Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          Io9vjIBz3wR7f0i28a61xA1EYFLWCuRRaTq4lmAEdP0=
Subject key identifier:   10:E8:A5:F3:BF:F3:C8:5A:6A:83:BB:A2:54:85:AE:DF:DC:36:08:D9
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       019D28F20AC01C11F0DF04920D23BE25A75B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          0CDC
Signing time:             Thu 26 Mar 2026 07:00:44 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:44 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:44 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: midEilYzg3NGUPzmrEZfBIV/hHPOBZm/I7akYojuOco=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:0a:c0:1c:11:f0:df:04:92:0d:23:be:25:a7:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: Mar 26 07:00:44 2026 GMT
            Not After : Mar 27 07:00:44 2026 GMT
        Subject: CN=10e8a5f3bff3c85a6a83bba25485aedfdc3608d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:72:08:b3:9a:8d:80:26:00:dd:e4:75:35:6c:
                    e8:01:61:1c:70:4e:f7:97:9d:39:1a:b2:cd:8e:91:
                    61:d1:89:b3:c7:3c:77:8b:67:82:77:90:0f:2d:34:
                    98:57:38:a6:24:14:17:4e:cf:49:86:7e:67:5a:2f:
                    fc:9e:e0:c9:6f:38:a6:e4:3d:c9:b9:58:6f:8d:62:
                    5b:d5:bd:92:29:f9:d5:35:bc:5f:a7:47:fa:e2:fc:
                    88:a7:fb:de:0c:1a:92:ba:3e:6d:0b:0d:25:e5:4f:
                    60:46:f2:1e:b3:09:88:3e:55:a6:6a:b2:87:fd:f8:
                    26:ea:e3:56:b9:71:86:5a:4a:e3:19:18:f9:73:04:
                    77:e3:77:6d:7d:73:28:e3:a7:80:b3:47:40:db:5c:
                    cd:3d:47:be:17:6a:22:14:3e:26:35:bc:82:07:6a:
                    64:90:1c:57:7c:52:33:f3:3f:ea:4b:fd:e2:fa:9e:
                    bd:2a:32:fc:e4:8d:7f:73:2d:ab:3b:df:fa:9e:a0:
                    ad:d5:4a:19:5b:c9:bb:89:3d:0b:2a:15:7c:36:51:
                    e6:5f:58:46:79:bf:72:41:a4:a4:b7:f1:cb:1d:d3:
                    f8:1b:96:b4:53:4c:c9:8c:21:cf:0a:d5:f0:11:0b:
                    ba:b5:b5:3e:bb:7e:ca:c8:28:53:81:35:e5:6a:72:
                    59:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:E8:A5:F3:BF:F3:C8:5A:6A:83:BB:A2:54:85:AE:DF:DC:36:08:D9
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:00:7c:27:94:c0:d2:d7:ac:7a:61:aa:90:e5:ae:e0:f9:84:
         3f:5a:3c:8a:b2:0e:65:95:cf:bd:f7:6e:db:48:07:a6:76:e1:
         e1:b6:49:37:b4:ec:8e:32:c8:67:58:87:dd:46:e3:c2:e9:95:
         8c:44:34:6d:ff:9f:23:2a:86:4a:03:46:07:60:cc:c2:bb:7d:
         fb:1a:6e:3e:c1:9a:0f:56:0d:d0:ad:1c:4d:dc:ff:29:4a:59:
         b6:30:b3:04:52:85:89:31:34:62:94:67:12:61:27:1e:30:57:
         2a:8a:c5:67:1d:88:94:c2:d6:4c:0a:eb:bd:e1:ec:43:2d:ae:
         81:f7:20:bd:b4:04:7a:77:72:26:cf:36:e8:f1:fd:a0:0b:6f:
         58:f7:8a:e3:60:97:f5:92:f3:5c:62:49:97:4a:48:2d:10:3e:
         19:bb:26:c6:41:4e:77:a6:56:3a:fa:cd:56:53:15:4a:14:78:
         23:7d:b8:49:0c:b4:0b:f8:10:2e:a3:3e:07:77:b8:2e:90:d1:
         f1:a0:0c:1d:25:fa:f1:5e:4a:0b:2f:16:8f:48:e2:df:57:ae:
         01:78:74:63:f1:15:0e:36:53:01:28:6b:3b:e9:6e:de:cc:d8:
         cd:69:22:35:24:c8:4e:2b:d9:ad:b7:85:37:4c:90:c0:8f:57:
         9b:03:3f:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8grAHBHw3wSSDSO+JadbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjYwMzI2MDcwMDQ0WhcNMjYwMzI3MDcwMDQ0WjAzMTEwLwYDVQQD
EygxMGU4YTVmM2JmZjNjODVhNmE4M2JiYTI1NDg1YWVkZmRjMzYwOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHIIs5qNgCYA3eR1NWzoAWEccE73
l505GrLNjpFh0Ymzxzx3i2eCd5APLTSYVzimJBQXTs9Jhn5nWi/8nuDJbzim5D3J
uVhvjWJb1b2SKfnVNbxfp0f64vyIp/veDBqSuj5tCw0l5U9gRvIeswmIPlWmarKH
/fgm6uNWuXGGWkrjGRj5cwR343dtfXMo46eAs0dA21zNPUe+F2oiFD4mNbyCB2pk
kBxXfFIz8z/qS/3i+p69KjL85I1/cy2rO9/6nqCt1UoZW8m7iT0LKhV8NlHmX1hG
eb9yQaSkt/HLHdP4G5a0U0zJjCHPCtXwEQu6tbU+u37KyChTgTXlanJZMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBDopfO/88haaoO7olSFrt/cNgjZMB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnwB8J5TA
0tesemGqkOWu4PmEP1o8irIOZZXPvfdu20gHpnbh4bZJN7TsjjLIZ1iH3UbjwumV
jEQ0bf+fIyqGSgNGB2DMwrt9+xpuPsGaD1YN0K0cTdz/KUpZtjCzBFKFiTE0YpRn
EmEnHjBXKorFZx2IlMLWTArrveHsQy2ugfcgvbQEendyJs826PH9oAtvWPeK42CX
9ZLzXGJJl0pILRA+GbsmxkFOd6ZWOvrNVlMVShR4I324SQy0C/gQLqM+B3e4LpDR
8aAMHSX68V5KCy8Wj0ji31euAXh0Y/EVDjZTAShrO+lu3szYzWkiNSTITivZrbeF
N0yQwI9XmwM/NQ==
-----END CERTIFICATE-----