Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          au6JfdjlI+2XzW3ju0qccukfAEaKVjUSqFU2wctpMlw=
Subject key identifier:   54:1A:DE:E1:BD:0B:EE:75:79:0D:FA:B4:FA:06:3A:16:FB:01:F4:11
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019D2816C4FD8A154F2D71C86A27941451D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          0558
Signing time:             Thu 26 Mar 2026 03:01:13 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:13 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:13 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: zTHBX3XWDnOTvBocEGq5PKidBgRD4JHKx/YILlJ0M84=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:c4:fd:8a:15:4f:2d:71:c8:6a:27:94:14:51:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Mar 26 03:01:13 2026 GMT
            Not After : Mar 27 03:01:13 2026 GMT
        Subject: CN=541adee1bd0bee75790dfab4fa063a16fb01f411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:a0:fa:7d:6f:3b:96:c9:51:f1:d3:34:fd:b3:
                    3e:df:b8:ef:74:e6:3c:a6:83:45:ca:6d:36:e4:b4:
                    51:02:3a:4b:70:8b:0f:30:b4:5f:3a:19:74:20:7f:
                    62:7d:7f:75:16:d8:2c:89:60:59:70:ab:97:89:36:
                    c6:4b:d9:d6:4e:49:06:44:99:62:89:a6:ae:cb:c8:
                    d1:b8:69:bc:a7:2b:e8:66:90:67:56:f9:34:f8:3a:
                    df:89:1b:d5:c6:6a:37:d0:d8:37:43:03:3e:1e:cc:
                    34:fc:c1:f3:e1:8d:5f:f0:6b:e1:9e:27:4e:af:d7:
                    3a:40:f8:50:fe:83:4c:73:59:23:5e:46:1d:6c:67:
                    79:95:eb:86:f8:9f:f4:26:db:4d:d5:82:66:1b:c0:
                    93:ba:32:32:c9:6f:ae:e8:94:9b:36:30:36:72:33:
                    51:23:49:aa:59:47:a1:d7:cf:c5:c6:8a:1e:bf:eb:
                    86:9f:03:31:cf:f6:89:7c:d2:30:7a:06:c6:34:d1:
                    76:2e:37:5c:98:7d:aa:6a:b1:79:da:38:81:6f:2c:
                    2b:73:80:30:e5:fd:0d:f9:0b:39:2f:0b:66:94:5d:
                    77:38:78:65:01:b8:43:9d:ab:ee:e7:e7:17:95:f4:
                    35:17:4d:77:fe:0c:9c:18:47:be:35:11:d1:e3:17:
                    af:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:1A:DE:E1:BD:0B:EE:75:79:0D:FA:B4:FA:06:3A:16:FB:01:F4:11
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:bd:c3:ea:f5:31:e3:8f:3f:5c:80:20:4e:50:ba:68:73:cb:
         bb:a5:81:bc:ec:38:55:ac:12:7d:65:e9:be:eb:7f:20:eb:bb:
         48:ee:61:60:84:8e:b5:c0:69:ca:4d:5a:74:f6:78:5e:c1:a9:
         01:c3:d3:db:e6:86:a3:0b:02:a7:d2:23:bb:5b:3e:3c:9c:a0:
         80:70:6d:c0:e6:e6:6c:cd:9a:50:dc:5b:5c:38:12:0a:d8:96:
         52:44:0b:56:79:22:bd:92:ea:64:7f:29:bc:e3:b4:33:d3:94:
         9f:65:bb:5e:01:e8:1d:cd:9c:25:d9:f3:26:fe:3c:9b:71:32:
         fa:11:f8:3f:64:54:b7:97:43:8e:5e:70:1c:9f:d1:f3:4e:91:
         89:3f:6e:b5:73:56:bf:e4:1f:7f:af:34:4b:51:2c:b5:e7:f4:
         d9:42:a3:91:6f:09:20:c8:1c:65:9c:02:eb:55:9c:5e:f0:d0:
         5e:0d:f8:6f:74:96:97:9b:b0:69:52:ec:e1:40:2a:55:3e:aa:
         9a:78:6f:50:01:03:4c:b6:1c:69:3c:1e:f9:d4:82:86:82:ce:
         a8:37:a6:32:d9:90:78:0e:92:39:9b:8b:d4:9b:44:23:a4:25:
         94:c8:de:a3:29:f7:32:76:08:11:af:71:7c:93:c3:6b:04:95:
         9c:4d:65:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFsT9ihVPLXHIaieUFFHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjYwMzI2MDMwMTEzWhcNMjYwMzI3MDMwMTEzWjAzMTEwLwYDVQQD
Eyg1NDFhZGVlMWJkMGJlZTc1NzkwZGZhYjRmYTA2M2ExNmZiMDFmNDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6D6fW87lslR8dM0/bM+37jvdOY8
poNFym025LRRAjpLcIsPMLRfOhl0IH9ifX91FtgsiWBZcKuXiTbGS9nWTkkGRJli
iaauy8jRuGm8pyvoZpBnVvk0+DrfiRvVxmo30Ng3QwM+Hsw0/MHz4Y1f8GvhnidO
r9c6QPhQ/oNMc1kjXkYdbGd5leuG+J/0JttN1YJmG8CTujIyyW+u6JSbNjA2cjNR
I0mqWUeh18/Fxooev+uGnwMxz/aJfNIwegbGNNF2LjdcmH2qarF52jiBbywrc4Aw
5f0N+Qs5LwtmlF13OHhlAbhDnavu5+cXlfQ1F013/gycGEe+NRHR4xev/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQa3uG9C+51eQ36tPoGOhb7AfQRMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn73D6vUx
448/XIAgTlC6aHPLu6WBvOw4VawSfWXpvut/IOu7SO5hYISOtcBpyk1adPZ4XsGp
AcPT2+aGowsCp9Iju1s+PJyggHBtwObmbM2aUNxbXDgSCtiWUkQLVnkivZLqZH8p
vOO0M9OUn2W7XgHoHc2cJdnzJv48m3Ey+hH4P2RUt5dDjl5wHJ/R806RiT9utXNW
v+Qff680S1Estef02UKjkW8JIMgcZZwC61WcXvDQXg34b3SWl5uwaVLs4UAqVT6q
mnhvUAEDTLYcaTwe+dSChoLOqDemMtmQeA6SOZuL1JtEI6QllMjeoyn3MnYIEa9x
fJPDawSVnE1lQg==
-----END CERTIFICATE-----