Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft
File:                     orO6gtodtcGUN6wzeDhG8vK_9GI.mft (raw, json)
Hash identifier:          LtDLswD+8LIZmsxmHS0P8Zzd/sZ0cLRQhADwj8bxSus=
Subject key identifier:   77:BA:E3:C6:D5:E4:60:F7:02:26:40:EF:75:89:D9:04:6B:09:60:EE
Authority key identifier: A2:B3:BA:82:DA:1D:B5:C1:94:37:AC:33:78:38:46:F2:F2:BF:F4:62
Certificate issuer:       /CN=a2b3ba82da1db5c19437ac33783846f2f2bff462
Certificate serial:       019D2703DD74E9BA5526CED8CB3340BFDA08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft
Manifest number:          0626
Signing time:             Wed 25 Mar 2026 22:00:57 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:57 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:57 +0000
Files and hashes:         1: orO6gtodtcGUN6wzeDhG8vK_9GI.crl (hash: KDRVmNcZtPpfi9MVDe2L50vc8O1CgDfE6+ko7E3tqSQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:dd:74:e9:ba:55:26:ce:d8:cb:33:40:bf:da:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b3ba82da1db5c19437ac33783846f2f2bff462
        Validity
            Not Before: Mar 25 22:00:57 2026 GMT
            Not After : Mar 26 22:00:57 2026 GMT
        Subject: CN=77bae3c6d5e460f7022640ef7589d9046b0960ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:52:ab:0a:20:f8:5b:4b:51:73:13:f3:c3:56:
                    82:4a:ad:e4:dd:69:49:16:3d:e9:0b:fa:e8:7e:31:
                    dd:98:4c:ea:ec:d4:bd:a0:ef:ea:90:5f:7c:fb:ca:
                    4a:04:a0:cc:7c:49:93:9b:55:d3:c7:f4:a8:ab:8e:
                    2a:49:0e:4e:96:8d:91:89:b6:99:a2:8c:7d:87:ce:
                    47:4c:4f:75:f1:36:be:01:ee:a2:40:0a:67:2d:e1:
                    56:dc:0b:fc:d5:ff:1d:59:60:06:bd:3a:1f:45:a9:
                    36:1e:ff:a0:c1:b3:29:55:95:d5:03:ee:23:b8:40:
                    37:ac:f3:14:87:32:16:b3:db:87:64:d6:2d:0b:68:
                    77:b9:6a:26:80:68:c0:f2:8e:22:13:64:2c:14:94:
                    aa:89:fc:05:75:1d:8f:75:dd:a9:f9:24:50:f3:2f:
                    7e:20:cf:29:ad:03:18:27:ac:3a:1e:29:8b:33:f6:
                    b7:f9:17:12:54:6e:fe:f6:49:1c:a4:46:71:4d:cc:
                    3c:e1:e0:d7:d5:c6:f8:ad:2f:fc:c8:62:ee:d3:9b:
                    c7:dc:75:17:b5:9e:96:04:a6:43:12:86:60:de:d9:
                    3d:60:f7:23:37:c0:16:d9:31:ec:30:50:55:00:dd:
                    5d:cf:ea:e7:67:39:4e:d8:64:7a:70:a6:61:c2:0b:
                    ab:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:BA:E3:C6:D5:E4:60:F7:02:26:40:EF:75:89:D9:04:6B:09:60:EE
            X509v3 Authority Key Identifier:
                keyid:A2:B3:BA:82:DA:1D:B5:C1:94:37:AC:33:78:38:46:F2:F2:BF:F4:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orO6gtodtcGUN6wzeDhG8vK_9GI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/44981c-96f8-4866-b7fe-f898d204eb4e/1/orO6gtodtcGUN6wzeDhG8vK_9GI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:53:a1:d1:3c:a0:cc:bc:cb:90:0c:bf:43:2c:02:1e:b7:1c:
         9f:d5:9b:58:ce:38:b2:38:84:2c:c8:93:c6:03:60:dc:14:18:
         81:1d:dc:7b:7d:db:5f:9a:84:c8:d9:90:0d:3a:d8:7f:0d:40:
         cd:18:6b:f8:77:a7:72:b8:08:66:ea:49:a5:d5:e9:2e:fe:4e:
         49:f5:2d:dd:8b:77:c7:f5:27:00:a3:21:e2:a4:2b:dc:65:df:
         56:fb:62:24:de:68:18:61:7f:1d:81:f6:a5:f0:25:26:c6:65:
         e7:da:c4:a1:46:8f:e5:ae:ab:ce:b4:32:d7:ab:e0:5a:5e:d4:
         5c:bc:f1:ed:4c:6d:74:67:d3:1e:15:ee:e8:6d:53:58:d6:93:
         4d:0e:e4:09:8a:b1:31:69:97:b9:44:c7:0c:92:12:aa:77:7b:
         c2:6e:c2:b6:5d:3d:24:79:93:8b:a7:3a:51:a2:69:2e:cf:68:
         7c:2e:df:ef:be:c9:8e:74:cc:6c:8e:5d:64:6e:75:06:3e:10:
         1e:d0:26:ff:a5:f2:06:b9:8b:f0:ee:58:d3:0c:81:e0:33:24:
         20:dd:a4:41:a7:78:04:00:ce:38:62:41:4d:50:36:da:0c:06:
         eb:4d:3f:89:8f:4f:2e:26:0e:59:01:db:1b:bb:80:6e:08:8c:
         c5:cf:7e:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9106bpVJs7YyzNAv9oIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjNiYTgyZGExZGI1YzE5NDM3YWMzMzc4Mzg0NmYyZjJi
ZmY0NjIwHhcNMjYwMzI1MjIwMDU3WhcNMjYwMzI2MjIwMDU3WjAzMTEwLwYDVQQD
Eyg3N2JhZTNjNmQ1ZTQ2MGY3MDIyNjQwZWY3NTg5ZDkwNDZiMDk2MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVKrCiD4W0tRcxPzw1aCSq3k3WlJ
Fj3pC/rofjHdmEzq7NS9oO/qkF98+8pKBKDMfEmTm1XTx/Soq44qSQ5Olo2RibaZ
oox9h85HTE918Ta+Ae6iQApnLeFW3Av81f8dWWAGvTofRak2Hv+gwbMpVZXVA+4j
uEA3rPMUhzIWs9uHZNYtC2h3uWomgGjA8o4iE2QsFJSqifwFdR2Pdd2p+SRQ8y9+
IM8prQMYJ6w6HimLM/a3+RcSVG7+9kkcpEZxTcw84eDX1cb4rS/8yGLu05vH3HUX
tZ6WBKZDEoZg3tk9YPcjN8AW2THsMFBVAN1dz+rnZzlO2GR6cKZhwgurHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHe648bV5GD3AiZA73WJ2QRrCWDuMB8GA1UdIwQY
MBaAFKKzuoLaHbXBlDesM3g4RvLyv/RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80NDk4MWMtOTZmOC00ODY2LWI3ZmUt
Zjg5OGQyMDRlYjRlLzEvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80NDk4MWMtOTZmOC00ODY2LWI3ZmUtZjg5OGQyMDRlYjRl
LzEvb3JPNmd0b2R0Y0dVTjZ3emVEaEc4dktfOUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABVOh0Tyg
zLzLkAy/QywCHrccn9WbWM44sjiELMiTxgNg3BQYgR3ce33bX5qEyNmQDTrYfw1A
zRhr+HencrgIZupJpdXpLv5OSfUt3Yt3x/UnAKMh4qQr3GXfVvtiJN5oGGF/HYH2
pfAlJsZl59rEoUaP5a6rzrQy16vgWl7UXLzx7UxtdGfTHhXu6G1TWNaTTQ7kCYqx
MWmXuUTHDJISqnd7wm7Ctl09JHmTi6c6UaJpLs9ofC7f777JjnTMbI5dZG51Bj4Q
HtAm/6XyBrmL8O5Y0wyB4DMkIN2kQad4BADOOGJBTVA22gwG600/iY9PLiYOWQHb
G7uAbgiMxc9++g==
-----END CERTIFICATE-----