Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          8i/JagKevx2qqGIcsCAMfQ/ikNyTGcwm0m57gnDNQ8o=
Subject key identifier:   92:62:F3:7A:7B:82:A9:AD:4E:C8:9D:6A:78:D5:CF:49:CE:D3:42:38
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019D2A3C1A426CFA000F41EE678B6DDB0C0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0C97
Signing time:             Thu 26 Mar 2026 13:01:14 +0000
Manifest this update:     Thu 26 Mar 2026 13:01:14 +0000
Manifest next update:     Fri 27 Mar 2026 13:01:14 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: I7vVVofbb2ohEmBl4mb+CAUKLZgXDUV/zxcd7Bh3I4s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3c:1a:42:6c:fa:00:0f:41:ee:67:8b:6d:db:0c:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Mar 26 13:01:14 2026 GMT
            Not After : Mar 27 13:01:14 2026 GMT
        Subject: CN=9262f37a7b82a9ad4ec89d6a78d5cf49ced34238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3e:3e:a4:67:63:b4:e5:71:20:7a:0c:32:5d:
                    6e:b9:d8:33:9b:53:2f:ee:5f:d8:a1:a2:8b:3a:02:
                    31:01:06:28:c8:3d:aa:42:b5:33:c4:ed:f7:47:b9:
                    86:62:0d:65:c2:07:ac:a8:d4:79:28:fc:95:98:8b:
                    56:e9:b4:37:0e:cb:69:de:97:0e:25:6b:28:87:1e:
                    cc:5e:e5:e3:48:90:84:bb:c2:44:b6:ac:2b:47:3a:
                    f4:15:e7:35:83:04:30:95:7c:29:f6:4c:06:d1:4e:
                    f2:86:1f:ee:8f:5c:84:bf:ba:07:b5:6f:43:2f:40:
                    67:c5:f0:99:63:c4:ca:f3:f1:fd:ac:08:9c:07:d1:
                    ff:79:3c:f6:39:c9:4c:29:6d:1e:c4:be:59:fe:9c:
                    07:96:79:7f:db:97:c1:44:1f:f8:65:c9:fa:23:c9:
                    4b:00:66:64:e0:ce:ac:77:9c:22:29:5a:5b:9e:3c:
                    c3:28:14:27:39:b3:9d:19:84:2f:3d:80:42:ed:c2:
                    58:ce:b4:8b:81:13:0c:66:32:f6:30:cc:5f:58:03:
                    5f:16:97:5e:86:70:21:7f:58:e9:24:5a:26:91:36:
                    d5:fa:67:4a:52:cc:aa:af:88:9e:15:4f:ea:7b:e6:
                    79:dd:6c:72:79:5d:f4:26:c7:52:1b:ab:04:41:87:
                    4d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:62:F3:7A:7B:82:A9:AD:4E:C8:9D:6A:78:D5:CF:49:CE:D3:42:38
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:1a:9a:81:d4:28:89:f4:8c:52:22:d5:f9:16:f4:79:c9:82:
         7a:27:75:25:b1:40:06:0f:d3:07:4c:85:22:0c:18:43:14:34:
         57:cc:44:98:c2:43:93:8e:37:b2:d8:3d:53:ec:ad:18:3e:1e:
         19:04:d0:0e:8e:00:a9:e0:98:1d:3f:72:48:c6:79:50:3e:3a:
         8a:25:3b:55:e9:f0:6e:4b:17:fa:c1:82:23:80:0c:c7:f7:f9:
         1a:89:72:55:6b:08:8c:f8:a7:bc:d1:9f:b5:2f:a4:05:ad:5b:
         a8:61:db:56:0b:72:69:cd:f6:fc:af:21:56:63:63:da:8f:4b:
         d5:c8:e6:82:eb:0a:bf:1e:6d:15:0a:a2:1e:b1:de:f3:a8:48:
         69:70:e8:8f:50:47:c5:04:13:a7:ec:30:c7:8e:4e:7c:48:07:
         73:2a:9f:8a:dd:22:a7:36:83:39:b4:46:94:ad:03:7c:d7:68:
         a2:14:72:92:5d:bc:ef:a3:59:e4:4d:55:a8:cc:da:a0:dd:44:
         c9:6a:e5:8f:d5:7b:e3:ba:de:da:45:aa:b7:6d:b8:f9:30:cc:
         d8:06:20:eb:97:d3:3d:07:85:7c:84:f6:1c:59:f5:5e:f1:cc:
         9f:54:70:97:8b:e3:79:dd:f3:0f:20:92:1a:02:ae:8e:d0:76:
         1f:a1:74:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPBpCbPoAD0HuZ4tt2wwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjYwMzI2MTMwMTE0WhcNMjYwMzI3MTMwMTE0WjAzMTEwLwYDVQQD
Eyg5MjYyZjM3YTdiODJhOWFkNGVjODlkNmE3OGQ1Y2Y0OWNlZDM0MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT4+pGdjtOVxIHoMMl1uudgzm1Mv
7l/YoaKLOgIxAQYoyD2qQrUzxO33R7mGYg1lwgesqNR5KPyVmItW6bQ3Dstp3pcO
JWsohx7MXuXjSJCEu8JEtqwrRzr0Fec1gwQwlXwp9kwG0U7yhh/uj1yEv7oHtW9D
L0BnxfCZY8TK8/H9rAicB9H/eTz2OclMKW0exL5Z/pwHlnl/25fBRB/4Zcn6I8lL
AGZk4M6sd5wiKVpbnjzDKBQnObOdGYQvPYBC7cJYzrSLgRMMZjL2MMxfWANfFpde
hnAhf1jpJFomkTbV+mdKUsyqr4ieFU/qe+Z53WxyeV30JsdSG6sEQYdNsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJi83p7gqmtTsidanjVz0nO00I4MB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWhqagdQo
ifSMUiLV+Rb0ecmCeid1JbFABg/TB0yFIgwYQxQ0V8xEmMJDk443stg9U+ytGD4e
GQTQDo4AqeCYHT9ySMZ5UD46iiU7VenwbksX+sGCI4AMx/f5GolyVWsIjPinvNGf
tS+kBa1bqGHbVgtyac32/K8hVmNj2o9L1cjmgusKvx5tFQqiHrHe86hIaXDoj1BH
xQQTp+wwx45OfEgHcyqfit0ipzaDObRGlK0DfNdoohRykl2876NZ5E1VqMzaoN1E
yWrlj9V747re2kWqt224+TDM2AYg65fTPQeFfIT2HFn1XvHMn1Rwl4vjed3zDyCS
GgKujtB2H6F02w==
-----END CERTIFICATE-----