Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          JuSCqTzpsejSLQ2zn1WW5JZ3H6oO86SzwtZBf88Xs1I=
Subject key identifier:   16:2D:6E:69:84:DE:8D:05:2F:01:00:E5:08:A6:24:C8:94:40:E8:C2
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       019D29CE0F7F69EFFBAFD3AAC2976ED3569D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          1670
Signing time:             Thu 26 Mar 2026 11:01:03 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:03 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:03 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: 8ZYvksMCqIwZWHYLwIteMX5K+DIt2txyO+AKrC/tdHc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:0f:7f:69:ef:fb:af:d3:aa:c2:97:6e:d3:56:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Mar 26 11:01:03 2026 GMT
            Not After : Mar 27 11:01:03 2026 GMT
        Subject: CN=162d6e6984de8d052f0100e508a624c89440e8c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0e:ad:d9:0c:9e:3b:cd:e3:16:4c:57:aa:c8:
                    16:af:5f:6a:f6:db:53:df:6c:00:02:6a:5a:c1:1a:
                    18:e4:84:96:d6:73:ad:83:3a:91:1a:82:d1:80:db:
                    0a:3f:ee:0c:d7:06:d4:8e:90:c8:c8:b6:6f:00:55:
                    ec:48:a7:2e:3c:b8:a3:a9:5c:a4:0d:33:ad:aa:cd:
                    04:c0:03:10:6f:33:e1:e5:cf:21:d0:18:48:40:85:
                    54:e6:19:88:a8:94:80:6e:6a:bf:b5:a4:25:2f:65:
                    78:f8:21:aa:d6:0c:fa:2b:47:bc:af:ee:c0:54:85:
                    73:83:f6:6e:3e:22:28:50:7e:ea:39:ea:7e:8a:00:
                    c5:20:34:79:4b:14:53:9f:96:6d:87:ba:19:c7:d4:
                    55:17:8f:66:6b:bd:0f:40:c1:e3:57:27:03:69:9c:
                    59:43:57:d5:5f:37:95:d0:d6:02:94:24:8c:b7:ff:
                    08:6d:f1:55:f2:81:f4:f2:61:73:bb:d8:45:2a:ca:
                    73:bf:ed:22:a0:89:a4:e5:0b:db:9d:db:09:df:0b:
                    b9:d8:70:00:df:39:20:d5:2f:fc:44:b1:5c:1d:62:
                    eb:a4:a7:fe:b8:69:7f:da:7c:fd:e7:4d:61:af:87:
                    7e:44:37:92:59:02:2a:41:a1:00:3a:49:7c:af:53:
                    c3:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:2D:6E:69:84:DE:8D:05:2F:01:00:E5:08:A6:24:C8:94:40:E8:C2
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:fb:c9:21:c2:e0:f5:a6:9d:d4:a3:79:3c:22:cd:5f:7c:3c:
         61:62:cd:ef:b3:6a:17:3b:a3:03:41:81:11:5e:01:8f:f8:a6:
         3d:4d:28:a6:26:d6:7a:78:aa:16:63:56:f4:6d:ab:e0:29:f9:
         d3:00:f5:e5:58:58:10:73:74:30:10:28:f4:b1:c9:00:01:87:
         1a:90:3c:fa:a6:75:9e:04:9f:1e:35:71:a0:ce:5e:55:1a:ca:
         21:11:57:e4:ba:33:fd:5a:69:ec:93:df:6f:ab:1a:0e:9b:93:
         38:cb:fa:9a:58:2c:15:cb:53:5d:4c:e0:8b:db:28:26:bb:27:
         54:a1:e9:2f:d6:24:58:bd:3d:1c:d7:fb:f4:d1:1a:6b:a6:3c:
         a7:ba:3a:81:9a:5a:00:9d:3f:f8:04:b5:5d:96:93:86:ca:96:
         5e:4e:95:88:73:75:e1:19:87:4b:c5:3b:5f:f9:55:47:11:e4:
         a9:27:82:a6:e0:ae:1e:64:7e:e3:7e:f0:c4:e4:2b:d3:5d:cb:
         9d:2b:35:42:2e:9c:fe:39:1d:87:41:9b:96:be:18:1e:21:aa:
         a6:77:b0:1e:da:3a:05:49:0a:9b:25:34:b8:69:6d:2b:1b:a6:
         0a:94:5b:6e:cd:0a:0f:b8:85:c8:f6:28:c1:aa:38:1a:58:28:
         dc:2d:73:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pzg9/ae/7r9Oqwpdu01adMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjYwMzI2MTEwMTAzWhcNMjYwMzI3MTEwMTAzWjAzMTEwLwYDVQQD
EygxNjJkNmU2OTg0ZGU4ZDA1MmYwMTAwZTUwOGE2MjRjODk0NDBlOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw6t2QyeO83jFkxXqsgWr19q9ttT
32wAAmpawRoY5ISW1nOtgzqRGoLRgNsKP+4M1wbUjpDIyLZvAFXsSKcuPLijqVyk
DTOtqs0EwAMQbzPh5c8h0BhIQIVU5hmIqJSAbmq/taQlL2V4+CGq1gz6K0e8r+7A
VIVzg/ZuPiIoUH7qOep+igDFIDR5SxRTn5Zth7oZx9RVF49ma70PQMHjVycDaZxZ
Q1fVXzeV0NYClCSMt/8IbfFV8oH08mFzu9hFKspzv+0ioImk5QvbndsJ3wu52HAA
3zkg1S/8RLFcHWLrpKf+uGl/2nz9501hr4d+RDeSWQIqQaEAOkl8r1PDOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYtbmmE3o0FLwEA5QimJMiUQOjCMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATfvJIcLg
9aad1KN5PCLNX3w8YWLN77NqFzujA0GBEV4Bj/imPU0opibWeniqFmNW9G2r4Cn5
0wD15VhYEHN0MBAo9LHJAAGHGpA8+qZ1ngSfHjVxoM5eVRrKIRFX5Loz/Vpp7JPf
b6saDpuTOMv6mlgsFctTXUzgi9soJrsnVKHpL9YkWL09HNf79NEaa6Y8p7o6gZpa
AJ0/+AS1XZaThsqWXk6ViHN14RmHS8U7X/lVRxHkqSeCpuCuHmR+437wxOQr013L
nSs1Qi6c/jkdh0Gblr4YHiGqpnewHto6BUkKmyU0uGltKxumCpRbbs0KD7iFyPYo
wao4Glgo3C1zXA==
-----END CERTIFICATE-----