Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
File:                     ogqr6NvAhXg0PCW4xomHpevAOMk.mft (raw, json)
Hash identifier:          zDslh669l2fR9v3oOdZPg3SBWLupCBrvhGmeLKi5s30=
Subject key identifier:   66:E2:4D:40:6A:E0:FB:E3:9A:33:01:06:A3:ED:AA:49:43:5F:10:24
Authority key identifier: A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9
Certificate issuer:       /CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
Certificate serial:       019D27A90B555310F2D43D043201853E8655
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
Manifest number:          02D6
Signing time:             Thu 26 Mar 2026 01:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:22 +0000
Files and hashes:         1: ogqr6NvAhXg0PCW4xomHpevAOMk.crl (hash: h4U+M/7jeoN44cU58+OqA66aHq0um6CMYSDQ8eYR+/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:0b:55:53:10:f2:d4:3d:04:32:01:85:3e:86:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
        Validity
            Not Before: Mar 26 01:01:22 2026 GMT
            Not After : Mar 27 01:01:22 2026 GMT
        Subject: CN=66e24d406ae0fbe39a330106a3edaa49435f1024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:80:51:3d:49:e8:03:ae:0e:1b:36:4e:13:e5:
                    2b:1c:f1:32:6c:35:3b:3e:01:2c:38:88:d3:77:05:
                    6c:e2:78:6c:30:58:2c:b4:3a:30:13:20:f9:3e:f0:
                    89:46:e5:03:64:f2:c6:81:ef:da:4f:c6:4e:e7:aa:
                    5c:e0:3a:81:f8:ac:d5:7a:66:5f:45:7a:2c:54:27:
                    0e:2f:de:c2:74:fb:21:a5:66:4e:67:05:35:4b:3c:
                    c0:d7:3d:60:e2:c7:0f:f6:41:bf:57:8c:c9:75:c8:
                    b5:c3:e7:29:ed:25:df:ff:7c:d0:a2:70:6c:b3:98:
                    db:1b:cd:27:2a:2c:fe:99:d2:08:35:68:6c:cc:7a:
                    71:47:92:a3:b5:34:a2:b2:13:6d:17:15:49:4a:54:
                    cc:dc:57:87:9e:5c:91:21:85:4a:81:9c:f2:7b:a6:
                    38:90:3a:d4:70:f5:9b:0d:00:73:c8:0d:a3:02:4a:
                    49:05:44:1c:39:e0:de:99:a1:cb:f1:cb:b9:d4:8f:
                    10:53:39:c8:d5:c8:f2:f3:4e:41:e9:63:79:2f:db:
                    ab:87:ee:ce:14:77:29:b5:77:92:16:08:6e:0c:76:
                    fb:84:82:df:96:e5:7f:23:dd:ee:53:15:90:28:d1:
                    81:be:20:9f:bd:92:d4:2c:31:8b:f3:57:6d:7d:14:
                    6d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E2:4D:40:6A:E0:FB:E3:9A:33:01:06:A3:ED:AA:49:43:5F:10:24
            X509v3 Authority Key Identifier:
                keyid:A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:32:1d:f0:90:fa:e2:82:22:fb:a7:2e:6f:2b:ac:5e:e9:92:
         00:f2:96:64:a8:31:fd:dd:7b:ba:29:6b:35:b2:f9:92:34:0b:
         60:e6:e6:f1:95:25:fe:c4:b0:1e:86:8c:2d:f4:c2:3a:2e:8d:
         88:bd:a6:a0:17:01:06:f6:92:f3:40:07:9d:78:f2:59:48:da:
         86:d2:85:c0:5a:59:e6:69:b4:e0:55:ff:56:b4:ab:d3:bd:1b:
         04:bf:5f:44:66:0d:1b:2b:78:e9:7f:8f:fd:0d:0f:b8:23:68:
         d0:7f:e7:a5:d2:19:25:91:04:4b:b4:81:8f:26:c2:ff:c8:8f:
         95:d6:c7:7f:e2:e9:3a:29:18:28:d6:a8:2f:e3:c0:45:1a:93:
         85:35:dd:11:2b:1b:e0:52:8f:a4:6e:be:cd:d2:c2:2b:a1:d1:
         e4:54:9f:de:41:37:c2:f9:a6:f2:1f:a1:e9:19:72:b5:a5:07:
         4d:93:75:4f:9d:1b:7e:bf:93:d2:14:d9:c4:f9:02:7c:c2:cc:
         c6:58:61:28:99:35:b0:dd:a2:0b:6d:26:16:38:0a:ec:92:50:
         99:4e:8c:93:c8:09:92:76:98:05:53:f1:d2:10:de:1e:cb:2d:
         2e:28:6e:fa:02:ed:e3:01:3a:17:bf:1a:59:1a:90:39:9f:1d:
         91:f6:ab:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqQtVUxDy1D0EMgGFPoZVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGFhYmU4ZGJjMDg1NzgzNDNjMjViOGM2ODk4N2E1ZWJj
MDM4YzkwHhcNMjYwMzI2MDEwMTIyWhcNMjYwMzI3MDEwMTIyWjAzMTEwLwYDVQQD
Eyg2NmUyNGQ0MDZhZTBmYmUzOWEzMzAxMDZhM2VkYWE0OTQzNWYxMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroBRPUnoA64OGzZOE+UrHPEybDU7
PgEsOIjTdwVs4nhsMFgstDowEyD5PvCJRuUDZPLGge/aT8ZO56pc4DqB+KzVemZf
RXosVCcOL97CdPshpWZOZwU1SzzA1z1g4scP9kG/V4zJdci1w+cp7SXf/3zQonBs
s5jbG80nKiz+mdIINWhszHpxR5KjtTSishNtFxVJSlTM3FeHnlyRIYVKgZzye6Y4
kDrUcPWbDQBzyA2jAkpJBUQcOeDemaHL8cu51I8QUznI1cjy805B6WN5L9urh+7O
FHcptXeSFghuDHb7hILfluV/I93uUxWQKNGBviCfvZLULDGL81dtfRRtuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbiTUBq4PvjmjMBBqPtqklDXxAkMB8GA1UdIwQY
MBaAFKIKq+jbwIV4NDwluMaJh6XrwDjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYt
NzFkNjQ5YzNmZDM1LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYtNzFkNjQ5YzNmZDM1
LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHjId8JD6
4oIi+6cubyusXumSAPKWZKgx/d17uilrNbL5kjQLYObm8ZUl/sSwHoaMLfTCOi6N
iL2moBcBBvaS80AHnXjyWUjahtKFwFpZ5mm04FX/VrSr070bBL9fRGYNGyt46X+P
/Q0PuCNo0H/npdIZJZEES7SBjybC/8iPldbHf+LpOikYKNaoL+PARRqThTXdESsb
4FKPpG6+zdLCK6HR5FSf3kE3wvmm8h+h6RlytaUHTZN1T50bfr+T0hTZxPkCfMLM
xlhhKJk1sN2iC20mFjgK7JJQmU6Mk8gJknaYBVPx0hDeHsstLihu+gLt4wE6F78a
WRqQOZ8dkfarHw==
-----END CERTIFICATE-----