Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
File:                     O849R0p3XOR3Y3FjK8GWyh9Owjs.mft (raw, json)
Hash identifier:          fweVcLxPDwDBHo3qiuCvsDC1fuHBbDtW6yT+Uv4n4Wo=
Subject key identifier:   50:F2:CD:98:BC:10:E2:27:54:C4:54:65:9F:B2:F4:92:2B:D2:2E:CC
Authority key identifier: 3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B
Certificate issuer:       /CN=3bce3d474a775ce4776371632bc196ca1f4ec23b
Certificate serial:       019D2AE0A4CF217D9A0D910C83E4F59F8444
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
Manifest number:          0523
Signing time:             Thu 26 Mar 2026 16:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:58 +0000
Files and hashes:         1: O849R0p3XOR3Y3FjK8GWyh9Owjs.crl (hash: 5aBQHTo2TV/IvQKB6T1toYaG9aDb3Fcv87AQc/XJuUY=)
                          2: VbL2QWZ9Kg8L1pE36SvfZYyr8Ts.roa (hash: sfB+nZS7Puz64duDQmVXVvH/Ydql31OyVDJAMGHxmwg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 16:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:a4:cf:21:7d:9a:0d:91:0c:83:e4:f5:9f:84:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bce3d474a775ce4776371632bc196ca1f4ec23b
        Validity
            Not Before: Mar 26 16:00:58 2026 GMT
            Not After : Mar 27 16:00:58 2026 GMT
        Subject: CN=50f2cd98bc10e22754c454659fb2f4922bd22ecc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:6b:6c:6b:d3:de:1f:21:db:f0:3a:07:48:5a:
                    43:7a:2d:73:95:ec:3d:e8:ac:9e:f3:51:51:cc:92:
                    63:a3:2a:20:b0:f2:53:53:de:e1:a3:34:4e:5b:6e:
                    4f:5d:a0:b5:c0:fc:32:a3:a8:74:fb:47:88:1d:4e:
                    b4:c1:d0:8f:02:45:13:50:73:30:f7:3f:7c:fe:a5:
                    0b:5d:b7:a0:9b:68:8a:ac:4c:a3:a5:eb:1a:29:d5:
                    e5:78:b1:3e:90:1e:87:78:8f:41:dd:80:c8:b5:73:
                    06:87:21:6b:80:e1:c9:3a:7a:2d:2b:dc:86:43:a0:
                    33:07:79:bd:c2:de:b6:7c:7f:c6:b5:10:77:a0:bc:
                    93:04:bb:b3:e1:20:e9:eb:fb:06:5f:aa:09:fa:5b:
                    c1:2d:4a:09:09:bf:83:a2:81:87:c1:39:04:f9:43:
                    99:f5:70:b1:ae:49:0f:65:f8:60:ae:75:91:14:ff:
                    bf:8a:8d:a4:a5:1a:f8:4b:90:57:fd:e9:43:fe:fb:
                    f9:fd:a7:1e:b7:f4:43:aa:c9:74:45:9e:c8:1d:03:
                    d1:06:ed:85:d4:76:f3:d9:63:f3:3d:4b:20:6b:35:
                    d7:89:37:e8:98:bd:62:1f:00:9a:52:97:e3:8c:25:
                    fe:dd:4a:9e:18:60:d1:6e:0f:27:18:dc:53:c4:d9:
                    4c:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:F2:CD:98:BC:10:E2:27:54:C4:54:65:9F:B2:F4:92:2B:D2:2E:CC
            X509v3 Authority Key Identifier:
                keyid:3B:CE:3D:47:4A:77:5C:E4:77:63:71:63:2B:C1:96:CA:1F:4E:C2:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O849R0p3XOR3Y3FjK8GWyh9Owjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5338bd-f321-4d51-be4a-63cc6c67c995/1/O849R0p3XOR3Y3FjK8GWyh9Owjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:2d:c9:d1:a8:e8:3d:db:9f:8e:7c:a9:22:2b:36:ed:1b:ac:
         8e:24:d1:1f:ef:8a:03:67:cf:b8:ce:ca:06:eb:db:0e:60:ca:
         72:d9:87:0e:ee:9f:87:3e:2c:35:8c:ff:ae:27:a6:b3:7b:70:
         41:73:9e:f6:d9:39:3c:63:70:58:22:75:a0:2f:10:79:4e:9a:
         60:60:ad:af:22:af:93:7c:5f:8b:eb:bc:e9:2c:98:bd:ea:bd:
         0c:a4:0d:9c:16:a0:68:7d:fe:93:e9:e0:a8:48:1d:8b:85:95:
         e5:cb:5b:65:63:dc:1f:1e:bd:84:bc:48:87:12:87:13:b2:63:
         57:60:2e:be:3d:4e:6a:88:4b:fd:73:37:63:10:7d:ac:a0:69:
         3b:1c:d0:45:5b:9b:f4:78:2e:b4:9c:d3:eb:a5:a0:8c:9b:f8:
         db:9a:6b:45:42:9a:95:5e:f0:57:ba:01:68:c9:3d:82:00:97:
         5d:e8:28:9e:7d:26:4a:37:a9:16:92:0a:20:01:15:12:86:ce:
         4d:5e:db:cd:b4:c5:15:0f:f0:06:66:ed:22:aa:81:4d:84:7e:
         d7:2c:98:72:b0:31:ec:e6:2f:c6:d7:f7:19:5d:7b:42:4b:ee:
         d3:ab:9d:3d:a7:69:e2:bf:be:bd:e9:78:f6:cb:93:a4:db:15:
         fd:9c:67:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4KTPIX2aDZEMg+T1n4REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2UzZDQ3NGE3NzVjZTQ3NzYzNzE2MzJiYzE5NmNhMWY0
ZWMyM2IwHhcNMjYwMzI2MTYwMDU4WhcNMjYwMzI3MTYwMDU4WjAzMTEwLwYDVQQD
Eyg1MGYyY2Q5OGJjMTBlMjI3NTRjNDU0NjU5ZmIyZjQ5MjJiZDIyZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2tsa9PeHyHb8DoHSFpDei1zlew9
6Kye81FRzJJjoyogsPJTU97hozROW25PXaC1wPwyo6h0+0eIHU60wdCPAkUTUHMw
9z98/qULXbegm2iKrEyjpesaKdXleLE+kB6HeI9B3YDItXMGhyFrgOHJOnotK9yG
Q6AzB3m9wt62fH/GtRB3oLyTBLuz4SDp6/sGX6oJ+lvBLUoJCb+DooGHwTkE+UOZ
9XCxrkkPZfhgrnWRFP+/io2kpRr4S5BX/elD/vv5/acet/RDqsl0RZ7IHQPRBu2F
1Hbz2WPzPUsgazXXiTfomL1iHwCaUpfjjCX+3UqeGGDRbg8nGNxTxNlMQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDyzZi8EOInVMRUZZ+y9JIr0i7MMB8GA1UdIwQY
MBaAFDvOPUdKd1zkd2NxYyvBlsofTsI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEt
NjNjYzZjNjdjOTk1LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni81MzM4YmQtZjMyMS00ZDUxLWJlNGEtNjNjYzZjNjdjOTk1
LzEvTzg0OVIwcDNYT1IzWTNGaks4R1d5aDlPd2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjC3J0ajo
PdufjnypIis27RusjiTRH++KA2fPuM7KBuvbDmDKctmHDu6fhz4sNYz/riems3tw
QXOe9tk5PGNwWCJ1oC8QeU6aYGCtryKvk3xfi+u86SyYveq9DKQNnBagaH3+k+ng
qEgdi4WV5ctbZWPcHx69hLxIhxKHE7JjV2Auvj1OaohL/XM3YxB9rKBpOxzQRVub
9HgutJzT66WgjJv425prRUKalV7wV7oBaMk9ggCXXegonn0mSjepFpIKIAEVEobO
TV7bzbTFFQ/wBmbtIqqBTYR+1yyYcrAx7OYvxtf3GV17Qkvu06udPadp4r++vel4
9suTpNsV/ZxnLA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:51:52 2026 by rpki-client