Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          fQcZ7mhVK2+bJl9XsqRpR19D80NHYhymT9b+sdLryCY=
Subject key identifier:   B4:13:40:EB:19:13:D7:92:21:E9:5F:A8:41:18:4B:95:6C:DE:53:C6
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       019D2704A1E4FFAC896FA35C503CD906A316
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0FE0
Signing time:             Wed 25 Mar 2026 22:01:48 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:48 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:48 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: pi1kz9miKD5DGOcjux3h2uisi8BNxNZ/JivIZZ0Ygm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:a1:e4:ff:ac:89:6f:a3:5c:50:3c:d9:06:a3:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Mar 25 22:01:48 2026 GMT
            Not After : Mar 26 22:01:48 2026 GMT
        Subject: CN=b41340eb1913d79221e95fa841184b956cde53c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e2:b8:72:95:97:aa:5f:d4:b2:08:f2:28:2b:
                    9b:bc:78:b4:7f:c8:12:a0:50:04:d0:43:29:ae:f2:
                    0b:b4:42:9b:48:45:f8:a9:d8:1a:ef:b4:a4:47:db:
                    39:a9:b7:53:05:80:28:93:d6:73:ce:7d:9d:31:b5:
                    38:c4:cb:72:09:1e:98:f6:e7:3e:b3:13:f3:50:d1:
                    c5:e2:39:cd:55:a7:53:6a:bb:33:3f:a1:fe:f6:80:
                    23:43:88:1e:6a:0f:c6:86:52:39:73:11:e8:3d:7a:
                    11:b8:de:93:4a:78:22:67:53:b1:a0:a0:6a:4f:28:
                    fc:2e:c9:1f:07:1f:a0:03:19:74:53:6b:d3:8f:f1:
                    91:61:b7:3b:7a:d9:5e:68:93:08:0c:28:5a:71:26:
                    20:1d:1f:91:9d:4c:3b:37:75:55:7d:5a:21:17:b0:
                    0b:76:6d:8a:2b:ed:fa:27:fb:39:88:dc:f8:6a:eb:
                    c0:1a:36:eb:c2:14:67:6b:95:d9:f8:74:7c:5f:62:
                    67:18:1c:75:46:5a:96:5d:02:a1:b3:0c:e9:20:4b:
                    0d:73:d0:bb:95:64:96:8c:c1:dc:41:83:10:72:bd:
                    c5:83:9e:c6:f3:ee:43:aa:df:0b:46:4c:25:e6:72:
                    ee:2e:17:62:4d:f8:49:90:3f:1e:25:32:f0:7d:e5:
                    3a:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:13:40:EB:19:13:D7:92:21:E9:5F:A8:41:18:4B:95:6C:DE:53:C6
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:5a:e4:d4:75:b4:f2:9a:70:6c:56:c0:ed:8f:2e:3c:6c:e6:
         44:49:40:2f:4c:24:4b:a1:eb:d6:e4:fa:54:be:87:64:ae:35:
         c6:39:00:45:62:10:9c:0d:12:1d:bd:e2:fd:73:b1:97:63:f0:
         e9:d7:20:c9:cd:07:4a:b8:f2:ea:cb:9c:10:d6:43:24:c7:94:
         ff:86:b7:29:a5:8f:0b:f8:27:9c:e8:a0:b4:98:c8:61:40:63:
         b3:e4:91:df:67:59:f1:94:91:17:b1:eb:6d:17:61:d0:2e:bb:
         62:84:ec:36:78:bb:c6:43:c5:4e:76:6d:71:f8:22:55:58:4c:
         03:a6:a3:1c:a3:43:2b:13:b5:e5:74:23:ba:ff:d4:f2:66:9b:
         c5:62:25:41:bf:13:2f:15:09:13:72:90:42:c5:0b:18:92:6c:
         b5:85:aa:2d:cc:22:ad:e5:aa:36:ce:84:13:2a:b8:f5:76:2b:
         42:bb:e9:29:d2:48:6a:5f:6a:6a:67:db:8c:5d:1f:34:1d:86:
         ce:cb:06:ff:b6:e9:18:db:dc:f9:0a:2d:12:1e:e6:4a:28:c9:
         32:71:e0:33:77:ac:81:25:51:62:b4:6f:03:e3:09:01:6e:de:
         78:40:6f:be:1b:5c:5d:22:99:9b:db:8e:a9:bd:22:ec:a1:b0:
         9a:ce:50:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBKHk/6yJb6NcUDzZBqMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjYwMzI1MjIwMTQ4WhcNMjYwMzI2MjIwMTQ4WjAzMTEwLwYDVQQD
EyhiNDEzNDBlYjE5MTNkNzkyMjFlOTVmYTg0MTE4NGI5NTZjZGU1M2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+K4cpWXql/UsgjyKCubvHi0f8gS
oFAE0EMprvILtEKbSEX4qdga77SkR9s5qbdTBYAok9Zzzn2dMbU4xMtyCR6Y9uc+
sxPzUNHF4jnNVadTarszP6H+9oAjQ4geag/GhlI5cxHoPXoRuN6TSngiZ1OxoKBq
Tyj8LskfBx+gAxl0U2vTj/GRYbc7etleaJMIDChacSYgHR+RnUw7N3VVfVohF7AL
dm2KK+36J/s5iNz4auvAGjbrwhRna5XZ+HR8X2JnGBx1RlqWXQKhswzpIEsNc9C7
lWSWjMHcQYMQcr3Fg57G8+5Dqt8LRkwl5nLuLhdiTfhJkD8eJTLwfeU6iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQTQOsZE9eSIelfqEEYS5Vs3lPGMB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVrk1HW0
8ppwbFbA7Y8uPGzmRElAL0wkS6Hr1uT6VL6HZK41xjkARWIQnA0SHb3i/XOxl2Pw
6dcgyc0HSrjy6sucENZDJMeU/4a3KaWPC/gnnOigtJjIYUBjs+SR32dZ8ZSRF7Hr
bRdh0C67YoTsNni7xkPFTnZtcfgiVVhMA6ajHKNDKxO15XQjuv/U8mabxWIlQb8T
LxUJE3KQQsULGJJstYWqLcwireWqNs6EEyq49XYrQrvpKdJIal9qamfbjF0fNB2G
zssG/7bpGNvc+QotEh7mSijJMnHgM3esgSVRYrRvA+MJAW7eeEBvvhtcXSKZm9uO
qb0i7KGwms5QkA==
-----END CERTIFICATE-----