Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
File:                     O5pBDtUm-GwybZG2KApEGhbAxnY.mft (raw, json)
Hash identifier:          BL8xWCnWPJwEm3SIqnqCDO6VLFoaFGCsoPb6i86e1UM=
Subject key identifier:   82:C8:3F:2A:E4:7C:FE:96:BA:9B:B9:09:AA:BE:C7:D6:6F:FB:32:7D
Authority key identifier: 3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76
Certificate issuer:       /CN=3b9a410ed526f86c326d91b6280a441a16c0c676
Certificate serial:       019D27721C9C28E1C4A765391F111018C3F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
Manifest number:          09F0
Signing time:             Thu 26 Mar 2026 00:01:22 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:22 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:22 +0000
Files and hashes:         1: O5pBDtUm-GwybZG2KApEGhbAxnY.crl (hash: xJs9NYtMYmLGq3Xj34yNdHo8XnOunie37THr/87DAxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:1c:9c:28:e1:c4:a7:65:39:1f:11:10:18:c3:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b9a410ed526f86c326d91b6280a441a16c0c676
        Validity
            Not Before: Mar 26 00:01:22 2026 GMT
            Not After : Mar 27 00:01:22 2026 GMT
        Subject: CN=82c83f2ae47cfe96ba9bb909aabec7d66ffb327d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:fa:99:6f:21:2d:40:f1:d9:c0:a1:a0:db:ea:
                    4e:fb:3d:0b:18:f3:e4:38:df:95:10:96:7f:dc:44:
                    f4:58:06:1c:d1:e0:c0:17:9a:d8:04:f1:03:fd:87:
                    23:04:68:97:f0:b7:d9:93:33:68:f2:e5:75:1b:19:
                    7c:37:2d:76:a7:0d:09:8f:6b:57:d0:07:4a:6f:bf:
                    ae:31:be:69:5e:1f:cf:7b:3a:9e:5c:da:57:6a:be:
                    4c:3b:76:6c:69:67:87:87:fa:c7:8d:ee:dd:9c:71:
                    43:50:41:af:74:33:97:a9:6d:a5:4a:65:97:ad:10:
                    62:b0:e2:64:2f:df:b2:3c:c6:9b:b6:ae:55:91:19:
                    cc:2b:6a:30:c7:3c:a7:5b:07:71:6a:ed:5a:9d:2a:
                    a1:13:be:dc:45:e8:2f:db:07:3b:77:a4:d1:a6:f8:
                    cd:53:2d:f7:1e:67:e1:19:42:18:ad:3c:53:58:a9:
                    98:c6:19:ed:c4:f9:51:fb:85:d8:c1:f9:91:2b:2b:
                    5e:2e:83:36:7a:d5:53:ae:64:51:5b:e5:99:86:bc:
                    fd:36:00:9a:ba:3e:08:a7:81:a8:7e:a9:cc:76:f4:
                    c7:eb:37:7b:9f:3d:17:77:6d:2f:28:05:b4:24:9e:
                    77:d7:03:14:f7:13:4f:ef:00:b6:d4:d8:de:7e:c8:
                    e6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C8:3F:2A:E4:7C:FE:96:BA:9B:B9:09:AA:BE:C7:D6:6F:FB:32:7D
            X509v3 Authority Key Identifier:
                keyid:3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:2f:20:00:e1:3c:92:19:80:f7:11:08:35:d5:a1:a2:31:58:
         e8:80:ed:d6:6d:af:7e:26:da:c5:67:1c:e2:7d:c1:7d:85:3d:
         36:4b:37:76:9c:5f:9e:fc:9e:c6:54:69:70:d4:17:0b:38:d4:
         40:48:50:98:b3:14:b9:f0:ff:07:11:72:7d:2b:af:bf:cd:69:
         72:de:37:33:19:56:60:45:a9:1c:c8:dd:cc:c6:c8:3d:93:dd:
         0e:51:0d:7b:ef:d3:b5:fc:93:c7:33:a1:c2:12:63:5e:c0:95:
         ba:fd:43:b1:23:69:f5:11:1d:ef:09:5e:4c:6e:80:69:08:df:
         5a:27:2a:49:ca:3d:c4:8b:5e:63:df:bd:28:84:4f:11:b1:a2:
         57:b2:45:d8:45:53:86:9a:e0:23:18:6e:9c:c3:eb:49:a5:bd:
         f3:ed:82:4e:51:66:5a:56:5d:74:7d:34:93:98:ae:a2:82:06:
         8f:08:55:fa:dd:4b:87:d5:d5:37:29:78:80:84:63:67:61:5c:
         d3:14:70:db:ed:ba:a8:56:65:ce:02:fb:75:bd:cf:9b:c3:56:
         cc:d8:d4:d8:8b:af:ff:b8:41:31:61:c1:c9:71:ff:90:c7:79:
         be:7b:ea:24:ab:0f:0f:bf:82:c2:26:66:f3:97:a4:99:f8:47:
         a9:05:43:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nchycKOHEp2U5HxEQGMP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOWE0MTBlZDUyNmY4NmMzMjZkOTFiNjI4MGE0NDFhMTZj
MGM2NzYwHhcNMjYwMzI2MDAwMTIyWhcNMjYwMzI3MDAwMTIyWjAzMTEwLwYDVQQD
Eyg4MmM4M2YyYWU0N2NmZTk2YmE5YmI5MDlhYWJlYzdkNjZmZmIzMjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/qZbyEtQPHZwKGg2+pO+z0LGPPk
ON+VEJZ/3ET0WAYc0eDAF5rYBPED/YcjBGiX8LfZkzNo8uV1Gxl8Ny12pw0Jj2tX
0AdKb7+uMb5pXh/PezqeXNpXar5MO3ZsaWeHh/rHje7dnHFDUEGvdDOXqW2lSmWX
rRBisOJkL9+yPMabtq5VkRnMK2owxzynWwdxau1anSqhE77cRegv2wc7d6TRpvjN
Uy33HmfhGUIYrTxTWKmYxhntxPlR+4XYwfmRKyteLoM2etVTrmRRW+WZhrz9NgCa
uj4Ip4GofqnMdvTH6zd7nz0Xd20vKAW0JJ531wMU9xNP7wC21NjefsjmdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILIPyrkfP6Wupu5Caq+x9Zv+zJ9MB8GA1UdIwQY
MBaAFDuaQQ7VJvhsMm2RtigKRBoWwMZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjct
ZGYwYTZkYzI4MmEwLzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjctZGYwYTZkYzI4MmEw
LzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlS8gAOE8
khmA9xEINdWhojFY6IDt1m2vfibaxWcc4n3BfYU9Nks3dpxfnvyexlRpcNQXCzjU
QEhQmLMUufD/BxFyfSuvv81pct43MxlWYEWpHMjdzMbIPZPdDlENe+/TtfyTxzOh
whJjXsCVuv1DsSNp9REd7wleTG6AaQjfWicqSco9xIteY9+9KIRPEbGiV7JF2EVT
hprgIxhunMPrSaW98+2CTlFmWlZddH00k5iuooIGjwhV+t1Lh9XVNyl4gIRjZ2Fc
0xRw2+26qFZlzgL7db3Pm8NWzNjU2Iuv/7hBMWHByXH/kMd5vnvqJKsPD7+CwiZm
85ekmfhHqQVDZQ==
-----END CERTIFICATE-----