Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          hZ+baQBcWzNVGZKQTjxMvdTp4mA0y+WZWMKbzVSIclk=
Subject key identifier:   DB:F3:16:46:F9:C0:FA:16:C2:E6:31:06:9C:19:24:8F:AB:4A:C2:91
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019D33ACE64EF6E4547FD64281BA5E689B5A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          080E
Signing time:             Sat 28 Mar 2026 09:01:02 +0000
Manifest this update:     Sat 28 Mar 2026 09:01:02 +0000
Manifest next update:     Sun 29 Mar 2026 09:01:02 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: lPjoMKeRuiI9KsEDP94boW14EKrzdaSLFPqlazjHbM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:ac:e6:4e:f6:e4:54:7f:d6:42:81:ba:5e:68:9b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Mar 28 09:01:02 2026 GMT
            Not After : Mar 29 09:01:02 2026 GMT
        Subject: CN=dbf31646f9c0fa16c2e631069c19248fab4ac291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b7:b9:ff:0a:0d:c0:0b:4f:70:20:69:3d:fc:
                    52:c6:c6:f3:39:b2:bd:98:01:0e:cf:bd:90:74:c0:
                    af:d9:ce:a6:4b:a1:eb:11:d6:f7:ed:d2:cb:17:ac:
                    bd:27:b4:a7:f8:17:5f:54:31:93:c1:00:86:41:83:
                    60:68:88:af:89:80:39:95:32:cd:49:fc:25:b0:c5:
                    92:f9:6d:b7:82:c5:d2:16:c1:cc:c9:aa:fb:b0:15:
                    66:6a:e4:9f:8e:e9:8c:d5:6f:23:a3:22:22:63:4b:
                    24:1c:57:49:85:3a:90:7e:c0:b8:6b:be:6b:f2:87:
                    87:e1:b0:4c:13:67:0b:55:2b:04:58:09:ee:2d:f0:
                    cb:c7:aa:71:f1:67:d4:1a:e4:0a:22:de:d9:a5:a4:
                    f2:78:6f:47:29:c4:b7:a9:3a:a6:c1:ed:94:24:19:
                    e0:54:aa:f2:88:59:35:e5:45:da:49:49:61:7d:ec:
                    1b:b4:0c:f9:97:15:84:57:9b:b1:8e:15:3f:ff:7d:
                    7f:f8:3b:04:68:df:f0:59:c9:04:7d:16:0d:06:2f:
                    9b:23:a9:fa:f0:04:8b:13:e3:58:7f:38:64:d4:09:
                    f8:14:87:8a:ca:f4:92:c0:d7:10:66:ab:44:7f:d7:
                    5a:1e:85:e5:8f:9a:9d:b5:24:4c:38:58:6f:5f:8f:
                    cd:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F3:16:46:F9:C0:FA:16:C2:E6:31:06:9C:19:24:8F:AB:4A:C2:91
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:8e:af:a2:e4:b7:1b:91:d6:34:9e:8c:ef:d3:97:0a:ce:8b:
         59:2e:a2:a5:d3:d2:2a:90:92:ca:01:c2:f3:a3:05:e6:c5:5e:
         cb:b6:60:67:c1:f6:ec:65:78:9f:92:21:e4:ea:53:83:c6:d5:
         9f:f1:bc:03:85:18:05:77:cc:4f:11:cd:fe:08:2e:82:15:b3:
         75:aa:39:9b:e6:b8:f9:80:ff:4c:e8:d1:d8:05:e2:93:d0:73:
         fb:7a:3f:b4:e8:5d:06:cb:10:e7:13:4f:f7:43:91:91:35:bd:
         a9:c0:ea:c3:48:c5:de:53:a6:54:16:2b:86:16:30:2c:fd:31:
         6d:ba:6a:84:88:75:8d:93:8b:58:e4:e5:4f:1c:77:4e:44:a3:
         ab:a5:63:d0:2c:d2:ae:01:2a:02:98:08:db:f1:4b:fb:ed:8c:
         1e:72:04:e1:5f:68:cf:cc:c1:91:09:4e:72:23:5e:f7:77:97:
         ca:3c:00:f7:04:e8:bd:a9:7f:36:3d:f9:e9:a7:dd:cf:43:5e:
         75:a6:73:ee:43:ef:a4:b4:e4:41:38:ae:fb:11:fa:84:c7:91:
         f7:9c:63:ee:37:75:34:bb:3c:6a:c1:aa:1b:aa:b7:8f:45:4a:
         a8:db:b9:59:5b:3f:a6:29:22:59:43:40:80:75:a0:7a:5e:dc:
         4f:81:f6:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zrOZO9uRUf9ZCgbpeaJtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjYwMzI4MDkwMTAyWhcNMjYwMzI5MDkwMTAyWjAzMTEwLwYDVQQD
EyhkYmYzMTY0NmY5YzBmYTE2YzJlNjMxMDY5YzE5MjQ4ZmFiNGFjMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApre5/woNwAtPcCBpPfxSxsbzObK9
mAEOz72QdMCv2c6mS6HrEdb37dLLF6y9J7Sn+BdfVDGTwQCGQYNgaIiviYA5lTLN
SfwlsMWS+W23gsXSFsHMyar7sBVmauSfjumM1W8joyIiY0skHFdJhTqQfsC4a75r
8oeH4bBME2cLVSsEWAnuLfDLx6px8WfUGuQKIt7ZpaTyeG9HKcS3qTqmwe2UJBng
VKryiFk15UXaSUlhfewbtAz5lxWEV5uxjhU//31/+DsEaN/wWckEfRYNBi+bI6n6
8ASLE+NYfzhk1An4FIeKyvSSwNcQZqtEf9daHoXlj5qdtSRMOFhvX4/NIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvzFkb5wPoWwuYxBpwZJI+rSsKRMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP46vouS3
G5HWNJ6M79OXCs6LWS6ipdPSKpCSygHC86MF5sVey7ZgZ8H27GV4n5Ih5OpTg8bV
n/G8A4UYBXfMTxHN/ggughWzdao5m+a4+YD/TOjR2AXik9Bz+3o/tOhdBssQ5xNP
90ORkTW9qcDqw0jF3lOmVBYrhhYwLP0xbbpqhIh1jZOLWOTlTxx3TkSjq6Vj0CzS
rgEqApgI2/FL++2MHnIE4V9oz8zBkQlOciNe93eXyjwA9wToval/Nj356afdz0Ne
daZz7kPvpLTkQTiu+xH6hMeR95xj7jd1NLs8asGqG6q3j0VKqNu5WVs/pikiWUNA
gHWgel7cT4H2tA==
-----END CERTIFICATE-----