Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft
File:                     OvseLvFesopYoCSKyvMnGPhpiGE.mft (raw, json)
Hash identifier:          9BfjtO+l4CILIch8rMh4wo9yftN8y1j1vwIEnI3xB6M=
Subject key identifier:   66:BF:B9:69:F4:FD:73:AA:57:13:38:12:55:BB:DF:74:C3:95:0E:E7
Authority key identifier: 3A:FB:1E:2E:F1:5E:B2:8A:58:A0:24:8A:CA:F3:27:18:F8:69:88:61
Certificate issuer:       /CN=3afb1e2ef15eb28a58a0248acaf32718f8698861
Certificate serial:       019D33085AA0E0D982454C5576DE87362C6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvseLvFesopYoCSKyvMnGPhpiGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft
Manifest number:          2D
Signing time:             Sat 28 Mar 2026 06:01:18 +0000
Manifest this update:     Sat 28 Mar 2026 06:01:18 +0000
Manifest next update:     Sun 29 Mar 2026 06:01:18 +0000
Files and hashes:         1: OvseLvFesopYoCSKyvMnGPhpiGE.crl (hash: Lr3pkOYqCSU9NVgxtgN2ga8VjMBwgwrNY2KxEq9J0oQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OvseLvFesopYoCSKyvMnGPhpiGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:08:5a:a0:e0:d9:82:45:4c:55:76:de:87:36:2c:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3afb1e2ef15eb28a58a0248acaf32718f8698861
        Validity
            Not Before: Mar 28 06:01:18 2026 GMT
            Not After : Mar 29 06:01:18 2026 GMT
        Subject: CN=66bfb969f4fd73aa5713381255bbdf74c3950ee7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:da:9c:6a:6c:4c:63:8f:06:07:54:20:ca:f0:
                    90:eb:61:87:77:a0:2a:0f:00:2a:d4:1c:14:5a:1e:
                    15:08:89:c8:ba:d6:fe:a4:21:20:a4:50:2c:4d:ca:
                    1b:93:7c:75:bd:9f:44:e1:0f:21:86:81:ac:82:97:
                    ed:88:d8:1c:04:4c:ed:e3:3f:fe:a7:90:58:dd:dc:
                    88:2c:0f:36:5e:92:5d:b8:cb:3d:43:cb:56:86:48:
                    1a:9d:f3:a7:63:0c:63:7e:a7:5c:8b:52:63:11:ea:
                    07:10:6f:50:69:9d:a5:e7:fa:fc:bf:33:a5:6a:eb:
                    2d:6e:b2:fe:48:f3:31:19:c1:1d:a7:8a:e1:bb:47:
                    82:cf:77:01:bd:88:6e:8e:50:5c:a5:15:d5:7c:f3:
                    75:26:36:d8:25:3a:76:b8:98:c4:ef:b6:ad:65:1a:
                    32:72:50:87:01:2b:53:0b:d9:24:0d:74:09:2f:96:
                    06:0c:39:dc:01:8a:77:f2:0f:a3:1a:c4:ef:27:1d:
                    86:fe:72:8d:81:5a:a3:30:08:64:4d:d2:82:61:79:
                    fe:18:15:cd:b2:53:1c:df:a7:6f:1a:a1:3b:1b:c8:
                    fd:03:12:9c:af:d9:d3:c6:76:ca:37:64:22:16:34:
                    04:fd:dc:e2:7d:4e:29:c9:a3:e9:4e:5b:90:e2:09:
                    4e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:BF:B9:69:F4:FD:73:AA:57:13:38:12:55:BB:DF:74:C3:95:0E:E7
            X509v3 Authority Key Identifier:
                keyid:3A:FB:1E:2E:F1:5E:B2:8A:58:A0:24:8A:CA:F3:27:18:F8:69:88:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvseLvFesopYoCSKyvMnGPhpiGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:cf:03:0c:98:87:a0:ab:df:a9:01:9c:d4:66:97:24:a8:09:
         ac:a1:83:0e:0c:f9:22:45:a6:7f:3a:5c:81:8a:78:04:20:6f:
         a4:ff:9a:ef:de:23:f5:cf:b4:63:37:9e:5c:61:8e:1d:f2:e0:
         dc:0d:7e:20:f1:9e:62:11:e1:17:fe:82:6e:0e:be:d5:cd:f6:
         23:70:d4:34:0f:c8:04:00:9d:da:c3:64:a8:10:95:13:a6:77:
         88:ce:93:91:e6:b0:21:78:0e:ec:a4:a6:18:02:2f:96:fc:dc:
         39:85:ea:82:62:56:7a:18:c4:c5:b7:13:cc:31:a4:46:9f:f5:
         37:bc:5c:ee:00:0b:2c:ef:eb:53:1d:09:18:69:4e:ae:25:27:
         a0:28:45:37:11:d3:6f:91:93:be:db:a4:2b:6d:23:0c:ff:5c:
         4f:ec:cb:b8:ed:f0:f1:b4:6d:5d:ff:e5:ed:ca:e7:36:56:9a:
         bb:4f:6c:21:77:47:ba:18:bf:9b:ca:df:3d:86:c3:93:57:00:
         9d:4c:c8:2f:15:2c:f1:8d:3c:13:ea:2d:2d:32:e6:6a:de:a1:
         27:36:36:b9:c7:34:a6:fe:aa:51:32:89:a4:ac:ee:54:18:3e:
         cc:c6:f7:81:45:c1:bb:a2:58:63:39:89:92:18:09:b6:67:8b:
         7b:70:d4:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zCFqg4NmCRUxVdt6HNixuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZmIxZTJlZjE1ZWIyOGE1OGEwMjQ4YWNhZjMyNzE4Zjg2
OTg4NjEwHhcNMjYwMzI4MDYwMTE4WhcNMjYwMzI5MDYwMTE4WjAzMTEwLwYDVQQD
Eyg2NmJmYjk2OWY0ZmQ3M2FhNTcxMzM4MTI1NWJiZGY3NGMzOTUwZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNqcamxMY48GB1QgyvCQ62GHd6Aq
DwAq1BwUWh4VCInIutb+pCEgpFAsTcobk3x1vZ9E4Q8hhoGsgpftiNgcBEzt4z/+
p5BY3dyILA82XpJduMs9Q8tWhkganfOnYwxjfqdci1JjEeoHEG9QaZ2l5/r8vzOl
austbrL+SPMxGcEdp4rhu0eCz3cBvYhujlBcpRXVfPN1JjbYJTp2uJjE77atZRoy
clCHAStTC9kkDXQJL5YGDDncAYp38g+jGsTvJx2G/nKNgVqjMAhkTdKCYXn+GBXN
slMc36dvGqE7G8j9AxKcr9nTxnbKN2QiFjQE/dzifU4pyaPpTluQ4glOAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGa/uWn0/XOqVxM4ElW733TDlQ7nMB8GA1UdIwQY
MBaAFDr7Hi7xXrKKWKAkisrzJxj4aYhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZzZUx2RmVzb3BZb0NTS3l2TW5HUGhwaUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83M2NhYTktMGQ2Mi00OTcyLTg3MTQt
MWFkM2NlNmQ0NTM4LzEvT3ZzZUx2RmVzb3BZb0NTS3l2TW5HUGhwaUdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83M2NhYTktMGQ2Mi00OTcyLTg3MTQtMWFkM2NlNmQ0NTM4
LzEvT3ZzZUx2RmVzb3BZb0NTS3l2TW5HUGhwaUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAic8DDJiH
oKvfqQGc1GaXJKgJrKGDDgz5IkWmfzpcgYp4BCBvpP+a794j9c+0YzeeXGGOHfLg
3A1+IPGeYhHhF/6Cbg6+1c32I3DUNA/IBACd2sNkqBCVE6Z3iM6TkeawIXgO7KSm
GAIvlvzcOYXqgmJWehjExbcTzDGkRp/1N7xc7gALLO/rUx0JGGlOriUnoChFNxHT
b5GTvtukK20jDP9cT+zLuO3w8bRtXf/l7crnNlaau09sIXdHuhi/m8rfPYbDk1cA
nUzILxUs8Y08E+otLTLmat6hJzY2ucc0pv6qUTKJpKzuVBg+zMb3gUXBu6JYYzmJ
khgJtmeLe3DU1A==
-----END CERTIFICATE-----