Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          rl366xPzHCpn5xJ0A07tx4mlXnRri8g86UE1NgxELII=
Subject key identifier:   CB:75:04:3A:8E:8E:CD:CA:DC:95:DC:24:6F:24:07:5E:AD:BA:CD:50
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       019D27047411320F7FF025BBC2FBBDAB3FBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:01:36 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:36 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:36 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: HH34VzDpDJyIno9QMOC+hvO405bnFND90d9OoNjl6wg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:74:11:32:0f:7f:f0:25:bb:c2:fb:bd:ab:3f:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Mar 25 22:01:36 2026 GMT
            Not After : Mar 26 22:01:36 2026 GMT
        Subject: CN=cb75043a8e8ecdcadc95dc246f24075eadbacd50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:f0:83:ad:7f:05:7b:a5:9a:c4:25:8b:b4:dc:
                    d1:f3:3a:ee:35:b3:26:a5:57:05:25:49:b1:e1:4c:
                    9d:c5:ed:a1:09:eb:f6:53:7d:86:21:6d:0f:7a:92:
                    ab:1c:ab:39:c7:dd:c5:2e:c2:49:f2:37:6e:d8:90:
                    3e:31:a9:c6:84:2e:9d:0c:ed:fe:1c:68:b7:35:81:
                    e8:61:02:95:2c:a6:89:fb:ee:1d:13:3f:d1:70:7c:
                    c0:30:84:c9:33:93:de:59:c0:05:5c:e4:ab:18:f6:
                    a1:63:c7:9d:9f:c2:32:bd:66:b1:28:c8:31:62:0a:
                    58:2f:85:b7:49:36:93:8f:9e:f9:da:87:77:a1:a5:
                    9d:a4:b9:20:62:05:f0:d2:0e:d6:f0:20:71:b6:58:
                    47:fa:6d:17:82:b1:27:b2:f4:f2:fb:53:5f:c7:c0:
                    84:69:2a:8c:f1:b5:a7:79:97:f6:a6:9e:5b:65:0f:
                    24:d3:a5:c4:c1:28:cf:b1:7d:f3:12:a1:bc:0e:0c:
                    03:db:46:fa:ab:aa:58:de:c8:9f:96:36:c4:84:41:
                    54:40:66:2f:f2:b6:bf:68:ce:fe:fa:4d:1b:a5:1f:
                    af:6f:a0:1f:8e:b6:b4:b0:30:53:6c:e1:bf:78:57:
                    9d:0e:aa:31:fa:21:f5:07:f7:58:9c:f5:27:c4:15:
                    d1:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:75:04:3A:8E:8E:CD:CA:DC:95:DC:24:6F:24:07:5E:AD:BA:CD:50
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:dc:b2:b3:06:6d:97:ae:dc:20:0b:18:ef:38:91:ce:5e:dd:
         7b:42:2a:a2:dd:0d:c5:f2:86:77:26:62:df:b2:c7:d0:ab:24:
         98:9a:5a:f9:8c:17:22:a2:49:0a:55:00:17:78:f9:56:a7:58:
         32:a4:93:ff:5a:dc:b1:12:40:61:bd:8b:d4:5c:8d:1f:5d:5e:
         7b:5d:ac:ea:3a:ef:0d:ec:8e:d4:a3:1b:3e:94:08:ed:5f:5c:
         55:db:61:9d:e8:a5:d6:11:92:05:42:cb:78:e4:c9:87:c7:08:
         3c:56:fb:04:77:dc:58:e7:e5:2c:b6:45:d1:89:5b:d4:6d:e3:
         cb:37:4c:12:35:b2:5b:d1:25:1a:b8:fd:90:31:6b:86:10:66:
         74:d5:89:2a:5a:0e:aa:a8:99:42:41:40:97:93:39:c1:d1:3c:
         27:78:ab:ae:d4:15:b5:96:9e:79:19:dc:38:6d:44:ee:77:64:
         3d:32:c3:6d:57:73:1b:46:05:32:4c:f0:5b:dc:d5:29:20:6f:
         4e:18:f2:c8:9e:3d:38:6a:c4:33:f1:45:95:52:f8:42:8a:5d:
         26:13:7c:44:64:7c:e6:0f:14:53:61:d9:a5:c1:36:77:98:37:
         c8:92:73:f3:b3:e1:ca:44:d3:6c:c4:fd:04:0c:9c:ea:84:d2:
         a2:4e:db:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHQRMg9/8CW7wvu9qz+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjYwMzI1MjIwMTM2WhcNMjYwMzI2MjIwMTM2WjAzMTEwLwYDVQQD
EyhjYjc1MDQzYThlOGVjZGNhZGM5NWRjMjQ2ZjI0MDc1ZWFkYmFjZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+fCDrX8Fe6WaxCWLtNzR8zruNbMm
pVcFJUmx4Uydxe2hCev2U32GIW0PepKrHKs5x93FLsJJ8jdu2JA+ManGhC6dDO3+
HGi3NYHoYQKVLKaJ++4dEz/RcHzAMITJM5PeWcAFXOSrGPahY8edn8IyvWaxKMgx
YgpYL4W3STaTj5752od3oaWdpLkgYgXw0g7W8CBxtlhH+m0XgrEnsvTy+1Nfx8CE
aSqM8bWneZf2pp5bZQ8k06XEwSjPsX3zEqG8DgwD20b6q6pY3sifljbEhEFUQGYv
8ra/aM7++k0bpR+vb6Afjra0sDBTbOG/eFedDqox+iH1B/dYnPUnxBXRXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMt1BDqOjs3K3JXcJG8kB16tus1QMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR9yyswZt
l67cIAsY7ziRzl7de0Iqot0NxfKGdyZi37LH0KskmJpa+YwXIqJJClUAF3j5VqdY
MqST/1rcsRJAYb2L1FyNH11ee12s6jrvDeyO1KMbPpQI7V9cVdthneil1hGSBULL
eOTJh8cIPFb7BHfcWOflLLZF0Ylb1G3jyzdMEjWyW9ElGrj9kDFrhhBmdNWJKloO
qqiZQkFAl5M5wdE8J3irrtQVtZaeeRncOG1E7ndkPTLDbVdzG0YFMkzwW9zVKSBv
ThjyyJ49OGrEM/FFlVL4QopdJhN8RGR85g8UU2HZpcE2d5g3yJJz87PhykTTbMT9
BAyc6oTSok7bDg==
-----END CERTIFICATE-----