Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          4jOc0n4jqMiP+yTLa2YK08wZJL6EEBCSkuwhJYT80ME=
Subject key identifier:   7A:0A:A9:25:05:B4:DD:01:C2:8D:0D:F3:45:4B:B1:D9:55:29:EF:D2
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019D25F0F70DE70ABC49FDD9C0A207E4CAE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 17:00:41 +0000
Manifest this update:     Wed 25 Mar 2026 17:00:41 +0000
Manifest next update:     Thu 26 Mar 2026 17:00:41 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: CXSN5tktiVQ7Icuh+xlw62Rw9Tn1rH+9fa/0lYHezjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f0:f7:0d:e7:0a:bc:49:fd:d9:c0:a2:07:e4:ca:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Mar 25 17:00:41 2026 GMT
            Not After : Mar 26 17:00:41 2026 GMT
        Subject: CN=7a0aa92505b4dd01c28d0df3454bb1d95529efd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d0:40:86:ed:48:62:31:bd:fe:b3:07:14:62:
                    fd:bb:21:f8:77:17:3f:23:b6:9c:d4:51:29:77:01:
                    4e:72:39:71:45:2a:5d:0d:e0:9b:d0:4b:9d:49:3f:
                    78:9e:18:73:cf:6f:fd:92:5d:31:55:f6:c4:63:79:
                    e2:ff:df:18:b0:e4:3a:d1:58:5b:00:d7:cc:4d:41:
                    10:d4:60:ab:00:42:b7:41:98:c0:f0:f4:ae:9a:ca:
                    c2:4c:5b:39:06:e6:d1:24:f4:9a:fd:29:e0:36:63:
                    81:fb:b9:88:c1:bf:ce:3b:e5:ab:a6:30:be:a4:c4:
                    61:6c:01:fa:c1:1f:ff:4c:be:b5:ae:34:90:c1:2b:
                    29:d4:0b:41:02:26:e6:26:8e:00:7e:98:c7:bc:5c:
                    84:ef:9d:4d:a2:a1:b0:12:bf:c4:49:e8:53:1a:98:
                    d7:76:f2:16:1a:88:ae:43:7d:a0:29:f3:cb:54:37:
                    7d:fa:c7:a7:b0:92:1f:73:ba:c6:55:9a:34:11:ad:
                    53:90:db:b3:f6:d9:06:8b:87:6a:80:37:31:49:10:
                    2d:e1:eb:cf:fa:e9:ab:f4:5d:96:8d:df:19:6b:3a:
                    38:b2:5e:67:5d:b7:54:b9:4c:93:4d:d5:bb:03:23:
                    22:f1:9d:96:6b:bc:66:15:4f:a7:4e:50:44:70:c5:
                    c9:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:0A:A9:25:05:B4:DD:01:C2:8D:0D:F3:45:4B:B1:D9:55:29:EF:D2
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:00:dd:6f:19:09:dd:1d:fc:3f:fb:be:30:b3:4a:e9:71:f8:
         b5:ac:75:24:e4:30:d0:13:46:54:ba:12:a9:da:4e:c2:a0:5a:
         5c:15:d2:ff:90:95:3b:6d:b2:6f:a5:81:8f:74:eb:b5:69:87:
         ee:e6:a3:eb:8f:06:43:56:19:fc:18:b3:65:51:fc:d1:45:7f:
         ca:4a:a1:56:14:27:fe:8d:e6:f0:70:70:dc:ef:d6:f6:d1:dc:
         d6:00:c9:1e:03:22:e9:4e:95:d9:75:a4:f1:10:0e:71:86:04:
         9e:5b:d1:b7:d7:1c:dc:81:67:3f:d8:40:02:c8:51:a6:b0:80:
         22:58:b3:0f:6a:b4:ac:7a:1c:42:70:c6:d7:d7:03:14:f2:1a:
         b4:21:d6:7d:64:3b:71:ec:18:98:c8:77:ca:cf:0f:59:09:1f:
         8d:5b:a2:d1:c7:09:ed:bd:0e:b1:bd:22:f2:86:80:d0:57:99:
         b4:b5:d4:d0:c9:95:7c:93:0a:c8:f1:c9:e3:36:78:40:52:70:
         8b:9f:4e:0e:3b:e2:00:3b:1d:fb:01:0e:d4:d9:3f:f3:e8:4e:
         23:36:ee:f0:70:0f:5d:72:56:38:fd:f4:33:5d:19:34:cc:81:
         ad:03:eb:9d:a9:b6:97:d8:1b:fb:2e:0e:31:b6:77:81:4a:c4:
         e1:5a:f3:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8PcN5wq8Sf3ZwKIH5MrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjYwMzI1MTcwMDQxWhcNMjYwMzI2MTcwMDQxWjAzMTEwLwYDVQQD
Eyg3YTBhYTkyNTA1YjRkZDAxYzI4ZDBkZjM0NTRiYjFkOTU1MjllZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNBAhu1IYjG9/rMHFGL9uyH4dxc/
I7ac1FEpdwFOcjlxRSpdDeCb0EudST94nhhzz2/9kl0xVfbEY3ni/98YsOQ60Vhb
ANfMTUEQ1GCrAEK3QZjA8PSumsrCTFs5BubRJPSa/SngNmOB+7mIwb/OO+WrpjC+
pMRhbAH6wR//TL61rjSQwSsp1AtBAibmJo4AfpjHvFyE751NoqGwEr/ESehTGpjX
dvIWGoiuQ32gKfPLVDd9+sensJIfc7rGVZo0Ea1TkNuz9tkGi4dqgDcxSRAt4evP
+umr9F2Wjd8Zazo4sl5nXbdUuUyTTdW7AyMi8Z2Wa7xmFU+nTlBEcMXJgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHoKqSUFtN0Bwo0N80VLsdlVKe/SMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhADdbxkJ
3R38P/u+MLNK6XH4tax1JOQw0BNGVLoSqdpOwqBaXBXS/5CVO22yb6WBj3TrtWmH
7uaj648GQ1YZ/BizZVH80UV/ykqhVhQn/o3m8HBw3O/W9tHc1gDJHgMi6U6V2XWk
8RAOcYYEnlvRt9cc3IFnP9hAAshRprCAIlizD2q0rHocQnDG19cDFPIatCHWfWQ7
cewYmMh3ys8PWQkfjVui0ccJ7b0Osb0i8oaA0FeZtLXU0MmVfJMKyPHJ4zZ4QFJw
i59ODjviADsd+wEO1Nk/8+hOIzbu8HAPXXJWOP30M10ZNMyBrQPrnam2l9gb+y4O
MbZ3gUrE4VrziQ==
-----END CERTIFICATE-----