Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          hCtsJ1Uq1h8FIWbI5ooy5nqAnlAwrzsPIKFxsyeyKig=
Subject key identifier:   4E:D3:01:F8:7F:7F:E6:D0:7E:87:56:E7:B7:B5:81:3F:10:07:1D:F1
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       019D2A3C2EB0A5F687A13F656892163847DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          07A7
Signing time:             Thu 26 Mar 2026 13:01:20 +0000
Manifest this update:     Thu 26 Mar 2026 13:01:20 +0000
Manifest next update:     Fri 27 Mar 2026 13:01:20 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: 5OZgrWv5JMt0A6rC1r737EsrHQTaDs4zBRS7Vezk1C8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 13:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3c:2e:b0:a5:f6:87:a1:3f:65:68:92:16:38:47:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Mar 26 13:01:20 2026 GMT
            Not After : Mar 27 13:01:20 2026 GMT
        Subject: CN=4ed301f87f7fe6d07e8756e7b7b5813f10071df1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:55:79:48:51:35:35:dc:41:2b:38:ea:33:b4:
                    96:e4:d9:a8:74:f4:ed:53:a3:ef:1b:40:5b:2c:84:
                    2d:50:8e:e4:4a:67:84:5f:46:aa:db:03:a5:f9:2b:
                    ad:bf:f5:d1:70:fe:34:d1:dd:1c:e2:e5:f8:fd:a3:
                    ce:42:73:bc:cc:64:9e:f6:e3:9b:77:51:66:a4:e5:
                    ca:81:57:77:6a:0a:ff:7b:99:eb:0d:78:85:ab:58:
                    c2:1d:a6:34:4b:e0:3d:bb:fb:84:e7:50:62:96:45:
                    99:3f:ac:25:08:e8:ce:2f:9d:a6:94:bc:87:03:4b:
                    ec:3f:24:36:4c:bb:3a:32:d4:b4:c5:49:5e:8e:2e:
                    71:1c:7c:e3:fd:ab:b5:d9:90:23:70:82:b7:28:42:
                    fe:70:0d:2f:06:4b:86:d0:3a:d4:4d:57:ea:2d:4b:
                    15:79:69:87:0b:40:b7:51:da:81:cc:46:8e:60:c5:
                    10:89:af:28:77:32:86:a0:46:13:26:74:72:d6:01:
                    81:54:96:fa:6f:9d:d4:01:bc:bb:10:63:83:02:50:
                    6f:fc:e0:51:59:1c:34:f0:d0:d4:51:ae:b7:7b:64:
                    a4:a3:1e:a6:a6:49:3e:ae:cb:f1:5b:41:0e:36:ba:
                    b8:1d:6a:23:2a:32:c2:63:7c:32:0a:9d:a3:58:65:
                    a8:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:D3:01:F8:7F:7F:E6:D0:7E:87:56:E7:B7:B5:81:3F:10:07:1D:F1
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:d4:fb:54:91:f9:51:20:d4:a1:bf:f2:db:91:fc:13:3c:10:
         5a:68:99:66:44:70:b7:05:41:53:4f:1d:96:b8:86:11:8c:a0:
         8e:cc:87:83:1f:dd:c9:ab:f9:6c:7d:76:cc:fb:a6:cc:11:9c:
         c2:cf:97:20:ef:fe:0d:bd:3e:45:49:bd:d6:82:0a:a1:d8:5d:
         bb:e0:9e:d8:88:1f:2b:77:08:8f:e9:32:03:cb:5a:75:fa:a0:
         1a:ff:93:4e:e1:86:13:d8:8a:02:02:89:4b:fc:7c:ed:5e:b3:
         9d:75:5d:fb:36:12:2d:3a:79:47:b6:36:dc:ee:e8:44:62:3a:
         36:2b:99:4a:9c:89:47:5a:4c:cb:1a:ff:5c:73:20:45:e8:64:
         0a:83:48:8c:f5:67:36:2f:0e:19:b1:d3:6b:b8:2e:45:d1:21:
         b4:fd:8f:20:4c:f2:df:85:66:07:4f:b2:8e:e8:2e:67:45:b3:
         89:0e:b6:66:08:f0:3c:7d:37:42:ba:12:6a:c0:f3:01:e8:47:
         14:fd:5b:e2:65:c3:7a:ab:76:ec:b9:7d:bf:4b:9e:75:cb:3a:
         43:c2:a3:2b:a4:95:c6:ea:ac:4b:42:98:23:55:e7:ff:13:35:
         19:1d:37:8a:b9:f8:f7:3e:60:b5:70:d3:61:29:cc:f0:72:0c:
         f6:3d:eb:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPC6wpfaHoT9laJIWOEfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjYwMzI2MTMwMTIwWhcNMjYwMzI3MTMwMTIwWjAzMTEwLwYDVQQD
Eyg0ZWQzMDFmODdmN2ZlNmQwN2U4NzU2ZTdiN2I1ODEzZjEwMDcxZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlV5SFE1NdxBKzjqM7SW5NmodPTt
U6PvG0BbLIQtUI7kSmeEX0aq2wOl+Sutv/XRcP400d0c4uX4/aPOQnO8zGSe9uOb
d1FmpOXKgVd3agr/e5nrDXiFq1jCHaY0S+A9u/uE51BilkWZP6wlCOjOL52mlLyH
A0vsPyQ2TLs6MtS0xUleji5xHHzj/au12ZAjcIK3KEL+cA0vBkuG0DrUTVfqLUsV
eWmHC0C3UdqBzEaOYMUQia8odzKGoEYTJnRy1gGBVJb6b53UAby7EGODAlBv/OBR
WRw08NDUUa63e2Skox6mpkk+rsvxW0EONrq4HWojKjLCY3wyCp2jWGWoawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7TAfh/f+bQfodW57e1gT8QBx3xMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB9T7VJH5
USDUob/y25H8EzwQWmiZZkRwtwVBU08dlriGEYygjsyHgx/dyav5bH12zPumzBGc
ws+XIO/+Db0+RUm91oIKodhdu+Ce2IgfK3cIj+kyA8tadfqgGv+TTuGGE9iKAgKJ
S/x87V6znXVd+zYSLTp5R7Y23O7oRGI6NiuZSpyJR1pMyxr/XHMgRehkCoNIjPVn
Ni8OGbHTa7guRdEhtP2PIEzy34VmB0+yjuguZ0WziQ62ZgjwPH03QroSasDzAehH
FP1b4mXDeqt27Ll9v0uedcs6Q8KjK6SVxuqsS0KYI1Xn/xM1GR03irn49z5gtXDT
YSnM8HIM9j3rTQ==
-----END CERTIFICATE-----