Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/fd60b8-88d0-4fdf-950e-d20252461ddc/1/OGAlwD1UXJjL3PKg2AgS_ANkUYw.mft
File:                     OGAlwD1UXJjL3PKg2AgS_ANkUYw.mft (raw, json)
Hash identifier:          rIxCTS5TiCqkXgANTuWHOeUV5az9kX1UGpSnP/4/cs0=
Subject key identifier:   23:70:52:9F:CA:CD:A8:4A:D4:9A:4A:9B:30:73:5F:2C:AF:44:BB:7F
Authority key identifier: 38:60:25:C0:3D:54:5C:98:CB:DC:F2:A0:D8:08:12:FC:03:64:51:8C
Certificate issuer:       /CN=386025c03d545c98cbdcf2a0d80812fc0364518c
Certificate serial:       019D3451AF246DC19950B94FEEDAAF643740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGAlwD1UXJjL3PKg2AgS_ANkUYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/fd60b8-88d0-4fdf-950e-d20252461ddc/1/OGAlwD1UXJjL3PKg2AgS_ANkUYw.mft
Manifest number:          2B
Signing time:             Sat 28 Mar 2026 12:01:01 +0000
Manifest this update:     Sat 28 Mar 2026 12:01:01 +0000
Manifest next update:     Sun 29 Mar 2026 12:01:01 +0000
Files and hashes:         1: OGAlwD1UXJjL3PKg2AgS_ANkUYw.crl (hash: YpwCrN257o24WOu5ZFhTr4PSkFm2vloOtWOtCJyPqZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/fd60b8-88d0-4fdf-950e-d20252461ddc/1/OGAlwD1UXJjL3PKg2AgS_ANkUYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/fd60b8-88d0-4fdf-950e-d20252461ddc/1/OGAlwD1UXJjL3PKg2AgS_ANkUYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGAlwD1UXJjL3PKg2AgS_ANkUYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:34:51:af:24:6d:c1:99:50:b9:4f:ee:da:af:64:37:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=386025c03d545c98cbdcf2a0d80812fc0364518c
        Validity
            Not Before: Mar 28 12:01:01 2026 GMT
            Not After : Mar 29 12:01:01 2026 GMT
        Subject: CN=2370529fcacda84ad49a4a9b30735f2caf44bb7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:37:e1:7b:5c:6a:69:9b:a4:33:0c:64:b0:92:
                    be:a3:25:23:f6:79:4d:bb:1a:11:18:15:c2:9d:86:
                    6c:8d:b5:da:c5:7c:d8:48:96:6b:fb:56:c3:a3:d9:
                    fc:36:6c:c0:92:79:b7:b4:75:a6:dd:85:18:65:36:
                    01:7d:f1:c9:ab:f3:16:63:70:94:d7:08:90:d9:19:
                    a6:41:ce:8e:db:d6:d4:c0:5c:24:7c:31:10:07:37:
                    31:0f:55:08:61:4e:1b:8e:3d:e4:78:0e:f0:2f:54:
                    17:9f:47:9e:e1:dd:06:e4:49:9b:ec:4d:7a:d3:9c:
                    91:2e:85:9f:7e:39:82:60:cc:2e:84:ba:7d:3d:e5:
                    f9:5c:2e:a7:cc:36:2b:4c:4d:48:96:18:b8:c1:a6:
                    4e:c4:9d:5a:f9:7a:a4:4b:5a:30:af:93:ad:66:e5:
                    68:2e:b5:64:5f:66:b6:58:01:03:4e:72:e6:b5:c2:
                    2c:45:7b:04:b5:5f:12:b4:e6:c2:14:22:a7:52:ea:
                    b7:72:8a:1f:3b:42:ef:d1:d8:53:81:9c:6f:9e:67:
                    9c:08:57:2e:4c:d4:c3:4c:3c:5d:f0:5b:80:4c:be:
                    04:ea:c6:5f:ad:e8:9d:39:99:c3:c9:7f:4b:02:4e:
                    3e:e7:cc:00:72:64:55:64:bf:e2:aa:4a:b0:32:98:
                    e2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:70:52:9F:CA:CD:A8:4A:D4:9A:4A:9B:30:73:5F:2C:AF:44:BB:7F
            X509v3 Authority Key Identifier:
                keyid:38:60:25:C0:3D:54:5C:98:CB:DC:F2:A0:D8:08:12:FC:03:64:51:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGAlwD1UXJjL3PKg2AgS_ANkUYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fd60b8-88d0-4fdf-950e-d20252461ddc/1/OGAlwD1UXJjL3PKg2AgS_ANkUYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fd60b8-88d0-4fdf-950e-d20252461ddc/1/OGAlwD1UXJjL3PKg2AgS_ANkUYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:3c:3f:b2:78:66:61:a6:44:ef:34:c4:98:b3:82:6a:67:cb:
         0b:25:cd:1f:2c:7d:33:60:67:0c:b9:57:67:81:18:11:e4:e1:
         d4:cf:82:f5:74:72:c3:a5:c0:be:7a:c8:cf:70:a7:8d:60:be:
         e5:61:c1:e0:6c:98:8f:d4:db:00:e0:20:cb:c0:a8:62:46:8a:
         06:e5:4c:d6:32:b6:a5:ed:4d:ff:94:62:e9:17:ac:e3:97:00:
         84:ea:95:78:b7:94:6b:eb:01:16:2f:08:99:33:5e:c4:d3:af:
         fb:21:4e:9a:b6:fd:8a:7e:c2:c4:d4:16:0b:39:1e:5c:f4:d0:
         b7:5e:2f:ee:f0:6e:61:5d:ad:95:f6:f7:51:f3:22:83:7f:a3:
         8f:76:37:b9:f8:13:c8:37:c3:91:87:37:ad:d1:06:70:97:4f:
         92:03:05:ad:1d:91:30:17:5f:82:a5:0a:96:2c:95:9c:64:d8:
         c4:72:c7:1b:ff:73:4f:59:8a:d0:dd:02:3b:88:62:6b:98:09:
         4a:71:da:0f:6f:41:19:5a:c5:f0:42:39:fa:3a:62:82:06:fd:
         88:17:7c:12:f0:47:4a:8e:9f:52:f2:77:15:81:fe:98:a0:2d:
         50:b1:5d:38:7f:07:0a:ce:70:6e:15:b3:e8:5a:70:c1:2a:18:
         f3:c0:b3:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ00Ua8kbcGZULlP7tqvZDdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjAyNWMwM2Q1NDVjOThjYmRjZjJhMGQ4MDgxMmZjMDM2
NDUxOGMwHhcNMjYwMzI4MTIwMTAxWhcNMjYwMzI5MTIwMTAxWjAzMTEwLwYDVQQD
EygyMzcwNTI5ZmNhY2RhODRhZDQ5YTRhOWIzMDczNWYyY2FmNDRiYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Tfhe1xqaZukMwxksJK+oyUj9nlN
uxoRGBXCnYZsjbXaxXzYSJZr+1bDo9n8NmzAknm3tHWm3YUYZTYBffHJq/MWY3CU
1wiQ2RmmQc6O29bUwFwkfDEQBzcxD1UIYU4bjj3keA7wL1QXn0ee4d0G5Emb7E16
05yRLoWffjmCYMwuhLp9PeX5XC6nzDYrTE1Ilhi4waZOxJ1a+XqkS1owr5OtZuVo
LrVkX2a2WAEDTnLmtcIsRXsEtV8StObCFCKnUuq3coofO0Lv0dhTgZxvnmecCFcu
TNTDTDxd8FuATL4E6sZfreidOZnDyX9LAk4+58wAcmRVZL/iqkqwMpjiEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNwUp/KzahK1JpKmzBzXyyvRLt/MB8GA1UdIwQY
MBaAFDhgJcA9VFyYy9zyoNgIEvwDZFGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dBbHdEMVVYSmpMM1BLZzJBZ1NfQU5rVVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mZDYwYjgtODhkMC00ZmRmLTk1MGUt
ZDIwMjUyNDYxZGRjLzEvT0dBbHdEMVVYSmpMM1BLZzJBZ1NfQU5rVVl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mZDYwYjgtODhkMC00ZmRmLTk1MGUtZDIwMjUyNDYxZGRj
LzEvT0dBbHdEMVVYSmpMM1BLZzJBZ1NfQU5rVVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAazw/snhm
YaZE7zTEmLOCamfLCyXNHyx9M2BnDLlXZ4EYEeTh1M+C9XRyw6XAvnrIz3CnjWC+
5WHB4GyYj9TbAOAgy8CoYkaKBuVM1jK2pe1N/5Ri6Res45cAhOqVeLeUa+sBFi8I
mTNexNOv+yFOmrb9in7CxNQWCzkeXPTQt14v7vBuYV2tlfb3UfMig3+jj3Y3ufgT
yDfDkYc3rdEGcJdPkgMFrR2RMBdfgqUKliyVnGTYxHLHG/9zT1mK0N0CO4hia5gJ
SnHaD29BGVrF8EI5+jpiggb9iBd8EvBHSo6fUvJ3FYH+mKAtULFdOH8HCs5wbhWz
6FpwwSoY88CzMA==
-----END CERTIFICATE-----