Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          /3JxRpjvoMHAkEgAaaN6cBhWXdOY4WmmX3qvFwCLWjU=
Subject key identifier:   C8:D1:E0:7A:CB:52:3C:AA:F4:60:18:02:FD:80:C9:EA:3B:99:22:C7
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       019D27A8D72881F7B4102C0183414B5C1104
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          048D
Signing time:             Thu 26 Mar 2026 01:01:09 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:09 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:09 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: iufxAEFQYqvZPl3+70vOWiLnt36JHZWVzocAao6/UU8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:d7:28:81:f7:b4:10:2c:01:83:41:4b:5c:11:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Mar 26 01:01:09 2026 GMT
            Not After : Mar 27 01:01:09 2026 GMT
        Subject: CN=c8d1e07acb523caaf4601802fd80c9ea3b9922c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:a3:81:7c:2b:ce:95:b9:86:36:2b:44:3a:24:
                    93:de:db:89:ac:0e:28:4b:d9:f6:a3:4c:74:0f:52:
                    0f:34:cb:1e:d3:69:a0:a8:24:97:56:60:25:80:c4:
                    95:35:de:80:e4:2f:68:5b:71:e7:07:92:39:c8:70:
                    cf:fd:18:67:6d:ee:95:a7:32:81:7c:67:f1:7d:58:
                    18:24:cf:bf:60:cd:d6:5a:82:41:94:40:07:5b:34:
                    a6:9b:f8:73:c0:7b:c4:49:6f:8d:9d:c5:e4:4e:3e:
                    f8:7d:62:69:72:1e:ed:01:02:a6:99:5a:56:e8:29:
                    6f:37:17:15:21:d2:c2:c0:ea:5a:1a:ea:17:13:2f:
                    26:5f:85:9d:68:45:fa:39:49:d1:d2:ad:07:31:24:
                    a5:13:6d:6c:cf:75:3d:db:3b:e7:e2:63:3a:02:d8:
                    a6:12:ca:bb:45:e1:46:6f:2d:e2:7d:30:76:38:21:
                    a5:5f:2a:6e:8f:b1:d8:85:e1:9e:06:ad:54:61:ee:
                    9d:c9:02:17:2d:5f:e8:ab:ec:68:59:f5:86:ee:3c:
                    dd:0a:fb:df:bf:f4:b7:1b:f7:fb:46:03:9f:36:24:
                    1f:ff:f7:68:01:5a:b3:fe:d2:8f:77:eb:84:1f:95:
                    47:a4:52:cc:aa:9a:6e:fe:9c:d1:d2:5a:e4:e1:8b:
                    9d:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:D1:E0:7A:CB:52:3C:AA:F4:60:18:02:FD:80:C9:EA:3B:99:22:C7
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:58:ab:eb:b2:a6:9f:24:52:c2:fa:4f:68:11:d2:7f:2b:a2:
         a9:3c:6c:f9:3e:fb:bc:a3:1a:81:01:b0:c5:89:ec:6f:34:ba:
         ba:06:0d:b9:5e:ef:f4:32:2d:03:dc:ef:7b:9a:0c:fb:ff:2d:
         ea:9a:7f:53:07:a9:df:cf:02:8b:17:36:4a:c6:35:f9:35:b7:
         0f:f4:58:f0:63:58:41:93:8b:9f:22:7a:45:97:88:6a:fd:e0:
         12:f4:03:58:bb:f1:8c:39:da:13:49:11:9c:04:9d:2a:7f:d5:
         22:e7:e9:26:4b:5e:5b:f6:9e:d5:ea:c8:6b:05:96:50:7c:6c:
         63:d2:3f:ce:9e:9e:4b:eb:7b:d5:f1:42:6d:73:a0:ad:9e:58:
         63:fa:b4:9b:ef:b3:dc:6e:02:b3:ed:f0:c4:ca:ff:f0:98:18:
         92:a5:95:8e:0b:08:63:4f:03:e2:25:b4:23:00:5f:8f:77:59:
         e2:7f:09:88:9b:e8:b7:77:7b:c2:cc:20:f9:91:e0:17:8e:3a:
         02:c4:63:41:57:a7:7f:a1:d8:86:b1:a1:cc:99:76:d1:5d:82:
         b1:e5:1b:f8:36:94:07:f4:6f:fb:32:00:88:cd:52:47:74:af:
         5d:90:b0:f1:79:3c:49:85:99:f1:55:e7:06:04:51:01:94:30:
         f1:ad:a5:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqNcogfe0ECwBg0FLXBEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjYwMzI2MDEwMTA5WhcNMjYwMzI3MDEwMTA5WjAzMTEwLwYDVQQD
EyhjOGQxZTA3YWNiNTIzY2FhZjQ2MDE4MDJmZDgwYzllYTNiOTkyMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaOBfCvOlbmGNitEOiST3tuJrA4o
S9n2o0x0D1IPNMse02mgqCSXVmAlgMSVNd6A5C9oW3HnB5I5yHDP/Rhnbe6VpzKB
fGfxfVgYJM+/YM3WWoJBlEAHWzSmm/hzwHvESW+NncXkTj74fWJpch7tAQKmmVpW
6ClvNxcVIdLCwOpaGuoXEy8mX4WdaEX6OUnR0q0HMSSlE21sz3U92zvn4mM6Atim
Esq7ReFGby3ifTB2OCGlXypuj7HYheGeBq1UYe6dyQIXLV/oq+xoWfWG7jzdCvvf
v/S3G/f7RgOfNiQf//doAVqz/tKPd+uEH5VHpFLMqppu/pzR0lrk4Yud8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjR4HrLUjyq9GAYAv2Ayeo7mSLHMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADVir67Km
nyRSwvpPaBHSfyuiqTxs+T77vKMagQGwxYnsbzS6ugYNuV7v9DItA9zve5oM+/8t
6pp/Uwep388Cixc2SsY1+TW3D/RY8GNYQZOLnyJ6RZeIav3gEvQDWLvxjDnaE0kR
nASdKn/VIufpJkteW/ae1erIawWWUHxsY9I/zp6eS+t71fFCbXOgrZ5YY/q0m++z
3G4Cs+3wxMr/8JgYkqWVjgsIY08D4iW0IwBfj3dZ4n8JiJvot3d7wswg+ZHgF446
AsRjQVenf6HYhrGhzJl20V2CseUb+DaUB/Rv+zIAiM1SR3SvXZCw8Xk8SYWZ8VXn
BgRRAZQw8a2l9Q==
-----END CERTIFICATE-----