Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          RdPCut61Hrb2Q0J7Bu75q9Ne7vKGMnEwfKzJZyTKwdU=
Subject key identifier:   56:00:36:0E:06:C5:5D:6F:BC:2B:41:5B:79:35:B6:23:45:3A:F5:A1
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       019D27A9417080B1DCAD3471C2133B0A1F67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0F16
Signing time:             Thu 26 Mar 2026 01:01:36 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:36 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:36 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: 7YcYHtW9MZdRgMZDN/kxo374L7Tbf7vMSpuVsQj2s1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:41:70:80:b1:dc:ad:34:71:c2:13:3b:0a:1f:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Mar 26 01:01:36 2026 GMT
            Not After : Mar 27 01:01:36 2026 GMT
        Subject: CN=5600360e06c55d6fbc2b415b7935b623453af5a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:c2:ce:58:bb:e5:08:d5:c4:b3:3d:c4:fe:6f:
                    1b:17:ae:8b:45:36:18:43:59:ff:ec:51:db:0e:08:
                    fc:85:a9:58:0a:0f:13:6c:51:c9:09:e7:fa:93:ce:
                    96:3f:24:f0:04:b2:7c:3a:85:6e:39:b1:a3:61:24:
                    cf:44:dc:f2:f2:2b:e9:a1:50:71:72:42:9c:69:ee:
                    c7:56:3e:f2:89:dc:f3:85:17:76:a4:b2:f5:68:21:
                    13:df:ec:c7:05:ff:05:83:22:36:ec:24:14:4e:04:
                    86:3d:b6:b7:16:ab:23:f2:4d:1c:82:02:fa:73:21:
                    e6:db:6d:fa:07:39:d7:ca:5f:66:4d:73:68:61:19:
                    da:de:08:27:30:32:8f:03:48:88:ad:1e:c3:af:99:
                    e8:b0:9d:f4:b9:87:e7:d1:bc:12:7a:1a:a3:b2:cb:
                    aa:e6:30:b2:b6:98:a2:bc:ff:07:c3:00:80:e8:06:
                    85:dd:cf:0f:b3:1b:5a:f0:1d:a8:b6:1e:b9:97:8a:
                    1e:ea:b9:45:85:8c:41:9a:bf:99:45:4d:7b:72:02:
                    58:90:f1:55:c8:07:63:55:43:b7:eb:27:97:06:d4:
                    48:19:42:aa:19:0c:6d:db:47:13:56:ac:7d:68:17:
                    4b:46:08:68:cc:cd:a4:be:92:20:d4:cb:76:96:ff:
                    cb:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:00:36:0E:06:C5:5D:6F:BC:2B:41:5B:79:35:B6:23:45:3A:F5:A1
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:32:43:2f:50:cd:81:00:67:09:fd:df:75:cd:29:32:4b:7f:
         39:51:14:da:97:98:7c:b5:ca:4d:60:ee:19:be:b1:53:63:17:
         8e:ff:0d:61:03:7f:6e:09:91:38:29:c3:3f:13:5c:bb:f8:81:
         b1:67:0b:15:34:dc:f1:cf:9e:ff:55:c4:95:44:5b:54:a6:9b:
         d3:1d:b7:e4:e7:bd:f4:53:c8:23:c1:2c:7a:1c:58:96:e9:26:
         af:cd:d3:6a:88:18:ed:ab:8b:a9:7a:55:9c:25:ff:eb:d1:6e:
         2c:2c:61:97:28:c5:c0:e7:65:49:48:11:73:24:75:17:64:94:
         63:a5:55:e0:35:e7:40:a6:39:32:1e:28:27:e0:24:7d:81:c4:
         bb:d7:6a:b7:ee:9f:49:3f:e1:cb:2a:95:52:ee:b5:7f:99:a7:
         64:bc:56:a4:66:9b:b7:2d:06:d2:46:2a:b4:24:88:8c:52:44:
         c5:72:a4:f0:52:f9:0b:20:c3:e9:14:d6:3a:e2:9f:9e:78:f8:
         d8:1c:dd:ba:d6:ef:8c:a5:a7:66:c3:cd:e5:b5:8b:63:a7:87:
         70:d7:e8:4b:0f:0c:3c:c9:07:c8:08:a6:12:63:1e:1b:f9:b7:
         ba:32:1d:17:71:58:4f:4a:c5:19:dd:6b:cd:bd:20:e4:00:26:
         c1:db:f3:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqUFwgLHcrTRxwhM7Ch9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjYwMzI2MDEwMTM2WhcNMjYwMzI3MDEwMTM2WjAzMTEwLwYDVQQD
Eyg1NjAwMzYwZTA2YzU1ZDZmYmMyYjQxNWI3OTM1YjYyMzQ1M2FmNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsLOWLvlCNXEsz3E/m8bF66LRTYY
Q1n/7FHbDgj8halYCg8TbFHJCef6k86WPyTwBLJ8OoVuObGjYSTPRNzy8ivpoVBx
ckKcae7HVj7yidzzhRd2pLL1aCET3+zHBf8FgyI27CQUTgSGPba3Fqsj8k0cggL6
cyHm2236BznXyl9mTXNoYRna3ggnMDKPA0iIrR7Dr5nosJ30uYfn0bwSehqjssuq
5jCytpiivP8HwwCA6AaF3c8Psxta8B2oth65l4oe6rlFhYxBmr+ZRU17cgJYkPFV
yAdjVUO36yeXBtRIGUKqGQxt20cTVqx9aBdLRghozM2kvpIg1Mt2lv/LmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYANg4GxV1vvCtBW3k1tiNFOvWhMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjJDL1DN
gQBnCf3fdc0pMkt/OVEU2peYfLXKTWDuGb6xU2MXjv8NYQN/bgmROCnDPxNcu/iB
sWcLFTTc8c+e/1XElURbVKab0x235Oe99FPII8EsehxYlukmr83TaogY7auLqXpV
nCX/69FuLCxhlyjFwOdlSUgRcyR1F2SUY6VV4DXnQKY5Mh4oJ+AkfYHEu9dqt+6f
ST/hyyqVUu61f5mnZLxWpGabty0G0kYqtCSIjFJExXKk8FL5CyDD6RTWOuKfnnj4
2BzdutbvjKWnZsPN5bWLY6eHcNfoSw8MPMkHyAimEmMeG/m3ujIdF3FYT0rFGd1r
zb0g5AAmwdvzKg==
-----END CERTIFICATE-----