Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
File:                     Os5p2XnZoNxneVEGweVayhVHCH8.mft (raw, json)
Hash identifier:          jYz1Bwcf0ntJFAG0PMNauxbZ1jkG1Y5RmevyfDRqaPs=
Subject key identifier:   7E:34:70:50:A1:D8:CB:2E:49:A9:8C:D4:BD:03:8F:13:89:52:24:2C
Authority key identifier: 3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F
Certificate issuer:       /CN=3ace69d979d9a0dc67795106c1e55aca1547087f
Certificate serial:       019D3909E9AE5E853BEDCA044E15D190709C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
Manifest number:          1889
Signing time:             Sun 29 Mar 2026 10:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:44 +0000
Files and hashes:         1: Os5p2XnZoNxneVEGweVayhVHCH8.crl (hash: EB3OiIfvNTemVxkIt/KF9dDCv1bTh7Kxk3TWigJo7eI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:e9:ae:5e:85:3b:ed:ca:04:4e:15:d1:90:70:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ace69d979d9a0dc67795106c1e55aca1547087f
        Validity
            Not Before: Mar 29 10:00:44 2026 GMT
            Not After : Mar 30 10:00:44 2026 GMT
        Subject: CN=7e347050a1d8cb2e49a98cd4bd038f138952242c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:94:d7:6e:68:de:1a:42:81:c6:5f:7b:75:80:
                    cb:96:9b:ef:47:a8:d1:df:16:68:2b:c4:01:03:33:
                    0e:b8:b9:d1:90:02:6f:59:e1:77:92:f3:ac:26:76:
                    69:79:4b:90:1f:59:a3:17:90:d7:0c:c5:81:b0:a0:
                    ed:20:6a:c2:32:fd:73:8e:d5:7f:bc:18:da:27:c7:
                    7b:3c:1b:0b:65:46:d3:e6:b4:c0:1d:8f:d8:6e:cb:
                    c6:48:e1:9f:f6:2e:ed:08:99:0d:ac:4d:91:3a:37:
                    4a:03:32:50:db:5f:28:bc:2d:0c:1f:49:1e:eb:b5:
                    c9:ec:b8:5f:ef:00:ac:8f:eb:18:e3:4c:7b:fa:81:
                    80:2a:19:bc:35:d6:c5:b4:b7:41:03:de:85:00:74:
                    ea:88:85:d6:4d:7c:31:3f:a3:51:29:74:23:52:de:
                    0b:ed:19:e0:85:aa:21:77:80:b8:65:51:6d:d3:ef:
                    31:86:e4:9b:bc:24:dc:b5:4e:a2:5f:7d:3d:c4:b4:
                    2b:45:77:de:d0:af:b6:d9:ba:77:b0:e6:e6:90:27:
                    83:0d:44:4a:3f:e3:32:cd:46:dc:d7:62:30:da:f1:
                    24:e2:cd:ae:cb:53:1c:78:b3:1f:03:ab:b7:e5:ab:
                    0e:d5:ee:b3:a1:eb:e2:49:a0:c2:3c:cf:a5:84:d9:
                    8f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:34:70:50:A1:D8:CB:2E:49:A9:8C:D4:BD:03:8F:13:89:52:24:2C
            X509v3 Authority Key Identifier:
                keyid:3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:80:e0:7e:6d:49:b3:61:08:d5:e0:8d:2c:42:47:ac:63:2f:
         84:22:7c:b8:1f:0e:0f:1a:63:86:f1:fe:9d:95:e5:c9:09:f8:
         35:d0:29:f5:93:c7:1e:dd:f0:e4:d4:75:d5:b4:81:cd:68:15:
         c6:0d:0a:23:b1:9a:ef:54:3f:31:d5:a4:f0:ba:68:12:28:31:
         c0:5b:f2:dd:53:2a:cf:3d:5d:4c:8f:46:a7:49:5e:19:c4:ae:
         8a:7c:65:af:32:c5:e6:7c:56:78:74:cb:8c:33:f6:98:f3:d6:
         c3:28:89:5e:51:c5:ec:3e:55:ba:93:f0:3d:ca:e0:12:96:f5:
         62:48:e7:75:81:75:15:5d:e4:59:7d:14:e7:fa:c4:92:93:00:
         92:c6:d1:5e:3a:68:49:3c:c5:8f:ea:24:b6:87:dd:a2:ad:cb:
         56:1e:e7:d2:ed:4d:1d:11:94:46:c2:08:8e:7b:be:2d:2a:55:
         3b:94:3e:8e:20:af:0d:83:6f:03:e8:53:37:b5:37:de:e5:8c:
         82:a1:0d:e7:8b:b8:e2:6d:fc:bf:50:ad:19:16:3d:98:2e:85:
         d3:85:7e:9d:ef:d7:7d:87:7a:da:c7:92:5c:ed:d1:ab:8d:d9:
         c8:ff:b6:15:27:e2:98:84:32:94:51:85:e5:8f:d9:af:7d:1e:
         0e:8e:43:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CemuXoU77coEThXRkHCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2U2OWQ5NzlkOWEwZGM2Nzc5NTEwNmMxZTU1YWNhMTU0
NzA4N2YwHhcNMjYwMzI5MTAwMDQ0WhcNMjYwMzMwMTAwMDQ0WjAzMTEwLwYDVQQD
Eyg3ZTM0NzA1MGExZDhjYjJlNDlhOThjZDRiZDAzOGYxMzg5NTIyNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZTXbmjeGkKBxl97dYDLlpvvR6jR
3xZoK8QBAzMOuLnRkAJvWeF3kvOsJnZpeUuQH1mjF5DXDMWBsKDtIGrCMv1zjtV/
vBjaJ8d7PBsLZUbT5rTAHY/YbsvGSOGf9i7tCJkNrE2ROjdKAzJQ218ovC0MH0ke
67XJ7Lhf7wCsj+sY40x7+oGAKhm8NdbFtLdBA96FAHTqiIXWTXwxP6NRKXQjUt4L
7Rnghaohd4C4ZVFt0+8xhuSbvCTctU6iX309xLQrRXfe0K+22bp3sObmkCeDDURK
P+MyzUbc12Iw2vEk4s2uy1MceLMfA6u35asO1e6zoeviSaDCPM+lhNmPFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH40cFCh2MsuSamM1L0DjxOJUiQsMB8GA1UdIwQY
MBaAFDrOadl52aDcZ3lRBsHlWsoVRwh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEt
YTk3NzVhYThkODEyLzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEtYTk3NzVhYThkODEy
LzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIDgfm1J
s2EI1eCNLEJHrGMvhCJ8uB8ODxpjhvH+nZXlyQn4NdAp9ZPHHt3w5NR11bSBzWgV
xg0KI7Ga71Q/MdWk8LpoEigxwFvy3VMqzz1dTI9Gp0leGcSuinxlrzLF5nxWeHTL
jDP2mPPWwyiJXlHF7D5VupPwPcrgEpb1YkjndYF1FV3kWX0U5/rEkpMAksbRXjpo
STzFj+oktofdoq3LVh7n0u1NHRGURsIIjnu+LSpVO5Q+jiCvDYNvA+hTN7U33uWM
gqEN54u44m38v1CtGRY9mC6F04V+ne/XfYd62seSXO3Rq43ZyP+2FSfimIQylFGF
5Y/Zr30eDo5D7w==
-----END CERTIFICATE-----