Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
File:                     1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft (raw, json)
Hash identifier:          OQ/8K7B7JS24q/rjeF9GZXU6G8526hzKIPtKukkWOa8=
Subject key identifier:   7F:8D:A5:3E:B8:30:F3:79:08:B4:2E:79:9D:9D:5B:B1:9E:C3:AD:55
Authority key identifier: D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4
Certificate issuer:       /CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
Certificate serial:       019D284DA3FE0D07F8990D2E520B44E02C7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
Manifest number:          0FD2
Signing time:             Thu 26 Mar 2026 04:01:09 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:09 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:09 +0000
Files and hashes:         1: 1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl (hash: dJvfDZljim5iwYIOdZvHgvOVuAkvh5sQ0u8UThmwmE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:a3:fe:0d:07:f8:99:0d:2e:52:0b:44:e0:2c:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d63f8e42fb8442a48a7d47ef4c0b6e147514bfc4
        Validity
            Not Before: Mar 26 04:01:09 2026 GMT
            Not After : Mar 27 04:01:09 2026 GMT
        Subject: CN=7f8da53eb830f37908b42e799d9d5bb19ec3ad55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b1:00:3f:43:c4:d9:a0:03:88:ed:f9:d8:e1:
                    be:c8:0d:2d:09:e6:73:1e:d0:e4:1a:df:13:f4:95:
                    bc:5d:c8:e5:f7:99:98:33:a1:55:e6:0f:2f:13:1b:
                    17:5d:be:43:35:8a:cf:fc:55:b2:13:15:ca:f5:23:
                    49:81:3d:fc:a8:11:cc:29:9c:8b:a7:f9:48:64:c7:
                    aa:97:50:6d:95:0e:34:16:99:40:1d:25:04:e5:14:
                    19:d4:d2:de:0c:c1:24:a2:9e:84:f8:51:bc:c8:53:
                    3a:e4:04:80:fd:92:b8:51:cc:f4:56:80:eb:88:13:
                    4a:9f:eb:12:b4:5a:af:5d:fb:41:17:fa:75:84:cb:
                    bf:c1:11:29:b7:63:71:86:f7:ab:71:b0:ef:ac:a5:
                    58:bb:c4:ee:50:b7:30:2a:16:d9:7a:8c:39:e4:ad:
                    03:5b:51:b7:53:97:4f:08:82:25:5f:b7:1c:75:1a:
                    1f:a9:eb:d1:9d:9d:62:fc:73:48:3f:b2:40:6f:80:
                    a7:44:58:e9:0b:37:4c:d6:e3:db:a3:76:63:19:f0:
                    4d:13:84:ec:84:4e:a0:66:e7:89:d7:cd:a4:2b:71:
                    b6:e9:c0:ab:6e:97:49:2d:6b:33:2b:de:ee:dc:22:
                    1e:8e:6e:7f:6a:08:22:e3:25:27:ef:0d:9a:08:2f:
                    38:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:8D:A5:3E:B8:30:F3:79:08:B4:2E:79:9D:9D:5B:B1:9E:C3:AD:55
            X509v3 Authority Key Identifier:
                keyid:D6:3F:8E:42:FB:84:42:A4:8A:7D:47:EF:4C:0B:6E:14:75:14:BF:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee5f33-b1eb-4d08-9e87-2ed7a715f8d7/1/1j-OQvuEQqSKfUfvTAtuFHUUv8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:0a:66:08:4c:a4:79:e8:e9:55:8c:b6:cd:85:21:a5:a5:95:
         c5:ed:d8:b5:bf:f2:02:ed:7f:3e:06:fc:36:66:71:45:cb:dc:
         1d:f7:23:28:3f:ff:8a:c2:11:d1:ac:bc:7d:83:42:a4:f9:95:
         f4:57:b8:33:ca:d7:c7:46:fe:ec:09:86:15:28:46:96:60:5b:
         ee:63:9e:88:a2:f7:3d:94:b3:74:f8:d0:f7:3f:28:91:56:ff:
         66:5b:1c:17:05:e1:75:fc:c1:02:84:49:45:3a:dc:87:a3:cc:
         c7:e9:1c:10:d7:3c:4c:43:c0:95:3e:4d:d3:75:e6:0f:9e:67:
         f2:d3:35:54:42:37:f8:d6:22:e4:48:56:78:20:54:da:30:31:
         01:0a:09:3a:82:b6:3d:6a:f3:1f:9f:66:9c:02:32:16:79:fe:
         d9:46:09:15:ac:3c:2f:c2:cd:b9:bc:80:f9:f0:93:d2:d6:8f:
         ac:4e:58:29:1b:43:b8:f6:1b:9a:20:f9:95:72:1d:91:8b:de:
         2e:08:9f:c0:99:5d:11:fc:15:80:28:ba:2c:01:a8:fe:47:4b:
         71:4a:48:58:b8:d7:98:76:47:aa:e7:fa:38:ed:1b:26:b4:d9:
         d9:6f:b6:17:85:8e:13:92:e2:fd:0b:c2:3a:7d:21:33:e8:bf:
         2b:b3:6e:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTaP+DQf4mQ0uUgtE4Cx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2M2Y4ZTQyZmI4NDQyYTQ4YTdkNDdlZjRjMGI2ZTE0NzUx
NGJmYzQwHhcNMjYwMzI2MDQwMTA5WhcNMjYwMzI3MDQwMTA5WjAzMTEwLwYDVQQD
Eyg3ZjhkYTUzZWI4MzBmMzc5MDhiNDJlNzk5ZDlkNWJiMTllYzNhZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bEAP0PE2aADiO352OG+yA0tCeZz
HtDkGt8T9JW8Xcjl95mYM6FV5g8vExsXXb5DNYrP/FWyExXK9SNJgT38qBHMKZyL
p/lIZMeql1BtlQ40FplAHSUE5RQZ1NLeDMEkop6E+FG8yFM65ASA/ZK4Ucz0VoDr
iBNKn+sStFqvXftBF/p1hMu/wREpt2NxhvercbDvrKVYu8TuULcwKhbZeow55K0D
W1G3U5dPCIIlX7ccdRofqevRnZ1i/HNIP7JAb4CnRFjpCzdM1uPbo3ZjGfBNE4Ts
hE6gZueJ182kK3G26cCrbpdJLWszK97u3CIejm5/aggi4yUn7w2aCC84FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+NpT64MPN5CLQueZ2dW7Gew61VMB8GA1UdIwQY
MBaAFNY/jkL7hEKkin1H70wLbhR1FL/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODct
MmVkN2E3MTVmOGQ3LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTVmMzMtYjFlYi00ZDA4LTllODctMmVkN2E3MTVmOGQ3
LzEvMWotT1F2dUVRcVNLZlVmdlRBdHVGSFVVdjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXApmCEyk
eejpVYy2zYUhpaWVxe3Ytb/yAu1/Pgb8NmZxRcvcHfcjKD//isIR0ay8fYNCpPmV
9Fe4M8rXx0b+7AmGFShGlmBb7mOeiKL3PZSzdPjQ9z8okVb/ZlscFwXhdfzBAoRJ
RTrch6PMx+kcENc8TEPAlT5N03XmD55n8tM1VEI3+NYi5EhWeCBU2jAxAQoJOoK2
PWrzH59mnAIyFnn+2UYJFaw8L8LNubyA+fCT0taPrE5YKRtDuPYbmiD5lXIdkYve
LgifwJldEfwVgCi6LAGo/kdLcUpIWLjXmHZHquf6OO0bJrTZ2W+2F4WOE5Li/QvC
On0hM+i/K7Nutg==
-----END CERTIFICATE-----