Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
File:                     O63rHzjiUanY1hTzLTbyat9P1YA.mft (raw, json)
Hash identifier:          wqG+fkjluKc0Zw28vmIt4Rx5rzm2/47jnpwLFF1qpVk=
Subject key identifier:   C4:80:5B:B4:99:0A:F2:03:AE:B3:21:D8:D2:F5:40:AD:25:6B:30:BD
Authority key identifier: 3B:AD:EB:1F:38:E2:51:A9:D8:D6:14:F3:2D:36:F2:6A:DF:4F:D5:80
Certificate issuer:       /CN=3badeb1f38e251a9d8d614f32d36f26adf4fd580
Certificate serial:       019D277271B070C4DAFE0C0D8687E15AE774
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
Manifest number:          1031
Signing time:             Thu 26 Mar 2026 00:01:44 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:44 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:44 +0000
Files and hashes:         1: O63rHzjiUanY1hTzLTbyat9P1YA.crl (hash: TuIlbc0GUYthih+XRqhaF2dt5B2jiekAoc47f0LTtTk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:71:b0:70:c4:da:fe:0c:0d:86:87:e1:5a:e7:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3badeb1f38e251a9d8d614f32d36f26adf4fd580
        Validity
            Not Before: Mar 26 00:01:44 2026 GMT
            Not After : Mar 27 00:01:44 2026 GMT
        Subject: CN=c4805bb4990af203aeb321d8d2f540ad256b30bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b7:0a:a3:e0:e6:9e:02:4a:23:b2:a2:c8:e7:
                    e1:b5:50:0d:2a:bf:a2:a6:d1:f6:45:d6:ea:09:65:
                    f0:19:75:08:0b:b5:65:26:72:9a:7c:be:7f:74:50:
                    2f:0d:e3:9a:47:2e:87:c6:d0:e2:ea:bb:9c:8a:d1:
                    68:2c:7c:8c:b0:0d:56:3c:0a:cd:ab:dc:10:a5:27:
                    56:bd:d3:9d:60:84:79:15:e8:82:15:ca:6f:f4:29:
                    0f:a9:5e:bb:1a:c8:dd:37:f7:0e:7e:2f:43:c6:82:
                    14:8b:fe:09:be:0d:21:a5:92:f7:48:c6:7e:9c:0b:
                    ad:f5:0d:f5:65:d2:a7:86:c7:d9:a3:be:ad:e3:a6:
                    fb:d1:b8:ca:8f:20:12:f4:6a:c1:bd:36:b5:18:f3:
                    ab:e5:af:32:07:df:84:35:95:e1:25:c9:9b:d6:5f:
                    6f:9e:20:64:92:7b:76:52:e8:1b:19:ad:b2:5b:9b:
                    75:52:a7:45:24:89:c0:98:5f:b6:af:3e:ea:f9:41:
                    8c:89:8f:e7:66:88:4f:55:08:1c:a2:4b:7c:13:84:
                    c5:2e:62:4c:da:9f:f0:57:f1:ed:3c:62:f7:71:7d:
                    98:0c:ac:91:27:d4:56:fa:57:aa:81:f8:33:d4:d2:
                    93:a0:9b:da:4e:82:87:0b:e2:fc:d1:16:6a:b5:e8:
                    8f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:80:5B:B4:99:0A:F2:03:AE:B3:21:D8:D2:F5:40:AD:25:6B:30:BD
            X509v3 Authority Key Identifier:
                keyid:3B:AD:EB:1F:38:E2:51:A9:D8:D6:14:F3:2D:36:F2:6A:DF:4F:D5:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O63rHzjiUanY1hTzLTbyat9P1YA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bba0f-d56d-4d7f-a8b5-4c87fe5fdadc/1/O63rHzjiUanY1hTzLTbyat9P1YA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:a5:97:64:3a:65:ad:2d:9a:52:b3:6c:98:29:d7:5f:b2:36:
         f8:b7:96:50:b9:cc:24:e7:ac:cb:6d:8c:96:2e:26:2f:b3:fd:
         1b:80:24:6a:e9:a5:c4:ca:6f:8a:86:ea:21:dc:ae:88:36:ad:
         60:ee:6f:f8:c1:f4:76:35:49:d2:10:70:f7:0a:1a:c4:2b:05:
         66:20:7f:74:ee:79:44:36:37:62:f9:cd:9b:56:09:b4:2c:29:
         c0:4f:8f:a1:f0:a0:43:80:a7:43:70:27:f4:ac:37:58:4b:11:
         27:43:ee:8c:b0:98:69:19:7f:1c:4d:b4:c8:68:c2:93:20:36:
         4a:cf:2d:95:e6:c2:e2:d7:eb:9f:dd:77:65:2c:88:ad:54:13:
         2f:f8:65:f5:98:9a:83:7d:8a:9c:6f:a7:75:23:2e:77:58:6c:
         a0:44:f1:4e:e3:52:58:82:29:c6:0c:85:d7:9a:e2:42:c2:8d:
         ac:99:60:8f:49:60:e0:4c:89:bf:ca:b1:ea:91:4c:26:c2:34:
         c7:df:75:a9:7b:e1:2f:ac:d7:eb:d3:18:83:87:5e:3e:24:5e:
         5a:a8:24:71:32:7f:60:8b:17:16:77:d4:64:d8:9b:6c:7c:73:
         fd:0d:d3:e1:d9:16:a5:f3:df:00:a9:46:13:4a:42:d0:bb:aa:
         40:a7:1c:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncnGwcMTa/gwNhofhWud0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWRlYjFmMzhlMjUxYTlkOGQ2MTRmMzJkMzZmMjZhZGY0
ZmQ1ODAwHhcNMjYwMzI2MDAwMTQ0WhcNMjYwMzI3MDAwMTQ0WjAzMTEwLwYDVQQD
EyhjNDgwNWJiNDk5MGFmMjAzYWViMzIxZDhkMmY1NDBhZDI1NmIzMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rcKo+DmngJKI7KiyOfhtVANKr+i
ptH2RdbqCWXwGXUIC7VlJnKafL5/dFAvDeOaRy6HxtDi6rucitFoLHyMsA1WPArN
q9wQpSdWvdOdYIR5FeiCFcpv9CkPqV67GsjdN/cOfi9DxoIUi/4Jvg0hpZL3SMZ+
nAut9Q31ZdKnhsfZo76t46b70bjKjyAS9GrBvTa1GPOr5a8yB9+ENZXhJcmb1l9v
niBkknt2UugbGa2yW5t1UqdFJInAmF+2rz7q+UGMiY/nZohPVQgcokt8E4TFLmJM
2p/wV/HtPGL3cX2YDKyRJ9RW+leqgfgz1NKToJvaToKHC+L80RZqteiPIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMSAW7SZCvIDrrMh2NL1QK0lazC9MB8GA1UdIwQY
MBaAFDut6x844lGp2NYU8y028mrfT9WAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmJhMGYtZDU2ZC00ZDdmLWE4YjUt
NGM4N2ZlNWZkYWRjLzEvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmJhMGYtZDU2ZC00ZDdmLWE4YjUtNGM4N2ZlNWZkYWRj
LzEvTzYzckh6amlVYW5ZMWhUekxUYnlhdDlQMVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP6WXZDpl
rS2aUrNsmCnXX7I2+LeWULnMJOesy22Mli4mL7P9G4AkaumlxMpviobqIdyuiDat
YO5v+MH0djVJ0hBw9woaxCsFZiB/dO55RDY3YvnNm1YJtCwpwE+PofCgQ4CnQ3An
9Kw3WEsRJ0PujLCYaRl/HE20yGjCkyA2Ss8tlebC4tfrn913ZSyIrVQTL/hl9Zia
g32KnG+ndSMud1hsoETxTuNSWIIpxgyF15riQsKNrJlgj0lg4EyJv8qx6pFMJsI0
x991qXvhL6zX69MYg4dePiReWqgkcTJ/YIsXFnfUZNibbHxz/Q3T4dkWpfPfAKlG
E0pC0LuqQKccfA==
-----END CERTIFICATE-----