Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File:                     OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier:          5dF2iJRv4cqdqUNVLkPbtDhEbwRNjHUckqgfziNGxN8=
Subject key identifier:   7F:C6:4D:04:66:8A:F8:6B:4F:92:69:4F:51:0F:BD:67:4C:65:7C:B5
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer:       /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial:       019D27A8FDF07B7E7B7319F1E8C371B3D134
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 01:01:19 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:19 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:19 +0000
Files and hashes:         1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: QXOZTH4YsXCaPy0A9lq1Wzk4cMu8tkrh5mziL3WjEn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:fd:f0:7b:7e:7b:73:19:f1:e8:c3:71:b3:d1:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
        Validity
            Not Before: Mar 26 01:01:19 2026 GMT
            Not After : Mar 27 01:01:19 2026 GMT
        Subject: CN=7fc64d04668af86b4f92694f510fbd674c657cb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c6:ec:aa:d5:3c:b8:c0:46:e9:e9:5f:3d:8a:
                    9b:e7:73:6f:cb:48:5b:df:8b:02:aa:e1:e5:60:60:
                    65:16:6b:32:ac:50:b7:5c:78:36:3c:35:d5:83:9d:
                    1d:04:d1:81:39:34:0a:89:fd:eb:ea:b6:19:0f:1d:
                    b6:08:a4:7a:1a:3f:4d:3b:fc:39:32:05:60:cd:20:
                    2b:49:be:42:7c:e1:0b:3f:fa:da:40:52:e7:04:c5:
                    c0:2f:33:20:91:20:9b:74:ff:ec:44:04:82:36:a2:
                    2f:b6:a2:e2:5b:a3:a6:d8:93:d3:a7:0b:ba:c8:d5:
                    13:26:65:86:58:2c:47:5a:16:31:85:45:20:e2:72:
                    a4:b6:7c:b5:b0:8f:ab:7c:ec:eb:ef:53:71:ae:e2:
                    57:29:25:9d:34:05:3b:c2:32:39:0b:5f:15:a0:df:
                    05:e4:2b:e3:3f:5a:92:a7:b2:b3:d2:3d:39:60:84:
                    ce:8c:3a:08:24:3e:ae:93:c1:c1:39:ed:67:0f:cd:
                    77:13:db:87:ff:ee:e2:94:cc:f1:58:0d:b2:c9:5b:
                    81:c4:31:07:b6:d4:44:b3:a0:28:d3:17:c2:44:4a:
                    d0:df:a8:b7:0a:70:d2:38:9c:ef:08:0c:29:d6:99:
                    8e:27:cf:e7:7a:ca:2a:ed:ea:8a:52:6f:69:1f:6a:
                    ce:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:C6:4D:04:66:8A:F8:6B:4F:92:69:4F:51:0F:BD:67:4C:65:7C:B5
            X509v3 Authority Key Identifier:
                keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:ba:98:88:8f:08:34:30:fb:eb:dc:61:da:05:0b:ed:a1:27:
         4f:b0:64:d1:90:a0:71:bc:47:cf:4e:94:b3:ab:b4:d1:76:a0:
         c3:c1:0d:98:e9:34:9d:31:52:fd:c7:be:10:f3:b2:10:88:ba:
         6b:79:02:01:fe:12:0e:07:68:32:bd:32:74:9a:3f:1c:41:98:
         0e:b4:f3:8b:66:7b:7d:78:74:e6:23:ea:cd:59:98:19:82:36:
         86:04:26:80:a4:e5:50:9c:22:58:5d:12:39:f7:41:d9:cd:5e:
         41:7c:4e:dc:31:f9:9a:56:8b:41:30:06:02:03:4c:fe:26:9d:
         55:d1:58:47:30:15:25:02:52:39:d9:94:86:06:56:7a:e5:24:
         ef:72:3c:7c:cd:e9:b7:23:76:b8:93:28:1c:b2:6d:d3:a5:b5:
         0c:c1:18:dd:d3:1c:6a:0a:f2:33:83:8a:97:68:69:c4:6f:b0:
         e2:fc:89:36:7b:43:8e:64:56:c3:33:70:ca:6e:33:76:4a:52:
         5a:87:bb:12:8b:31:8e:ba:b6:03:f1:3d:fa:24:76:24:86:6f:
         96:8f:54:db:a1:3d:02:c3:61:17:a7:3a:db:4f:31:0b:67:42:
         3e:27:b8:ff:37:26:e6:7d:93:14:66:72:fa:24:d5:e3:b0:e9:
         16:fa:a2:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqP3we357cxnx6MNxs9E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjYwMzI2MDEwMTE5WhcNMjYwMzI3MDEwMTE5WjAzMTEwLwYDVQQD
Eyg3ZmM2NGQwNDY2OGFmODZiNGY5MjY5NGY1MTBmYmQ2NzRjNjU3Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcbsqtU8uMBG6elfPYqb53Nvy0hb
34sCquHlYGBlFmsyrFC3XHg2PDXVg50dBNGBOTQKif3r6rYZDx22CKR6Gj9NO/w5
MgVgzSArSb5CfOELP/raQFLnBMXALzMgkSCbdP/sRASCNqIvtqLiW6Om2JPTpwu6
yNUTJmWGWCxHWhYxhUUg4nKktny1sI+rfOzr71NxruJXKSWdNAU7wjI5C18VoN8F
5CvjP1qSp7Kz0j05YITOjDoIJD6uk8HBOe1nD813E9uH/+7ilMzxWA2yyVuBxDEH
ttREs6Ao0xfCRErQ36i3CnDSOJzvCAwp1pmOJ8/nesoq7eqKUm9pH2rOAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/GTQRmivhrT5JpT1EPvWdMZXy1MB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxLqYiI8I
NDD769xh2gUL7aEnT7Bk0ZCgcbxHz06Us6u00Xagw8ENmOk0nTFS/ce+EPOyEIi6
a3kCAf4SDgdoMr0ydJo/HEGYDrTzi2Z7fXh05iPqzVmYGYI2hgQmgKTlUJwiWF0S
OfdB2c1eQXxO3DH5mlaLQTAGAgNM/iadVdFYRzAVJQJSOdmUhgZWeuUk73I8fM3p
tyN2uJMoHLJt06W1DMEY3dMcagryM4OKl2hpxG+w4vyJNntDjmRWwzNwym4zdkpS
Woe7Eosxjrq2A/E9+iR2JIZvlo9U26E9AsNhF6c6208xC2dCPie4/zcm5n2TFGZy
+iTV47DpFvqi4g==
-----END CERTIFICATE-----