibE4UKYnPTG9h2++Vq8pbfEp+HpV/X
VyzWeswYpYA5aB8R+LLG9pg8IxL3ZGoz9k+P3cRh5sJE0MJcUQ04pPBzFG75y5i4
m3GhOHt3zInhMw==
-----END CERTIFICATE-----