Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          j7yHbz5d2qffKFJ5GnTN3F/8Gf73EMv+9puhYWs39s8=
Subject key identifier:   1B:0B:B2:6C:A7:91:71:8E:56:71:43:42:72:1D:33:1D:74:88:4A:C4
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       019D265FCC17672A930B78DD3D46496895A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          0CD7
Signing time:             Wed 25 Mar 2026 19:01:45 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:45 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:45 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: zDm+nifr9rF20LZBpf87Pnx8Nmddd35s6S9J+8LXT5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:cc:17:67:2a:93:0b:78:dd:3d:46:49:68:95:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Mar 25 19:01:45 2026 GMT
            Not After : Mar 26 19:01:45 2026 GMT
        Subject: CN=1b0bb26ca791718e56714342721d331d74884ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:71:b7:b9:9b:07:36:fa:ba:e5:ed:53:20:c6:
                    34:2e:c7:03:9d:3f:33:80:5b:a0:de:f8:b6:ae:bc:
                    f5:b9:00:9b:6f:17:70:a8:f2:a3:e2:43:ae:8a:6d:
                    a8:21:ed:fc:76:52:ca:6e:48:41:c4:59:b6:53:4f:
                    a7:c1:df:71:55:50:98:e5:8a:6f:58:60:fc:c2:07:
                    a4:51:86:83:84:c7:e8:c2:c2:3a:3f:b9:80:33:95:
                    76:15:cf:49:a8:0d:f4:58:2e:cd:7d:3a:7c:40:11:
                    96:1d:79:c4:91:83:40:07:b4:f1:a1:16:e0:b1:57:
                    ec:3c:1d:bd:e8:9c:e1:51:9e:ac:c1:a7:32:9d:ab:
                    4b:08:a5:07:88:65:34:1c:e9:bc:b7:1f:31:34:6a:
                    a0:a8:2a:3d:9c:96:17:b8:c8:b1:e5:ed:db:83:d2:
                    e3:a7:8c:2c:26:8f:3a:93:26:44:bc:01:e4:1f:a0:
                    91:ab:db:9d:eb:56:84:c8:f6:99:c9:86:09:59:ed:
                    b3:31:fb:16:58:ee:0b:45:d9:1c:d8:92:3c:ed:d0:
                    0a:1d:92:15:40:e2:3f:54:04:48:b0:3c:6d:08:9b:
                    4b:8a:21:d2:32:2a:e3:47:26:61:37:a0:50:55:ec:
                    17:c0:4a:b8:27:54:1e:6a:d9:86:0c:d4:72:b5:34:
                    45:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:0B:B2:6C:A7:91:71:8E:56:71:43:42:72:1D:33:1D:74:88:4A:C4
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:cd:af:dd:8c:51:a3:8d:1d:bf:9d:bb:8b:bf:40:fc:6c:58:
         2f:cb:c9:66:66:4c:97:68:a2:ee:d3:99:62:6c:f4:49:89:dc:
         98:52:a2:41:6c:99:ef:93:7e:0d:dd:f8:c1:db:4d:ec:22:ee:
         ee:1a:db:b5:f8:43:36:00:78:90:69:55:85:a9:34:cf:4d:7c:
         64:98:98:94:8e:0e:e9:98:81:b8:fc:3e:58:74:cc:58:22:46:
         00:c5:60:53:09:8f:44:d4:d6:30:d8:92:09:a7:b0:36:cb:5a:
         aa:8d:3c:fc:3c:a5:37:51:35:63:5c:b7:26:30:7a:07:5f:bd:
         19:25:4a:1e:62:c8:c4:f8:3e:d2:88:ef:f2:b2:bd:4d:47:b2:
         98:df:7b:fa:59:ec:0e:2f:ab:8d:49:17:8b:24:2a:a6:f7:1a:
         8f:81:bf:0c:8f:05:78:aa:b8:db:cf:2f:3c:f1:e0:7d:ed:b1:
         ef:c4:42:95:57:b7:14:0c:5f:bf:89:3f:c7:dd:cf:7e:cc:1b:
         83:c5:4e:12:8d:20:fa:40:b4:57:c4:65:ba:e3:62:4d:6f:3f:
         51:bd:41:a3:b1:4d:1c:78:3a:04:52:f9:9b:79:43:af:08:26:
         b3:12:44:e5:ad:53:a4:fd:99:fa:f8:40:36:52:8b:1f:24:5f:
         42:9f:ff:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX8wXZyqTC3jdPUZJaJWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjYwMzI1MTkwMTQ1WhcNMjYwMzI2MTkwMTQ1WjAzMTEwLwYDVQQD
EygxYjBiYjI2Y2E3OTE3MThlNTY3MTQzNDI3MjFkMzMxZDc0ODg0YWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHG3uZsHNvq65e1TIMY0LscDnT8z
gFug3vi2rrz1uQCbbxdwqPKj4kOuim2oIe38dlLKbkhBxFm2U0+nwd9xVVCY5Ypv
WGD8wgekUYaDhMfowsI6P7mAM5V2Fc9JqA30WC7NfTp8QBGWHXnEkYNAB7TxoRbg
sVfsPB296JzhUZ6swacynatLCKUHiGU0HOm8tx8xNGqgqCo9nJYXuMix5e3bg9Lj
p4wsJo86kyZEvAHkH6CRq9ud61aEyPaZyYYJWe2zMfsWWO4LRdkc2JI87dAKHZIV
QOI/VARIsDxtCJtLiiHSMirjRyZhN6BQVewXwEq4J1QeatmGDNRytTRFawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsLsmynkXGOVnFDQnIdMx10iErEMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATM2v3YxR
o40dv527i79A/GxYL8vJZmZMl2ii7tOZYmz0SYncmFKiQWyZ75N+Dd34wdtN7CLu
7hrbtfhDNgB4kGlVhak0z018ZJiYlI4O6ZiBuPw+WHTMWCJGAMVgUwmPRNTWMNiS
CaewNstaqo08/DylN1E1Y1y3JjB6B1+9GSVKHmLIxPg+0ojv8rK9TUeymN97+lns
Di+rjUkXiyQqpvcaj4G/DI8FeKq4288vPPHgfe2x78RClVe3FAxfv4k/x93Pfswb
g8VOEo0g+kC0V8RluuNiTW8/Ub1Bo7FNHHg6BFL5m3lDrwgmsxJE5a1TpP2Z+vhA
NlKLHyRfQp//PA==
-----END CERTIFICATE-----