Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
File:                     OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft (raw, json)
Hash identifier:          vT4jkdyZJUJYO47rOvMzJRuEuFgfKPTnA7cPbdNgJYI=
Subject key identifier:   CA:3A:F4:98:61:02:5D:F8:47:33:66:A6:09:03:CF:2B:97:F9:A1:33
Authority key identifier: 38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5
Certificate issuer:       /CN=389dd4126f8be07af454497ca0f5665295482ad5
Certificate serial:       019D2703D60863785E748147F5DDE0E3CBD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
Manifest number:          07E2
Signing time:             Wed 25 Mar 2026 22:00:55 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:55 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:55 +0000
Files and hashes:         1: OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl (hash: eWOTdSAWnmOBumWXBMrPg4rHbNCx/FoZ9U6qG9S+MWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d6:08:63:78:5e:74:81:47:f5:dd:e0:e3:cb:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389dd4126f8be07af454497ca0f5665295482ad5
        Validity
            Not Before: Mar 25 22:00:55 2026 GMT
            Not After : Mar 26 22:00:55 2026 GMT
        Subject: CN=ca3af49861025df8473366a60903cf2b97f9a133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d2:10:a9:05:39:c5:79:6e:d3:6d:6b:d5:98:
                    05:57:78:00:33:dc:77:fb:d6:05:3e:e9:96:f4:9c:
                    22:83:67:34:01:40:c4:c0:d9:9d:2c:61:44:c5:63:
                    8d:a5:eb:d2:b5:92:e3:59:36:7a:80:cf:db:f6:9a:
                    4c:78:cc:fc:07:a5:ca:a4:af:9f:fb:39:ac:3d:73:
                    cd:28:ea:2e:df:7f:fc:52:27:31:28:57:e2:27:0a:
                    f3:35:74:29:68:6b:ef:cb:7b:8f:83:66:1e:50:03:
                    d6:22:1e:c2:ed:55:43:7b:ee:f9:71:9d:36:47:26:
                    32:09:64:81:81:11:cc:31:96:30:83:dd:f9:a2:2a:
                    76:cb:d9:9f:ee:a2:ba:a4:92:fd:35:d3:98:6a:4f:
                    58:2e:05:50:36:32:d9:52:6d:1f:c3:2a:7c:eb:2b:
                    c2:50:61:ac:f9:1c:4e:99:a3:ff:f5:44:76:08:66:
                    36:14:90:f6:e5:ab:e1:fb:57:35:a7:b6:92:be:50:
                    fa:31:ef:cb:8b:84:6e:3c:c3:90:1d:47:f4:40:ab:
                    a5:2d:b3:5d:73:72:31:89:7b:e3:1f:73:2e:c1:b2:
                    e0:78:28:ff:ce:36:22:ff:e5:0b:70:2a:ba:57:7a:
                    fd:12:6e:65:16:ae:d6:f5:12:39:25:ce:3a:4d:33:
                    d9:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:3A:F4:98:61:02:5D:F8:47:33:66:A6:09:03:CF:2B:97:F9:A1:33
            X509v3 Authority Key Identifier:
                keyid:38:9D:D4:12:6F:8B:E0:7A:F4:54:49:7C:A0:F5:66:52:95:48:2A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/910313-ce10-4d6f-827c-5c55ec221e12/1/OJ3UEm-L4Hr0VEl8oPVmUpVIKtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c9:1d:55:bd:9c:75:82:ab:52:67:66:fc:03:97:c5:25:04:01:
         b9:3c:58:b3:8d:5c:8c:16:e6:04:1a:10:37:05:96:3c:d5:e5:
         b1:cf:06:a7:92:6c:c3:5e:ae:ea:00:d4:ec:f3:09:78:91:52:
         7e:2b:48:4d:d2:d1:d5:51:2d:15:cf:98:95:f2:f0:a5:a2:a2:
         fb:48:5d:e2:8f:13:1c:f6:af:55:2b:d5:10:56:2c:ef:d3:51:
         b7:87:d3:0b:7e:ef:01:76:ed:20:7c:d5:1a:02:62:6c:06:48:
         55:19:32:fd:63:d4:55:88:9a:2b:9d:1b:9e:60:aa:f8:e3:17:
         49:aa:11:c2:34:75:03:f0:07:36:aa:1f:5a:97:bb:94:6d:74:
         45:c3:71:81:9e:7b:58:6a:ee:07:42:c5:a1:62:45:5c:f5:f1:
         3d:55:78:01:28:c3:54:ed:28:72:71:67:a6:9f:6c:9d:5e:41:
         0f:22:49:31:c0:4c:77:e7:40:00:1b:23:02:4f:32:b8:42:89:
         2f:e1:f5:8b:46:b0:17:16:3d:ea:12:09:64:52:c5:f5:7d:c9:
         3b:8d:ca:00:8f:35:a6:63:0c:d6:6d:84:4f:ac:0d:78:aa:c2:
         4d:cb:6d:46:5e:1d:48:6a:16:47:20:27:16:90:5e:95:6b:b8:
         37:bd:65:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9YIY3hedIFH9d3g48vWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWRkNDEyNmY4YmUwN2FmNDU0NDk3Y2EwZjU2NjUyOTU0
ODJhZDUwHhcNMjYwMzI1MjIwMDU1WhcNMjYwMzI2MjIwMDU1WjAzMTEwLwYDVQQD
EyhjYTNhZjQ5ODYxMDI1ZGY4NDczMzY2YTYwOTAzY2YyYjk3ZjlhMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdIQqQU5xXlu021r1ZgFV3gAM9x3
+9YFPumW9Jwig2c0AUDEwNmdLGFExWONpevStZLjWTZ6gM/b9ppMeMz8B6XKpK+f
+zmsPXPNKOou33/8UicxKFfiJwrzNXQpaGvvy3uPg2YeUAPWIh7C7VVDe+75cZ02
RyYyCWSBgRHMMZYwg935oip2y9mf7qK6pJL9NdOYak9YLgVQNjLZUm0fwyp86yvC
UGGs+RxOmaP/9UR2CGY2FJD25avh+1c1p7aSvlD6Me/Li4RuPMOQHUf0QKulLbNd
c3IxiXvjH3MuwbLgeCj/zjYi/+ULcCq6V3r9Em5lFq7W9RI5Jc46TTPZ+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMo69JhhAl34RzNmpgkDzyuX+aEzMB8GA1UdIwQY
MBaAFDid1BJvi+B69FRJfKD1ZlKVSCrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2Mt
NWM1NWVjMjIxZTEyLzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85MTAzMTMtY2UxMC00ZDZmLTgyN2MtNWM1NWVjMjIxZTEy
LzEvT0ozVUVtLUw0SHIwVkVsOG9QVm1VcFZJS3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyR1VvZx1
gqtSZ2b8A5fFJQQBuTxYs41cjBbmBBoQNwWWPNXlsc8Gp5Jsw16u6gDU7PMJeJFS
fitITdLR1VEtFc+YlfLwpaKi+0hd4o8THPavVSvVEFYs79NRt4fTC37vAXbtIHzV
GgJibAZIVRky/WPUVYiaK50bnmCq+OMXSaoRwjR1A/AHNqofWpe7lG10RcNxgZ57
WGruB0LFoWJFXPXxPVV4ASjDVO0ocnFnpp9snV5BDyJJMcBMd+dAABsjAk8yuEKJ
L+H1i0awFxY96hIJZFLF9X3JO43KAI81pmMM1m2ET6wNeKrCTcttRl4dSGoWRyAn
FpBelWu4N71l0g==
-----END CERTIFICATE-----