Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          nHAKlR4CNm4ystR5E5fHdbzbW8O9rXYabgrng68qhQM=
Subject key identifier:   19:3F:22:CA:93:4F:93:C2:3E:1B:1B:F9:1D:48:6D:AF:06:E2:30:AC
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       019D29611BDABDE2241581ED9BC7A204CA61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          0BB7
Signing time:             Thu 26 Mar 2026 09:02:03 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:03 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:03 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: PN6QyO/06ZdIACn5EBNztaHwoicHnZzlsD4bpCr4fq8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:1b:da:bd:e2:24:15:81:ed:9b:c7:a2:04:ca:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Mar 26 09:02:03 2026 GMT
            Not After : Mar 27 09:02:03 2026 GMT
        Subject: CN=193f22ca934f93c23e1b1bf91d486daf06e230ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:91:e5:de:32:a3:f6:e4:6c:b9:5d:09:3e:e3:
                    43:55:0b:38:73:df:90:3c:d9:20:c8:e3:72:5c:c5:
                    46:c7:e0:89:36:19:41:3c:42:80:af:26:4e:5d:38:
                    06:4f:f8:0b:a9:ec:e3:b8:b4:7d:62:50:ed:54:86:
                    00:6e:05:da:b7:b5:a1:cc:c2:f9:34:16:12:61:64:
                    ba:52:d0:46:4a:bf:c0:a9:77:f2:ee:cb:1c:83:b7:
                    b0:66:e8:f2:8d:fd:79:f4:07:eb:5a:5a:00:be:17:
                    35:9c:c2:ff:b6:ba:fc:29:61:73:1b:95:ca:2d:9d:
                    e4:6a:d7:2a:31:ab:15:ee:7a:65:46:cd:38:a5:67:
                    33:e9:c0:65:98:52:6b:ad:3b:fc:13:58:73:07:1d:
                    e9:b9:41:69:66:03:02:47:46:0d:c4:19:bc:34:26:
                    12:57:61:bc:21:3b:71:99:43:31:68:90:79:d8:47:
                    03:87:77:0b:f3:fd:7a:fd:c7:a9:60:cd:7e:79:fc:
                    58:1d:7d:8a:eb:9a:39:eb:0a:07:bd:0e:0c:10:f7:
                    a1:5a:92:b2:1f:74:1b:21:49:2a:66:f5:32:23:12:
                    2e:6c:39:da:67:2a:03:c6:6b:eb:7c:fd:58:c6:45:
                    ae:9e:c0:f6:1e:38:44:cf:6f:4a:47:2b:fc:a5:40:
                    f8:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:3F:22:CA:93:4F:93:C2:3E:1B:1B:F9:1D:48:6D:AF:06:E2:30:AC
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:2f:3c:0b:dc:62:33:7d:82:69:7f:97:ff:68:6d:f4:4b:ad:
         d0:d6:46:42:49:a7:69:5c:f2:7c:ac:46:4c:ee:bf:61:97:b5:
         18:7e:9c:74:2f:8f:f4:33:24:5c:18:66:b4:da:3f:5c:ee:f1:
         4c:89:20:7c:38:17:61:74:1a:e6:b3:3c:89:4a:f8:88:2f:8f:
         67:68:66:48:1e:c3:62:5e:d7:ae:fa:d2:bc:50:01:f6:82:2f:
         00:4d:9d:27:6e:a3:3c:16:b6:7e:97:ca:a1:ea:64:13:67:6f:
         74:ba:32:6b:50:f1:a9:17:7a:20:36:a2:08:4f:85:d7:8c:b0:
         5a:e7:55:86:25:3b:d3:10:43:0a:eb:9b:63:da:be:56:e5:a5:
         a1:b2:19:ac:6b:dd:4c:29:63:ba:5e:7e:dd:1d:9d:1f:e9:ac:
         c0:7e:88:87:08:7c:15:4d:89:4a:87:b5:75:13:1d:a5:b0:73:
         aa:83:ce:c6:63:5e:47:30:c5:7b:e5:0c:d7:3e:93:5e:78:60:
         6d:68:e8:27:25:83:c3:e1:f9:f1:ee:46:38:cf:44:4d:9f:a6:
         a4:83:3b:e8:0b:e8:1b:d6:ae:98:f3:0a:1b:bc:44:6e:f5:a1:
         b6:d8:48:e6:c1:4a:4c:ee:70:07:71:0b:9a:76:44:a5:dc:fe:
         47:5c:90:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYRvaveIkFYHtm8eiBMphMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjYwMzI2MDkwMjAzWhcNMjYwMzI3MDkwMjAzWjAzMTEwLwYDVQQD
EygxOTNmMjJjYTkzNGY5M2MyM2UxYjFiZjkxZDQ4NmRhZjA2ZTIzMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JHl3jKj9uRsuV0JPuNDVQs4c9+Q
PNkgyONyXMVGx+CJNhlBPEKAryZOXTgGT/gLqezjuLR9YlDtVIYAbgXat7WhzML5
NBYSYWS6UtBGSr/AqXfy7sscg7ewZujyjf159AfrWloAvhc1nML/trr8KWFzG5XK
LZ3katcqMasV7nplRs04pWcz6cBlmFJrrTv8E1hzBx3puUFpZgMCR0YNxBm8NCYS
V2G8ITtxmUMxaJB52EcDh3cL8/16/cepYM1+efxYHX2K65o56woHvQ4MEPehWpKy
H3QbIUkqZvUyIxIubDnaZyoDxmvrfP1YxkWunsD2HjhEz29KRyv8pUD4iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBk/IsqTT5PCPhsb+R1Iba8G4jCsMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAES88C9xi
M32CaX+X/2ht9Eut0NZGQkmnaVzyfKxGTO6/YZe1GH6cdC+P9DMkXBhmtNo/XO7x
TIkgfDgXYXQa5rM8iUr4iC+PZ2hmSB7DYl7XrvrSvFAB9oIvAE2dJ26jPBa2fpfK
oepkE2dvdLoya1DxqRd6IDaiCE+F14ywWudVhiU70xBDCuubY9q+VuWlobIZrGvd
TCljul5+3R2dH+mswH6Ihwh8FU2JSoe1dRMdpbBzqoPOxmNeRzDFe+UM1z6TXnhg
bWjoJyWDw+H58e5GOM9ETZ+mpIM76AvoG9aumPMKG7xEbvWhtthI5sFKTO5wB3EL
mnZEpdz+R1yQKA==
-----END CERTIFICATE-----