Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          ZpxOD9EBIecHdiQdP2lOPL6LtCqnQ1VolBenQu7ryBM=
Subject key identifier:   FB:7B:70:A7:63:70:BF:2E:64:2C:D5:AA:A7:31:D7:54:71:B1:72:37
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019D3299EB8A016EA117538FBC6DBA0B3757
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          1889
Signing time:             Sat 28 Mar 2026 04:00:41 +0000
Manifest this update:     Sat 28 Mar 2026 04:00:41 +0000
Manifest next update:     Sun 29 Mar 2026 04:00:41 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: mVMdAp470odw/4k+x1ZvdpQmpVWIEpvjllmiyOoXkZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:99:eb:8a:01:6e:a1:17:53:8f:bc:6d:ba:0b:37:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Mar 28 04:00:41 2026 GMT
            Not After : Mar 29 04:00:41 2026 GMT
        Subject: CN=fb7b70a76370bf2e642cd5aaa731d75471b17237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:c9:42:cd:c4:06:e3:cc:af:34:58:31:de:a7:
                    d8:4e:a6:2a:db:0f:4a:80:bb:4b:39:5a:f8:4e:76:
                    8e:4e:79:55:7b:ee:83:63:12:01:d5:61:8a:65:e1:
                    91:6c:2c:48:49:96:a9:a6:63:e3:73:24:82:50:08:
                    99:89:6d:90:9a:36:37:1c:cf:5b:54:83:b8:8f:da:
                    29:00:59:cd:fa:4c:e4:ef:3c:56:93:71:5f:4f:eb:
                    35:62:fe:0b:24:26:e2:fd:07:36:89:0d:61:fd:10:
                    64:0a:6e:16:52:c9:12:8c:f1:01:7c:5b:24:f4:fb:
                    1b:f9:7d:bd:d2:30:ba:10:ef:0e:8b:94:e6:35:74:
                    f2:1b:34:20:66:4f:c6:b5:03:e0:f6:65:35:49:d6:
                    52:1d:19:89:9f:90:10:d3:bb:5a:6d:04:91:96:a8:
                    50:5d:b6:df:96:7f:29:5e:b0:bd:76:67:6b:45:0c:
                    00:9f:5d:9f:fc:13:65:70:d1:56:a4:64:99:ee:f0:
                    1c:ee:5a:4d:a3:55:55:c6:f7:44:85:4b:00:46:c7:
                    29:80:45:bb:c7:d4:29:81:0d:c1:ff:f3:2b:b8:b6:
                    de:9f:91:5c:da:6a:de:9d:09:40:55:5b:7f:d6:2d:
                    ca:cc:1e:eb:db:b8:13:4a:34:cc:30:6e:22:83:0f:
                    c4:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:7B:70:A7:63:70:BF:2E:64:2C:D5:AA:A7:31:D7:54:71:B1:72:37
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:00:d6:58:24:1b:51:d5:2d:98:8a:8e:74:74:d1:59:29:37:
         12:78:42:29:6f:5a:56:30:6b:04:a9:5c:e0:6b:75:9c:28:82:
         c2:89:9c:87:c4:e4:93:74:12:9a:e9:8b:89:4b:30:5b:8b:0b:
         dc:90:ab:00:f4:25:8a:d0:ff:ee:ba:6d:31:53:f7:d0:85:04:
         73:01:39:15:3b:b1:ee:29:96:74:64:12:79:4d:2a:65:2d:48:
         06:cf:0f:6f:7c:70:63:39:2a:80:dd:20:05:7f:76:a3:6f:df:
         d5:21:06:3f:4a:15:b9:6d:8e:d0:95:46:3e:60:eb:24:a9:e2:
         d0:c7:2a:8f:a1:e3:34:40:33:90:34:aa:57:e7:06:95:66:bc:
         23:50:38:03:1e:54:82:6e:a6:5a:6f:93:14:3f:94:f8:63:8d:
         a5:82:24:e1:b0:ea:a8:b9:62:cd:e4:06:1a:8f:aa:44:6a:79:
         d6:e2:26:4a:be:92:5c:5f:af:d3:dc:12:a0:67:9c:78:e8:3c:
         81:2c:09:75:83:40:e5:68:f0:1e:04:ce:d5:a8:7e:9f:aa:23:
         a0:10:7d:fe:61:f5:fc:a7:a0:11:61:75:d7:95:17:e4:2b:6c:
         e3:62:45:9a:6c:58:be:5b:80:cd:cc:ad:c7:97:fe:df:b2:fc:
         43:35:d5:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymeuKAW6hF1OPvG26CzdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjYwMzI4MDQwMDQxWhcNMjYwMzI5MDQwMDQxWjAzMTEwLwYDVQQD
EyhmYjdiNzBhNzYzNzBiZjJlNjQyY2Q1YWFhNzMxZDc1NDcxYjE3MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4clCzcQG48yvNFgx3qfYTqYq2w9K
gLtLOVr4TnaOTnlVe+6DYxIB1WGKZeGRbCxISZappmPjcySCUAiZiW2QmjY3HM9b
VIO4j9opAFnN+kzk7zxWk3FfT+s1Yv4LJCbi/Qc2iQ1h/RBkCm4WUskSjPEBfFsk
9Psb+X290jC6EO8Oi5TmNXTyGzQgZk/GtQPg9mU1SdZSHRmJn5AQ07tabQSRlqhQ
Xbbfln8pXrC9dmdrRQwAn12f/BNlcNFWpGSZ7vAc7lpNo1VVxvdEhUsARscpgEW7
x9QpgQ3B//MruLben5Fc2mrenQlAVVt/1i3KzB7r27gTSjTMMG4igw/EiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPt7cKdjcL8uZCzVqqcx11RxsXI3MB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmADWWCQb
UdUtmIqOdHTRWSk3EnhCKW9aVjBrBKlc4Gt1nCiCwomch8Tkk3QSmumLiUswW4sL
3JCrAPQlitD/7rptMVP30IUEcwE5FTux7imWdGQSeU0qZS1IBs8Pb3xwYzkqgN0g
BX92o2/f1SEGP0oVuW2O0JVGPmDrJKni0Mcqj6HjNEAzkDSqV+cGlWa8I1A4Ax5U
gm6mWm+TFD+U+GONpYIk4bDqqLlizeQGGo+qRGp51uImSr6SXF+v09wSoGeceOg8
gSwJdYNA5WjwHgTO1ah+n6ojoBB9/mH1/KegEWF115UX5Cts42JFmmxYvluAzcyt
x5f+37L8QzXVfA==
-----END CERTIFICATE-----