Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          WzOwFrV7XIPkfHwIn4lWsEXu1l2uyEjLxma3AsxMVY8=
Subject key identifier:   6E:D8:8B:CA:FE:37:52:9A:DA:21:45:F9:90:71:4D:9F:79:3F:5D:60
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       019D2703EAE63A1474D86B5CDC05CC44A7B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          157F
Signing time:             Wed 25 Mar 2026 22:01:01 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:01 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:01 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: 3lTg2jfHaQ09pHKTFida9YMxL+v/oH+XKzseqAQcIw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:ea:e6:3a:14:74:d8:6b:5c:dc:05:cc:44:a7:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Mar 25 22:01:01 2026 GMT
            Not After : Mar 26 22:01:01 2026 GMT
        Subject: CN=6ed88bcafe37529ada2145f990714d9f793f5d60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:dc:23:29:c0:92:3d:71:77:96:59:41:56:59:
                    b8:af:08:59:05:4e:75:75:af:fb:75:f9:63:e8:f8:
                    dd:bc:5a:bb:c9:19:09:a0:9f:f4:11:6d:8b:1e:ed:
                    b6:e3:ce:65:98:50:22:c1:dc:8c:08:8c:0c:27:b9:
                    92:b8:98:93:ca:2d:c5:28:a2:68:b9:43:ab:e8:ca:
                    35:17:a2:e8:a4:99:57:34:7c:c8:f7:d9:b7:a5:65:
                    07:97:bc:94:f6:84:22:89:16:92:33:84:55:bb:7c:
                    28:12:09:15:44:87:63:78:81:e9:fc:d0:e5:0a:3b:
                    54:90:a2:0e:46:84:7c:f7:5a:f1:d9:f2:79:fb:f0:
                    f1:8d:d6:ba:c0:83:1e:e0:4f:58:ff:a0:82:dd:b1:
                    07:11:31:99:c8:58:62:42:bc:73:e4:96:52:55:2a:
                    90:91:6d:8b:fd:23:f6:d2:e4:91:92:2e:29:05:53:
                    44:d2:ea:cf:f9:04:fb:88:0c:d7:ee:d9:4c:4a:36:
                    9c:e8:f7:f1:a3:1e:5d:c2:52:32:29:b5:09:cb:ed:
                    13:3d:dd:50:8c:58:5b:f9:ca:14:ca:ee:85:f2:f2:
                    b6:a2:c1:92:10:59:3e:8f:84:71:2e:5a:12:2d:32:
                    c2:2c:d1:bf:a4:60:c3:bd:01:f8:29:db:8b:7b:a5:
                    66:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:D8:8B:CA:FE:37:52:9A:DA:21:45:F9:90:71:4D:9F:79:3F:5D:60
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:40:b9:ab:53:99:db:e2:03:60:53:81:d9:e8:82:1d:13:cf:
         01:01:43:f1:b2:16:38:57:69:a2:11:19:2f:e7:30:f0:a7:25:
         43:ab:02:ee:42:5f:9c:76:d4:f0:7d:f9:0d:5d:e1:3e:1f:50:
         a2:84:df:2a:cc:c9:2d:97:ff:b8:17:d4:2b:5b:cc:75:c0:17:
         fc:bf:15:92:09:86:d9:94:ab:c5:f5:18:34:78:22:0c:0a:bb:
         51:81:36:fe:6a:e3:ae:b7:29:e3:18:cb:29:7a:11:1e:72:ad:
         25:bb:81:bb:0c:bc:f5:97:38:3d:d1:92:ba:1c:92:7e:ab:e7:
         2d:60:3b:a5:25:a2:04:33:25:e8:b9:38:f0:5b:9b:aa:30:39:
         7b:1d:50:10:37:ea:81:7e:36:e9:38:7c:61:83:7e:1d:fd:6e:
         91:37:08:16:4d:00:de:15:b1:ae:77:d2:43:34:8f:7b:04:da:
         96:66:e8:a4:18:58:28:5f:97:88:d2:2b:72:88:06:3a:82:00:
         76:ff:24:96:a6:c5:a5:c8:5e:7d:de:81:c4:77:9b:71:cb:97:
         2c:12:89:61:3f:4f:10:51:b4:c3:b2:c8:62:18:20:6e:6a:4b:
         be:c9:6f:d8:36:77:3b:62:16:d5:dd:2e:82:32:98:1d:02:d2:
         9f:da:8f:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+rmOhR02Gtc3AXMRKeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjYwMzI1MjIwMTAxWhcNMjYwMzI2MjIwMTAxWjAzMTEwLwYDVQQD
Eyg2ZWQ4OGJjYWZlMzc1MjlhZGEyMTQ1Zjk5MDcxNGQ5Zjc5M2Y1ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtwjKcCSPXF3lllBVlm4rwhZBU51
da/7dflj6PjdvFq7yRkJoJ/0EW2LHu22485lmFAiwdyMCIwMJ7mSuJiTyi3FKKJo
uUOr6Mo1F6LopJlXNHzI99m3pWUHl7yU9oQiiRaSM4RVu3woEgkVRIdjeIHp/NDl
CjtUkKIORoR891rx2fJ5+/Dxjda6wIMe4E9Y/6CC3bEHETGZyFhiQrxz5JZSVSqQ
kW2L/SP20uSRki4pBVNE0urP+QT7iAzX7tlMSjac6Pfxox5dwlIyKbUJy+0TPd1Q
jFhb+coUyu6F8vK2osGSEFk+j4RxLloSLTLCLNG/pGDDvQH4KduLe6Vm5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7Yi8r+N1Ka2iFF+ZBxTZ95P11gMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALEC5q1OZ
2+IDYFOB2eiCHRPPAQFD8bIWOFdpohEZL+cw8KclQ6sC7kJfnHbU8H35DV3hPh9Q
ooTfKszJLZf/uBfUK1vMdcAX/L8VkgmG2ZSrxfUYNHgiDAq7UYE2/mrjrrcp4xjL
KXoRHnKtJbuBuwy89Zc4PdGSuhySfqvnLWA7pSWiBDMl6Lk48FubqjA5ex1QEDfq
gX426Th8YYN+Hf1ukTcIFk0A3hWxrnfSQzSPewTalmbopBhYKF+XiNIrcogGOoIA
dv8klqbFpchefd6BxHebccuXLBKJYT9PEFG0w7LIYhggbmpLvslv2DZ3O2IW1d0u
gjKYHQLSn9qPtw==
-----END CERTIFICATE-----