Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
File:                     o_60EOB9CI-2UbkTdJuBJX47mVI.mft (raw, json)
Hash identifier:          gqYIHO4R6HCLH3qtkjo3YH30Ljpv5sfedqkesLMz5js=
Subject key identifier:   54:93:7C:A3:B2:B8:01:93:8A:25:54:88:9F:68:17:FA:EF:01:D9:92
Authority key identifier: A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52
Certificate issuer:       /CN=a3feb410e07d088fb651b913749b81257e3b9952
Certificate serial:       019D28F319CDB6166E028286B9AE567D87F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
Manifest number:          12D1
Signing time:             Thu 26 Mar 2026 07:01:53 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:53 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:53 +0000
Files and hashes:         1: o_60EOB9CI-2UbkTdJuBJX47mVI.crl (hash: hyDJMRDnp4VtYfwQ59q1klP/dq7me/cpbywsIzFk0P8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:19:cd:b6:16:6e:02:82:86:b9:ae:56:7d:87:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3feb410e07d088fb651b913749b81257e3b9952
        Validity
            Not Before: Mar 26 07:01:53 2026 GMT
            Not After : Mar 27 07:01:53 2026 GMT
        Subject: CN=54937ca3b2b801938a2554889f6817faef01d992
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e7:f9:22:d4:32:7e:1f:6e:58:1a:6a:8a:53:
                    db:73:8c:af:56:38:72:c8:03:04:a6:97:bd:a1:5f:
                    36:7a:dc:6d:96:5a:af:69:19:ab:9d:d7:9c:54:0c:
                    2d:53:52:11:de:20:d7:b0:55:f1:29:22:8d:80:3a:
                    ea:9a:4e:c2:64:8b:d4:84:66:36:c8:ac:f8:57:6e:
                    97:91:dc:e7:c5:05:84:39:f1:78:d6:f0:24:c9:7c:
                    7b:68:88:04:5d:3c:f4:a9:f0:6f:dd:be:d2:ff:fd:
                    ec:ba:d4:73:c3:91:3c:1b:2e:2a:10:f3:04:fb:01:
                    5d:0d:c1:dd:18:80:15:6f:3f:79:f3:bf:55:16:f8:
                    16:a7:99:9f:e3:ce:a9:10:0a:4b:5b:99:24:c8:e1:
                    57:04:86:54:51:f8:d4:d6:74:d4:51:85:a8:29:b6:
                    27:ce:09:01:dd:94:5a:d7:e6:74:d8:f0:cd:19:74:
                    9a:42:eb:1b:8d:b6:9e:33:c8:d9:b8:71:53:e0:0c:
                    6b:dd:c3:4f:9b:12:d1:cc:02:85:54:5f:11:1e:ee:
                    ba:b0:b5:9d:33:11:13:6e:15:aa:95:58:34:a0:6e:
                    4f:3e:cf:34:7e:76:fd:fa:9a:55:76:0d:a4:6b:4c:
                    4f:6e:81:fa:cc:fd:3b:87:19:6b:3c:01:d1:c9:a1:
                    64:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:93:7C:A3:B2:B8:01:93:8A:25:54:88:9F:68:17:FA:EF:01:D9:92
            X509v3 Authority Key Identifier:
                keyid:A3:FE:B4:10:E0:7D:08:8F:B6:51:B9:13:74:9B:81:25:7E:3B:99:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_60EOB9CI-2UbkTdJuBJX47mVI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9f068a-17f4-4311-8bbc-234b322a0cfe/1/o_60EOB9CI-2UbkTdJuBJX47mVI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:00:6f:7d:c3:b5:52:48:be:8f:68:6c:e2:78:2c:fb:a7:39:
         8e:94:cc:fa:2f:9c:41:c5:0e:47:16:5e:d2:19:e5:c4:b6:f5:
         07:da:1d:8c:92:1c:c1:c5:a9:7c:91:aa:72:61:83:35:16:dd:
         76:67:bc:07:cb:f0:f7:89:ad:ac:16:9d:3e:91:d5:b2:88:e6:
         db:4a:fa:f0:d1:61:a5:55:41:78:d9:8c:73:77:0c:17:f4:1d:
         b1:90:c2:48:7b:13:ba:5a:39:90:d1:44:b1:31:45:50:db:a7:
         49:dc:57:4a:02:db:e7:86:61:09:5e:b5:af:18:24:e7:dd:96:
         72:fc:54:0a:ec:66:f6:87:ba:1a:db:4f:40:46:ee:53:fe:22:
         ff:a0:f4:5f:84:46:84:ed:98:53:34:50:6b:49:3c:34:ac:91:
         f0:41:52:1c:bf:ea:3a:4f:65:76:07:ce:f3:f0:2f:57:ca:25:
         19:22:31:c2:07:cd:8b:b6:3a:0b:3d:93:65:2b:a0:37:71:e1:
         42:73:db:94:aa:d7:75:27:91:d4:3e:e2:63:40:e3:8e:6e:fc:
         f4:14:ab:98:cb:8b:d1:42:54:fe:16:62:9d:9f:ce:1e:34:7e:
         26:1c:9d:fd:1d:46:77:91:60:0d:19:c6:00:e3:f4:3f:31:92:
         85:bc:45:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8xnNthZuAoKGua5WfYfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZmViNDEwZTA3ZDA4OGZiNjUxYjkxMzc0OWI4MTI1N2Uz
Yjk5NTIwHhcNMjYwMzI2MDcwMTUzWhcNMjYwMzI3MDcwMTUzWjAzMTEwLwYDVQQD
Eyg1NDkzN2NhM2IyYjgwMTkzOGEyNTU0ODg5ZjY4MTdmYWVmMDFkOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuf5ItQyfh9uWBpqilPbc4yvVjhy
yAMEppe9oV82etxtllqvaRmrndecVAwtU1IR3iDXsFXxKSKNgDrqmk7CZIvUhGY2
yKz4V26XkdznxQWEOfF41vAkyXx7aIgEXTz0qfBv3b7S//3sutRzw5E8Gy4qEPME
+wFdDcHdGIAVbz95879VFvgWp5mf486pEApLW5kkyOFXBIZUUfjU1nTUUYWoKbYn
zgkB3ZRa1+Z02PDNGXSaQusbjbaeM8jZuHFT4Axr3cNPmxLRzAKFVF8RHu66sLWd
MxETbhWqlVg0oG5PPs80fnb9+ppVdg2ka0xPboH6zP07hxlrPAHRyaFklQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSTfKOyuAGTiiVUiJ9oF/rvAdmSMB8GA1UdIwQY
MBaAFKP+tBDgfQiPtlG5E3SbgSV+O5lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMt
MjM0YjMyMmEwY2ZlLzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85ZjA2OGEtMTdmNC00MzExLThiYmMtMjM0YjMyMmEwY2Zl
LzEvb182MEVPQjlDSS0yVWJrVGRKdUJKWDQ3bVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABwBvfcO1
Uki+j2hs4ngs+6c5jpTM+i+cQcUORxZe0hnlxLb1B9odjJIcwcWpfJGqcmGDNRbd
dme8B8vw94mtrBadPpHVsojm20r68NFhpVVBeNmMc3cMF/QdsZDCSHsTulo5kNFE
sTFFUNunSdxXSgLb54ZhCV61rxgk592WcvxUCuxm9oe6GttPQEbuU/4i/6D0X4RG
hO2YUzRQa0k8NKyR8EFSHL/qOk9ldgfO8/AvV8olGSIxwgfNi7Y6Cz2TZSugN3Hh
QnPblKrXdSeR1D7iY0Djjm789BSrmMuL0UJU/hZinZ/OHjR+Jhyd/R1Gd5FgDRnG
AOP0PzGShbxF5w==
-----END CERTIFICATE-----