Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          EYHI1vCCFlGbbXHIZq2alSBDOW0mQQ7TE9nzzqw+NsQ=
Subject key identifier:   36:D8:0C:75:1E:E6:10:20:12:B9:40:BE:59:AE:5F:44:0E:05:12:53
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       019D29CED34822BA1F9AEB1ABE3ECBCA0666
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          0509
Signing time:             Thu 26 Mar 2026 11:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 11:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 11:01:53 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: QqDB5eOq/hl/nQMYzZ0ITMPIkyVxum1gMSHsH/Wlvp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:ce:d3:48:22:ba:1f:9a:eb:1a:be:3e:cb:ca:06:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Mar 26 11:01:53 2026 GMT
            Not After : Mar 27 11:01:53 2026 GMT
        Subject: CN=36d80c751ee6102012b940be59ae5f440e051253
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e7:eb:8b:28:d5:90:5a:a0:e8:83:5a:df:d3:
                    39:23:aa:6e:0e:4d:fc:07:56:10:2d:b6:e1:ca:e2:
                    0b:20:62:4e:4b:c0:be:57:88:61:fc:da:07:b4:43:
                    0c:01:c8:a3:0d:be:ad:12:34:a6:a5:e4:68:3d:89:
                    39:b2:4c:34:d4:6f:86:de:9f:bb:a8:91:7f:6c:d5:
                    79:0d:24:e0:37:cd:9f:bf:b8:6d:9f:fe:a6:85:62:
                    3a:ea:6e:df:d5:0f:4f:11:05:01:ca:34:45:fd:8e:
                    d6:c6:cd:81:dc:a8:d7:e3:b9:4f:55:e5:d8:45:f7:
                    92:b9:e7:1b:fc:33:84:24:b5:69:0a:ef:ef:75:11:
                    22:55:33:9b:85:32:f3:b2:e1:18:68:c9:46:44:50:
                    43:e1:77:da:63:d4:b1:60:b7:71:81:44:9a:65:15:
                    4b:83:6f:a5:98:44:43:fa:ee:a2:8f:10:7d:1f:95:
                    dd:57:f0:5d:37:ff:dd:fd:6e:54:db:8e:08:23:d0:
                    3a:5c:ab:9d:38:3d:b9:c1:88:29:51:d7:e4:d9:e7:
                    45:2a:1c:c9:d5:28:9b:3e:a5:92:23:cb:47:b8:d9:
                    b9:23:cd:4b:12:ed:c3:8c:10:7e:69:92:70:08:0f:
                    41:29:a5:97:95:7e:7c:4f:45:fd:19:12:33:0a:c2:
                    37:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D8:0C:75:1E:E6:10:20:12:B9:40:BE:59:AE:5F:44:0E:05:12:53
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:f8:df:e7:e5:e2:a5:5e:0f:3d:99:37:5e:da:06:70:39:03:
         ca:28:db:ca:e6:f0:67:ed:2d:8f:dd:50:75:46:60:23:9d:96:
         d2:fa:e5:43:d6:61:b5:84:bd:65:5d:1d:fb:1b:1c:97:24:0a:
         fc:4a:8c:6c:e5:8c:d6:11:0b:1d:03:7f:2c:31:69:d5:db:44:
         6b:6b:3a:e4:83:db:61:e4:4f:d1:03:7a:4d:39:b9:ea:6f:b8:
         e0:2c:e0:44:20:0e:cb:3c:cc:3e:49:d8:13:28:3c:63:10:83:
         a9:09:0c:7d:93:d6:e1:15:1b:c3:49:49:bb:74:a6:8a:90:fb:
         0a:e8:08:c8:d3:11:14:8a:bf:0a:76:49:1a:63:36:2f:b9:7c:
         10:a4:48:cd:34:76:50:1d:28:91:7c:16:e1:f3:1a:eb:d3:15:
         a5:86:e6:7e:de:fa:0a:4e:e4:48:66:c2:45:4a:ee:ac:f8:32:
         ff:21:ce:fb:c0:91:e8:62:95:0a:4e:43:37:99:49:0f:13:8e:
         ea:c4:2f:64:7d:1e:b9:ff:a5:5c:8b:06:fa:08:81:0c:14:56:
         0b:54:71:a4:b1:bf:f8:29:40:17:5b:2b:4e:57:9b:b5:40:30:
         db:59:32:17:0d:f4:90:c1:f3:ea:7c:c1:ef:17:62:13:20:0f:
         f1:98:b2:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pztNIIrofmusavj7LygZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjYwMzI2MTEwMTUzWhcNMjYwMzI3MTEwMTUzWjAzMTEwLwYDVQQD
EygzNmQ4MGM3NTFlZTYxMDIwMTJiOTQwYmU1OWFlNWY0NDBlMDUxMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5efriyjVkFqg6INa39M5I6puDk38
B1YQLbbhyuILIGJOS8C+V4hh/NoHtEMMAcijDb6tEjSmpeRoPYk5skw01G+G3p+7
qJF/bNV5DSTgN82fv7htn/6mhWI66m7f1Q9PEQUByjRF/Y7Wxs2B3KjX47lPVeXY
RfeSuecb/DOEJLVpCu/vdREiVTObhTLzsuEYaMlGRFBD4XfaY9SxYLdxgUSaZRVL
g2+lmERD+u6ijxB9H5XdV/BdN//d/W5U244II9A6XKudOD25wYgpUdfk2edFKhzJ
1SibPqWSI8tHuNm5I81LEu3DjBB+aZJwCA9BKaWXlX58T0X9GRIzCsI3SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbYDHUe5hAgErlAvlmuX0QOBRJTMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/jf5+Xi
pV4PPZk3XtoGcDkDyijbyubwZ+0tj91QdUZgI52W0vrlQ9ZhtYS9ZV0d+xsclyQK
/EqMbOWM1hELHQN/LDFp1dtEa2s65IPbYeRP0QN6TTm56m+44CzgRCAOyzzMPknY
Eyg8YxCDqQkMfZPW4RUbw0lJu3SmipD7CugIyNMRFIq/CnZJGmM2L7l8EKRIzTR2
UB0okXwW4fMa69MVpYbmft76Ck7kSGbCRUrurPgy/yHO+8CR6GKVCk5DN5lJDxOO
6sQvZH0euf+lXIsG+giBDBRWC1RxpLG/+ClAF1srTlebtUAw21kyFw30kMHz6nzB
7xdiEyAP8ZiyDA==
-----END CERTIFICATE-----