Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/c9d7de-7b7b-4f7d-998b-2f57dcce46c7/1/OpYsbtKgSaKpOg08VHHGBrqOUlw.mft
File:                     OpYsbtKgSaKpOg08VHHGBrqOUlw.mft (raw, json)
Hash identifier:          sGIjnZWQlc4rixGlBzT0GFqMPT+tjSLwmpn2Lo+o0f8=
Subject key identifier:   6D:27:56:6D:96:F1:D6:61:D7:4F:78:AF:8B:9E:5B:04:86:CD:CC:36
Authority key identifier: 3A:96:2C:6E:D2:A0:49:A2:A9:3A:0D:3C:54:71:C6:06:BA:8E:52:5C
Certificate issuer:       /CN=3a962c6ed2a049a2a93a0d3c5471c606ba8e525c
Certificate serial:       019D389C3BCC54C5479DC08C97F09938B4D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpYsbtKgSaKpOg08VHHGBrqOUlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/c9d7de-7b7b-4f7d-998b-2f57dcce46c7/1/OpYsbtKgSaKpOg08VHHGBrqOUlw.mft
Manifest number:          A1
Signing time:             Sun 29 Mar 2026 08:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:56 +0000
Files and hashes:         1: OpYsbtKgSaKpOg08VHHGBrqOUlw.crl (hash: bVhEd6rpeXhrQ4wzraUvaIvr/xL5caGaig+LMBbs/HE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/c9d7de-7b7b-4f7d-998b-2f57dcce46c7/1/OpYsbtKgSaKpOg08VHHGBrqOUlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/c9d7de-7b7b-4f7d-998b-2f57dcce46c7/1/OpYsbtKgSaKpOg08VHHGBrqOUlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpYsbtKgSaKpOg08VHHGBrqOUlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:3b:cc:54:c5:47:9d:c0:8c:97:f0:99:38:b4:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a962c6ed2a049a2a93a0d3c5471c606ba8e525c
        Validity
            Not Before: Mar 29 08:00:56 2026 GMT
            Not After : Mar 30 08:00:56 2026 GMT
        Subject: CN=6d27566d96f1d661d74f78af8b9e5b0486cdcc36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e6:0a:5c:cd:b3:17:33:dd:5e:4a:ab:5a:ca:
                    e9:86:cf:58:1f:1a:09:7c:78:be:5a:1b:09:0a:5a:
                    8d:ab:30:4f:4a:b8:23:1f:5e:74:98:84:e2:00:a0:
                    4e:43:c2:08:38:15:85:12:60:c8:b0:7d:f9:40:5f:
                    52:ad:2c:6b:a1:12:d6:77:3a:00:e7:bd:63:33:7c:
                    08:0c:e1:77:01:78:1d:78:35:29:b5:b2:41:45:59:
                    68:4a:6e:51:59:b6:65:06:cb:b0:4b:ec:08:4d:93:
                    51:c6:13:17:a0:13:b4:3e:69:92:43:21:36:b2:bb:
                    c0:49:84:18:c9:c5:1f:ef:b2:15:79:41:68:4a:d2:
                    a8:67:f1:09:fd:77:88:e5:de:99:73:b1:8c:2b:51:
                    80:85:1f:8c:13:d8:eb:54:2c:fc:e6:60:3b:91:dc:
                    e4:06:bb:27:fd:0f:1a:6b:f1:86:2b:64:6c:64:d4:
                    22:62:84:a0:35:a3:33:7a:1a:75:5f:bb:0e:7b:60:
                    eb:96:f4:e7:8f:6f:fa:16:5f:95:8f:ac:96:8e:27:
                    64:c9:ad:1e:e6:1a:23:eb:63:b7:9f:6e:eb:d7:3e:
                    fd:94:dd:60:01:23:ea:6a:ec:01:8e:f9:66:02:d0:
                    a2:00:db:b7:bc:e5:3b:15:d0:a5:26:9f:7e:b7:fd:
                    2d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:27:56:6D:96:F1:D6:61:D7:4F:78:AF:8B:9E:5B:04:86:CD:CC:36
            X509v3 Authority Key Identifier:
                keyid:3A:96:2C:6E:D2:A0:49:A2:A9:3A:0D:3C:54:71:C6:06:BA:8E:52:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpYsbtKgSaKpOg08VHHGBrqOUlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c9d7de-7b7b-4f7d-998b-2f57dcce46c7/1/OpYsbtKgSaKpOg08VHHGBrqOUlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/c9d7de-7b7b-4f7d-998b-2f57dcce46c7/1/OpYsbtKgSaKpOg08VHHGBrqOUlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:c2:ce:61:ea:b6:53:61:f5:06:03:1b:ad:8a:58:21:69:78:
         3a:44:6e:40:53:62:00:9d:cd:0d:8b:73:bb:43:94:06:13:c0:
         6a:54:45:73:41:d2:34:bd:43:ce:12:f8:32:02:41:f4:f7:44:
         ef:7b:07:b2:00:61:cb:59:5c:d2:02:c8:36:8f:a7:e3:e2:d1:
         15:fe:91:37:3d:65:ee:3d:b4:02:85:7b:04:e3:9b:56:62:3f:
         4d:f5:c2:81:3c:0e:03:f9:0a:50:72:cc:6b:4b:7a:6d:9d:e6:
         f9:aa:fb:80:b7:2a:4a:50:1e:2f:99:f9:1e:e7:45:5d:70:9e:
         a6:1a:03:23:cd:66:82:b3:6e:18:93:c1:36:f4:82:c6:47:fe:
         48:ea:02:56:d3:3d:0a:68:d2:c7:f4:14:3b:99:38:a1:70:b1:
         0b:e9:94:3a:11:e8:8b:f6:e8:32:8a:df:1f:c0:05:82:6b:dd:
         75:ea:e1:b2:12:54:65:72:d5:12:76:e6:32:54:7b:31:ae:41:
         ec:de:b0:80:e5:43:14:e3:c4:ae:fa:b0:f1:0a:1b:ae:93:f2:
         a2:ff:bb:4c:7a:3c:0d:13:0a:2e:70:bf:96:6c:b7:7f:54:d5:
         c6:0d:11:8c:bf:da:d9:77:95:47:78:c9:84:cf:28:ff:9d:99:
         0a:2b:f4:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nDvMVMVHncCMl/CZOLTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTYyYzZlZDJhMDQ5YTJhOTNhMGQzYzU0NzFjNjA2YmE4
ZTUyNWMwHhcNMjYwMzI5MDgwMDU2WhcNMjYwMzMwMDgwMDU2WjAzMTEwLwYDVQQD
Eyg2ZDI3NTY2ZDk2ZjFkNjYxZDc0Zjc4YWY4YjllNWIwNDg2Y2RjYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOYKXM2zFzPdXkqrWsrphs9YHxoJ
fHi+WhsJClqNqzBPSrgjH150mITiAKBOQ8IIOBWFEmDIsH35QF9SrSxroRLWdzoA
571jM3wIDOF3AXgdeDUptbJBRVloSm5RWbZlBsuwS+wITZNRxhMXoBO0PmmSQyE2
srvASYQYycUf77IVeUFoStKoZ/EJ/XeI5d6Zc7GMK1GAhR+ME9jrVCz85mA7kdzk
Brsn/Q8aa/GGK2RsZNQiYoSgNaMzehp1X7sOe2DrlvTnj2/6Fl+Vj6yWjidkya0e
5hoj62O3n27r1z79lN1gASPqauwBjvlmAtCiANu3vOU7FdClJp9+t/0tpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0nVm2W8dZh1094r4ueWwSGzcw2MB8GA1UdIwQY
MBaAFDqWLG7SoEmiqToNPFRxxga6jlJcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BZc2J0S2dTYUtwT2cwOFZISEdCcnFPVWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9jOWQ3ZGUtN2I3Yi00ZjdkLTk5OGIt
MmY1N2RjY2U0NmM3LzEvT3BZc2J0S2dTYUtwT2cwOFZISEdCcnFPVWx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9jOWQ3ZGUtN2I3Yi00ZjdkLTk5OGItMmY1N2RjY2U0NmM3
LzEvT3BZc2J0S2dTYUtwT2cwOFZISEdCcnFPVWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASMLOYeq2
U2H1BgMbrYpYIWl4OkRuQFNiAJ3NDYtzu0OUBhPAalRFc0HSNL1DzhL4MgJB9PdE
73sHsgBhy1lc0gLINo+n4+LRFf6RNz1l7j20AoV7BOObVmI/TfXCgTwOA/kKUHLM
a0t6bZ3m+ar7gLcqSlAeL5n5HudFXXCephoDI81mgrNuGJPBNvSCxkf+SOoCVtM9
CmjSx/QUO5k4oXCxC+mUOhHoi/boMorfH8AFgmvdderhshJUZXLVEnbmMlR7Ma5B
7N6wgOVDFOPErvqw8QobrpPyov+7THo8DRMKLnC/lmy3f1TVxg0RjL/a2XeVR3jJ
hM8o/52ZCiv0Cw==
-----END CERTIFICATE-----