Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          dBBJSNdoeSHoxjNUamvJHc+DcteNQN08uOYTRJihmrc=
Subject key identifier:   B6:6D:F9:D7:62:8F:9C:44:D8:6E:5F:CE:02:B7:F7:C3:81:2D:C0:2D
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       019D284E7EE66B5129595208DB8DEBCDAF08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          14CD
Signing time:             Thu 26 Mar 2026 04:02:06 +0000
Manifest this update:     Thu 26 Mar 2026 04:02:06 +0000
Manifest next update:     Fri 27 Mar 2026 04:02:06 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: 84ZgpPNUjdRn03C+m1miTKgozpvVN/XOe8cn0GaQFsM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:02:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4e:7e:e6:6b:51:29:59:52:08:db:8d:eb:cd:af:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: Mar 26 04:02:06 2026 GMT
            Not After : Mar 27 04:02:06 2026 GMT
        Subject: CN=b66df9d7628f9c44d86e5fce02b7f7c3812dc02d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:80:34:66:15:df:dc:d3:bb:03:a2:e6:fc:df:
                    6e:b7:bd:6a:62:65:95:03:a8:92:61:78:58:f1:94:
                    15:b9:52:61:28:5a:64:89:94:66:7a:67:e9:40:84:
                    7e:f8:06:c9:bf:7a:56:8b:84:c1:ee:a5:91:d5:80:
                    79:ac:bb:1f:1f:fd:9b:50:1c:4d:96:26:25:ca:3b:
                    80:8a:27:67:16:3a:6c:e4:6d:2f:da:7f:11:bf:33:
                    c8:10:b7:27:09:7c:76:61:23:9b:9a:fc:09:a3:ec:
                    fc:de:7b:14:2b:6a:75:9f:5a:60:91:18:72:3d:6e:
                    4b:18:08:6f:cb:1e:d0:52:ff:fc:dd:a1:a5:19:2b:
                    27:6f:cd:dc:01:b8:df:2e:31:6f:22:1b:36:89:c8:
                    67:47:36:60:f9:56:cc:0e:16:46:a7:69:cd:43:d4:
                    b2:7b:40:51:b2:e1:da:95:e0:a6:26:10:60:4f:8c:
                    2c:3f:59:0b:09:14:fb:51:0e:fe:ef:7b:bf:e6:cf:
                    82:60:4b:9e:85:ea:f6:8f:bb:a3:e9:54:ed:01:f1:
                    3f:67:c8:26:9c:23:7c:8d:25:ca:86:c6:6b:58:71:
                    c4:d1:58:93:d9:1c:f9:7e:f3:39:13:c4:13:6c:b7:
                    0b:37:60:18:0f:54:35:96:d8:13:31:be:f1:71:23:
                    f0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:6D:F9:D7:62:8F:9C:44:D8:6E:5F:CE:02:B7:F7:C3:81:2D:C0:2D
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:6f:ed:8e:12:7d:81:53:0e:27:3c:ce:ec:4f:23:ee:71:5f:
         f7:a9:85:a9:3c:73:3e:42:23:cf:44:2f:14:c3:d9:37:64:27:
         70:c4:0a:a9:1a:00:18:fe:a3:e6:4d:3a:94:7f:f9:8a:1a:9a:
         a4:2b:13:74:36:df:35:dd:b5:ce:65:a8:18:88:f9:d2:cd:3e:
         48:3a:55:cc:a8:c6:49:7e:32:be:1f:fd:c0:8f:18:a4:83:85:
         9b:ff:c2:c3:4a:32:e1:39:8c:4f:f7:ac:83:39:9a:af:63:fc:
         1e:fb:f9:ec:c1:40:0f:01:12:8f:e9:9e:19:bf:d6:86:2d:39:
         35:47:f8:be:49:c5:6a:cd:01:9f:e4:56:49:f9:d0:8d:83:f4:
         58:2c:28:d1:85:8b:5d:17:1b:3e:91:e7:44:04:ac:96:e3:08:
         8d:8a:61:46:5f:2e:ba:63:14:70:10:90:2a:a1:2f:5a:c2:bb:
         45:c7:6f:b3:3e:b3:b3:5b:c4:3c:d5:46:a6:b6:62:4a:37:c5:
         8b:ae:d7:88:d8:88:ff:85:f6:0c:1e:06:25:76:49:19:f4:6d:
         fb:48:a2:03:e0:1b:5c:71:0c:6d:13:77:a2:95:f7:b2:29:77:
         47:9b:0d:92:86:3c:6b:64:df:b3:8b:13:80:44:c9:3f:be:e9:
         51:df:e2:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTn7ma1EpWVII243rza8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjYwMzI2MDQwMjA2WhcNMjYwMzI3MDQwMjA2WjAzMTEwLwYDVQQD
EyhiNjZkZjlkNzYyOGY5YzQ0ZDg2ZTVmY2UwMmI3ZjdjMzgxMmRjMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIA0ZhXf3NO7A6Lm/N9ut71qYmWV
A6iSYXhY8ZQVuVJhKFpkiZRmemfpQIR++AbJv3pWi4TB7qWR1YB5rLsfH/2bUBxN
liYlyjuAiidnFjps5G0v2n8RvzPIELcnCXx2YSObmvwJo+z83nsUK2p1n1pgkRhy
PW5LGAhvyx7QUv/83aGlGSsnb83cAbjfLjFvIhs2ichnRzZg+VbMDhZGp2nNQ9Sy
e0BRsuHaleCmJhBgT4wsP1kLCRT7UQ7+73u/5s+CYEueher2j7uj6VTtAfE/Z8gm
nCN8jSXKhsZrWHHE0ViT2Rz5fvM5E8QTbLcLN2AYD1Q1ltgTMb7xcSPwPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLZt+ddij5xE2G5fzgK398OBLcAtMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJG/tjhJ9
gVMOJzzO7E8j7nFf96mFqTxzPkIjz0QvFMPZN2QncMQKqRoAGP6j5k06lH/5ihqa
pCsTdDbfNd21zmWoGIj50s0+SDpVzKjGSX4yvh/9wI8YpIOFm//Cw0oy4TmMT/es
gzmar2P8Hvv57MFADwESj+meGb/Whi05NUf4vknFas0Bn+RWSfnQjYP0WCwo0YWL
XRcbPpHnRASsluMIjYphRl8uumMUcBCQKqEvWsK7Rcdvsz6zs1vEPNVGprZiSjfF
i67XiNiI/4X2DB4GJXZJGfRt+0iiA+AbXHEMbRN3opX3sil3R5sNkoY8a2Tfs4sT
gETJP77pUd/iSg==
-----END CERTIFICATE-----