Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft
File:                     oqodRGKTg8rfx1F9733ikpWuObQ.mft (raw, json)
Hash identifier:          X81QK0WhHpIydLr5awVeMTuVx0gYNUvTeGYbQXYCUz0=
Subject key identifier:   EC:77:D0:7A:E4:88:EB:F4:97:94:C4:21:59:97:B4:68:09:78:98:DD
Authority key identifier: A2:AA:1D:44:62:93:83:CA:DF:C7:51:7D:EF:7D:E2:92:95:AE:39:B4
Certificate issuer:       /CN=a2aa1d44629383cadfc7517def7de29295ae39b4
Certificate serial:       019D29977A5FC5917CD81E8E8E2A71518306
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft
Manifest number:          0FFD
Signing time:             Thu 26 Mar 2026 10:01:26 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:26 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:26 +0000
Files and hashes:         1: oqodRGKTg8rfx1F9733ikpWuObQ.crl (hash: gqk5RYS/qcKUb8gZfpboxLw0rl6B7ilHKeL0JsKSn1s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:7a:5f:c5:91:7c:d8:1e:8e:8e:2a:71:51:83:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2aa1d44629383cadfc7517def7de29295ae39b4
        Validity
            Not Before: Mar 26 10:01:26 2026 GMT
            Not After : Mar 27 10:01:26 2026 GMT
        Subject: CN=ec77d07ae488ebf49794c4215997b468097898dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:34:34:e7:ee:84:45:dc:b0:8e:4c:73:06:2f:
                    c8:1c:dc:9f:12:a9:c6:6c:2b:6c:89:1b:f5:05:68:
                    66:ec:e5:14:dc:0f:fc:1b:65:1a:ff:2e:8e:4a:d3:
                    bd:72:41:22:22:c2:9d:b1:ce:85:17:80:0e:33:bf:
                    f5:c0:4e:79:1d:a4:96:59:9f:ce:51:d5:f7:bc:01:
                    a0:72:5f:01:77:de:2c:03:3d:0f:92:7d:45:f3:83:
                    1e:46:d1:bb:2f:46:15:dd:61:bf:58:6f:ba:75:ea:
                    08:fd:61:03:b4:f2:f6:f9:08:99:b1:c8:a4:fa:63:
                    d6:ae:2c:a7:68:35:e9:eb:f6:a7:30:92:7a:12:b0:
                    ba:e4:0b:ce:7a:21:1a:2f:63:42:ae:6e:85:65:86:
                    7e:4c:9c:ee:75:dd:a8:8f:38:ec:c9:c4:0e:d1:55:
                    54:ce:60:a1:28:91:79:27:31:40:de:54:be:86:03:
                    c5:6e:9e:83:f0:c5:a7:6d:50:14:79:59:ec:28:07:
                    25:18:bd:21:ab:8a:7c:6c:ce:62:0f:9c:2d:af:3b:
                    0c:af:33:56:9f:ca:0f:ba:38:88:77:5f:09:79:62:
                    39:e5:29:df:fc:d3:97:81:f3:d7:76:a5:c1:f1:c2:
                    cb:c6:49:75:e5:ec:19:b8:39:aa:09:c6:89:cb:03:
                    d7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:77:D0:7A:E4:88:EB:F4:97:94:C4:21:59:97:B4:68:09:78:98:DD
            X509v3 Authority Key Identifier:
                keyid:A2:AA:1D:44:62:93:83:CA:DF:C7:51:7D:EF:7D:E2:92:95:AE:39:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oqodRGKTg8rfx1F9733ikpWuObQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/317824-f8f5-4b78-9b5e-749175b178f1/1/oqodRGKTg8rfx1F9733ikpWuObQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:fb:ba:55:f1:f1:3f:c1:61:af:30:fd:d5:76:57:c6:4c:ba:
         6d:b6:ca:77:c5:5c:de:73:ac:5c:c9:ec:5e:b6:d4:bf:7d:3b:
         d8:bb:73:64:23:d9:72:3e:34:70:4d:49:84:54:e7:ca:d4:27:
         15:47:98:ae:bb:a6:d7:d9:f3:77:5b:56:75:19:c3:2b:5d:16:
         67:4a:2d:c6:38:c6:81:b0:6e:a5:b9:ab:52:d8:e1:ad:2e:09:
         f1:3e:52:79:96:51:98:a4:74:70:c1:9e:27:01:5a:d9:75:1a:
         f0:be:8c:1a:eb:99:06:57:67:eb:9a:d5:3d:df:61:b9:6c:80:
         79:b0:60:00:33:59:98:2f:62:4b:e0:35:e9:d4:03:43:4a:dd:
         f0:96:11:6e:c7:e0:6e:b8:0d:9a:1e:8c:d0:72:e1:d2:a6:03:
         7e:59:7d:8c:77:94:15:55:87:4d:f9:c3:7e:22:22:a9:14:61:
         5f:86:25:7a:d1:44:3a:65:d9:00:89:02:1e:37:b8:4f:c1:ac:
         db:da:fa:6d:03:d5:24:bd:46:62:7f:e1:cc:6c:16:46:8f:4f:
         51:da:2b:f3:be:c6:e6:96:de:d7:d0:22:19:39:e0:50:40:cc:
         4e:ab:9e:c8:1b:e0:6e:e0:81:1d:a3:f5:26:e4:d0:84:41:0c:
         85:79:59:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl3pfxZF82B6OjipxUYMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYWExZDQ0NjI5MzgzY2FkZmM3NTE3ZGVmN2RlMjkyOTVh
ZTM5YjQwHhcNMjYwMzI2MTAwMTI2WhcNMjYwMzI3MTAwMTI2WjAzMTEwLwYDVQQD
EyhlYzc3ZDA3YWU0ODhlYmY0OTc5NGM0MjE1OTk3YjQ2ODA5Nzg5OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDQ05+6ERdywjkxzBi/IHNyfEqnG
bCtsiRv1BWhm7OUU3A/8G2Ua/y6OStO9ckEiIsKdsc6FF4AOM7/1wE55HaSWWZ/O
UdX3vAGgcl8Bd94sAz0Pkn1F84MeRtG7L0YV3WG/WG+6deoI/WEDtPL2+QiZscik
+mPWriynaDXp6/anMJJ6ErC65AvOeiEaL2NCrm6FZYZ+TJzudd2ojzjsycQO0VVU
zmChKJF5JzFA3lS+hgPFbp6D8MWnbVAUeVnsKAclGL0hq4p8bM5iD5wtrzsMrzNW
n8oPujiId18JeWI55Snf/NOXgfPXdqXB8cLLxkl15ewZuDmqCcaJywPXlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOx30HrkiOv0l5TEIVmXtGgJeJjdMB8GA1UdIwQY
MBaAFKKqHURik4PK38dRfe994pKVrjm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zMTc4MjQtZjhmNS00Yjc4LTliNWUt
NzQ5MTc1YjE3OGYxLzEvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zMTc4MjQtZjhmNS00Yjc4LTliNWUtNzQ5MTc1YjE3OGYx
LzEvb3FvZFJHS1RnOHJmeDFGOTczM2lrcFd1T2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMvu6VfHx
P8FhrzD91XZXxky6bbbKd8Vc3nOsXMnsXrbUv3072LtzZCPZcj40cE1JhFTnytQn
FUeYrrum19nzd1tWdRnDK10WZ0otxjjGgbBupbmrUtjhrS4J8T5SeZZRmKR0cMGe
JwFa2XUa8L6MGuuZBldn65rVPd9huWyAebBgADNZmC9iS+A16dQDQ0rd8JYRbsfg
brgNmh6M0HLh0qYDfll9jHeUFVWHTfnDfiIiqRRhX4YletFEOmXZAIkCHje4T8Gs
29r6bQPVJL1GYn/hzGwWRo9PUdor877G5pbe19AiGTngUEDMTqueyBvgbuCBHaP1
JuTQhEEMhXlZiQ==
-----END CERTIFICATE-----