Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          IVP3q7rjJxLtqs4n8lY5dLaQLGhnQCdNwDQP9AbnVxc=
Subject key identifier:   EC:07:6C:BE:69:03:F1:09:6B:27:2B:F2:CB:92:BB:86:81:B0:43:93
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       019D2703F0234CF778603841C6409F891989
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          1885
Signing time:             Wed 25 Mar 2026 22:01:02 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:02 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:02 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: +q3rg4sgJYrwPq3fv3Gcvlz0Ih9BuZc9tcPM41k+3DM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:f0:23:4c:f7:78:60:38:41:c6:40:9f:89:19:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Mar 25 22:01:02 2026 GMT
            Not After : Mar 26 22:01:02 2026 GMT
        Subject: CN=ec076cbe6903f1096b272bf2cb92bb8681b04393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a9:1d:24:08:58:ef:62:2c:a8:00:7e:d7:eb:
                    e1:38:aa:17:73:cc:1b:c0:20:ae:b0:28:9d:2c:22:
                    74:03:c2:ea:ad:01:d0:6c:ba:b3:d8:ca:5c:fd:85:
                    f8:a9:a4:66:39:79:cd:9c:5a:c6:78:b5:b0:f6:85:
                    4c:67:ec:a8:39:50:70:5b:00:64:92:f8:ad:9f:66:
                    d3:54:21:47:d8:cd:e3:8c:31:1c:1a:e9:fa:f8:28:
                    f3:65:2d:95:aa:ce:41:2c:99:40:bc:92:83:6d:8a:
                    1c:35:8d:e7:ae:44:31:b3:dd:f4:70:1a:6f:61:c7:
                    e2:9a:eb:66:cb:4a:99:1e:6e:c0:e3:c0:c0:34:e9:
                    ea:91:e9:fc:63:7d:96:46:77:f5:da:c2:ec:a0:cd:
                    f4:4f:c5:8e:a7:96:ae:f3:31:bf:8a:40:66:d4:c7:
                    cc:f5:6d:f8:91:e1:26:12:e8:1d:40:6d:6f:a4:80:
                    43:54:83:40:9a:72:fb:f1:7e:6f:22:b9:54:26:a0:
                    1d:53:bc:fe:a1:70:13:4e:dc:fa:7b:67:b5:bf:75:
                    d3:8d:4b:74:7e:8b:cd:7c:9f:56:a0:fa:45:13:86:
                    2e:e8:96:7a:19:fb:34:e2:4b:89:dc:97:39:3c:f5:
                    52:ad:8e:56:0e:7e:42:8c:dc:c4:1f:60:9c:be:46:
                    2e:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:07:6C:BE:69:03:F1:09:6B:27:2B:F2:CB:92:BB:86:81:B0:43:93
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:ac:ee:90:39:1e:bf:bc:d2:43:68:f9:85:02:3a:b9:75:d7:
         c9:60:fa:96:ac:d6:14:15:7e:98:00:e9:c8:7a:ce:3a:d6:4c:
         20:28:c5:87:eb:34:81:3f:48:37:0d:e6:fe:36:f5:60:84:ef:
         98:0c:a4:61:36:90:cb:09:2b:94:b7:22:bc:78:97:fb:79:b1:
         b7:d5:c5:a5:a3:3e:23:f8:14:62:7f:a2:86:5c:aa:24:17:a0:
         db:74:34:30:45:fb:1f:bf:eb:73:f9:08:31:dd:7c:a5:89:46:
         16:59:96:88:54:f5:6d:43:d2:92:ce:02:60:35:c6:1c:e7:e2:
         cc:f1:d3:70:e8:bb:4e:42:89:1a:0d:71:b7:54:41:e2:be:43:
         44:30:27:dd:3f:93:0a:7f:78:46:df:3d:70:b4:d0:af:15:75:
         53:49:8c:19:e5:5d:fb:83:f1:80:67:bf:f8:5a:e7:9c:c8:2b:
         1e:0e:ab:9e:6a:a6:fa:cd:a3:ec:cc:9e:cc:ce:92:00:82:48:
         5a:8a:f5:f4:88:f2:b0:4e:88:89:c2:6d:04:a4:e3:aa:cc:66:
         80:a2:3d:f0:4f:56:f1:a8:df:11:55:20:0c:88:21:90:91:b2:
         99:20:02:51:bf:79:4d:07:6b:a3:c7:08:8e:f9:7d:d0:e9:91:
         76:3f:f5:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA/AjTPd4YDhBxkCfiRmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjYwMzI1MjIwMTAyWhcNMjYwMzI2MjIwMTAyWjAzMTEwLwYDVQQD
EyhlYzA3NmNiZTY5MDNmMTA5NmIyNzJiZjJjYjkyYmI4NjgxYjA0MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvakdJAhY72IsqAB+1+vhOKoXc8wb
wCCusCidLCJ0A8LqrQHQbLqz2Mpc/YX4qaRmOXnNnFrGeLWw9oVMZ+yoOVBwWwBk
kvitn2bTVCFH2M3jjDEcGun6+CjzZS2Vqs5BLJlAvJKDbYocNY3nrkQxs930cBpv
Ycfimutmy0qZHm7A48DANOnqken8Y32WRnf12sLsoM30T8WOp5au8zG/ikBm1MfM
9W34keEmEugdQG1vpIBDVINAmnL78X5vIrlUJqAdU7z+oXATTtz6e2e1v3XTjUt0
fovNfJ9WoPpFE4Yu6JZ6Gfs04kuJ3Jc5PPVSrY5WDn5CjNzEH2CcvkYuowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOwHbL5pA/EJaycr8suSu4aBsEOTMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVKzukDke
v7zSQ2j5hQI6uXXXyWD6lqzWFBV+mADpyHrOOtZMICjFh+s0gT9INw3m/jb1YITv
mAykYTaQywkrlLcivHiX+3mxt9XFpaM+I/gUYn+ihlyqJBeg23Q0MEX7H7/rc/kI
Md18pYlGFlmWiFT1bUPSks4CYDXGHOfizPHTcOi7TkKJGg1xt1RB4r5DRDAn3T+T
Cn94Rt89cLTQrxV1U0mMGeVd+4PxgGe/+FrnnMgrHg6rnmqm+s2j7MyezM6SAIJI
Wor19IjysE6IicJtBKTjqsxmgKI98E9W8ajfEVUgDIghkJGymSACUb95TQdro8cI
jvl90OmRdj/1Og==
-----END CERTIFICATE-----