Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
File:                     o2osPu23l22c4wRYHyNTL-y0bn8.mft (raw, json)
Hash identifier:          RA8orOIX7UaQbnNGuWJQPnQnj8KUCw4G8t0evJioxvQ=
Subject key identifier:   01:66:13:71:B4:A1:5C:17:59:57:E3:8F:FC:CB:50:C0:0F:1D:7C:D5
Authority key identifier: A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F
Certificate issuer:       /CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
Certificate serial:       019D29617AE7297CB2D816D82E5C1B993390
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
Manifest number:          1884
Signing time:             Thu 26 Mar 2026 09:02:27 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:27 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:27 +0000
Files and hashes:         1: o2osPu23l22c4wRYHyNTL-y0bn8.crl (hash: 4JIObRWykggrAex1mcWQlzGVx7FtcHoH1yb76BWB3TU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:7a:e7:29:7c:b2:d8:16:d8:2e:5c:1b:99:33:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a36a2c3eedb7976d9ce304581f23532fecb46e7f
        Validity
            Not Before: Mar 26 09:02:27 2026 GMT
            Not After : Mar 27 09:02:27 2026 GMT
        Subject: CN=01661371b4a15c175957e38ffccb50c00f1d7cd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e6:c4:84:54:a0:8d:8e:f7:32:a5:ef:88:d1:
                    96:fc:3f:a7:b9:1b:e7:d9:81:b8:fe:9f:ed:f8:ac:
                    fa:8c:46:e1:f5:83:75:a8:78:47:f7:ab:5a:50:b4:
                    20:84:15:12:b8:df:07:a7:f4:db:47:ae:a3:65:e8:
                    b6:77:e7:8a:19:c0:e8:e1:95:0d:e3:cc:93:8f:99:
                    26:69:63:67:4f:6a:01:72:92:7d:28:66:07:c4:b9:
                    04:61:e3:ec:f5:9e:54:77:e2:52:41:53:40:a1:ae:
                    7a:09:21:43:07:46:96:81:bd:3f:8d:06:6b:80:fd:
                    24:e9:20:40:8d:8c:33:87:f8:b9:d8:4a:29:f2:46:
                    ba:e0:f9:a0:a1:2a:b2:ef:ac:b9:a0:3b:c1:65:1f:
                    68:8f:7f:6e:00:a7:c6:6b:5e:bf:b2:31:a7:8f:82:
                    2c:41:d7:df:25:3b:19:44:3b:cb:e4:1f:44:5f:37:
                    0d:7b:3f:07:cb:36:21:a0:be:f7:f8:85:61:d8:1d:
                    79:44:8d:05:ff:56:07:57:d8:db:06:17:71:2d:41:
                    2f:ad:35:8d:ea:2d:67:47:66:92:f0:a7:7c:06:3d:
                    57:b2:2a:09:25:76:39:cd:0c:fe:d6:c5:56:52:a8:
                    66:06:87:54:79:ed:38:e8:9a:45:94:62:b5:4e:2f:
                    5b:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:66:13:71:B4:A1:5C:17:59:57:E3:8F:FC:CB:50:C0:0F:1D:7C:D5
            X509v3 Authority Key Identifier:
                keyid:A3:6A:2C:3E:ED:B7:97:6D:9C:E3:04:58:1F:23:53:2F:EC:B4:6E:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2osPu23l22c4wRYHyNTL-y0bn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9185e2-b929-4236-a98b-dde1923ba724/1/o2osPu23l22c4wRYHyNTL-y0bn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:f2:6f:70:82:2a:11:99:8a:60:39:cd:8c:0a:ee:54:9b:1b:
         da:8a:21:a7:88:a9:a7:8f:c9:b8:bf:34:63:f6:6d:a8:58:0a:
         6d:b5:ea:82:71:a3:00:5d:c6:af:56:71:14:ef:e1:94:62:a7:
         d8:2b:8e:28:b3:c2:a5:2b:9b:ee:88:9d:9d:24:8f:81:db:21:
         54:c0:ba:2a:84:82:16:9f:ae:32:ee:97:68:63:8f:da:b1:3b:
         dd:91:0b:88:81:6b:c0:47:0d:30:c0:3a:87:85:be:ce:a7:a8:
         01:16:3c:a6:70:24:d1:2f:89:4e:81:e0:e4:74:97:77:6e:e9:
         1d:01:6f:a6:a4:b5:f9:d2:45:94:08:af:5b:6d:ba:7c:ce:55:
         33:02:6a:4a:ce:ad:71:c4:3a:64:f4:d8:29:eb:1f:03:ac:5d:
         be:b9:24:5e:51:01:90:70:9d:47:de:58:05:02:bf:1c:d3:79:
         35:de:a4:19:eb:2a:a0:bd:c1:41:eb:02:4b:38:33:ad:11:20:
         1c:63:e9:77:76:d9:2e:34:c1:8c:31:69:dc:f9:38:65:b8:0f:
         c8:e4:49:b8:4b:ee:e2:b8:2f:18:c1:e7:fa:16:26:41:67:92:
         9b:1b:f9:40:ab:07:f3:a1:bd:98:5c:ff:12:b5:8d:a0:a8:36:
         1e:53:d4:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYXrnKXyy2BbYLlwbmTOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmEyYzNlZWRiNzk3NmQ5Y2UzMDQ1ODFmMjM1MzJmZWNi
NDZlN2YwHhcNMjYwMzI2MDkwMjI3WhcNMjYwMzI3MDkwMjI3WjAzMTEwLwYDVQQD
EygwMTY2MTM3MWI0YTE1YzE3NTk1N2UzOGZmY2NiNTBjMDBmMWQ3Y2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsubEhFSgjY73MqXviNGW/D+nuRvn
2YG4/p/t+Kz6jEbh9YN1qHhH96taULQghBUSuN8Hp/TbR66jZei2d+eKGcDo4ZUN
48yTj5kmaWNnT2oBcpJ9KGYHxLkEYePs9Z5Ud+JSQVNAoa56CSFDB0aWgb0/jQZr
gP0k6SBAjYwzh/i52Eop8ka64PmgoSqy76y5oDvBZR9oj39uAKfGa16/sjGnj4Is
QdffJTsZRDvL5B9EXzcNez8HyzYhoL73+IVh2B15RI0F/1YHV9jbBhdxLUEvrTWN
6i1nR2aS8Kd8Bj1XsioJJXY5zQz+1sVWUqhmBodUee046JpFlGK1Ti9bzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFmE3G0oVwXWVfjj/zLUMAPHXzVMB8GA1UdIwQY
MBaAFKNqLD7tt5dtnOMEWB8jUy/stG5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGIt
ZGRlMTkyM2JhNzI0LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85MTg1ZTItYjkyOS00MjM2LWE5OGItZGRlMTkyM2JhNzI0
LzEvbzJvc1B1MjNsMjJjNHdSWUh5TlRMLXkwYm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnfJvcIIq
EZmKYDnNjAruVJsb2oohp4ipp4/JuL80Y/ZtqFgKbbXqgnGjAF3Gr1ZxFO/hlGKn
2CuOKLPCpSub7oidnSSPgdshVMC6KoSCFp+uMu6XaGOP2rE73ZELiIFrwEcNMMA6
h4W+zqeoARY8pnAk0S+JToHg5HSXd27pHQFvpqS1+dJFlAivW226fM5VMwJqSs6t
ccQ6ZPTYKesfA6xdvrkkXlEBkHCdR95YBQK/HNN5Nd6kGesqoL3BQesCSzgzrREg
HGPpd3bZLjTBjDFp3Pk4ZbgPyORJuEvu4rgvGMHn+hYmQWeSmxv5QKsH86G9mFz/
ErWNoKg2HlPU9Q==
-----END CERTIFICATE-----