Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
File:                     OstMHbOigqLFrhaULo1gYb50UWs.mft (raw, json)
Hash identifier:          M6sbgYHqjzjmHEsDHcvYKTElGWrEpxHd6wbWMFxi5jA=
Subject key identifier:   11:89:B7:1F:85:98:17:8F:1D:0B:52:46:A4:C5:AD:CC:BF:FB:07:C1
Authority key identifier: 3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B
Certificate issuer:       /CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
Certificate serial:       019D3A5488B1AA3B458C7675FC953881B87A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
Manifest number:          10FE
Signing time:             Sun 29 Mar 2026 16:01:51 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:51 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:51 +0000
Files and hashes:         1: OstMHbOigqLFrhaULo1gYb50UWs.crl (hash: 4PVhU+iYSA0YpyLz+WDUXSSCevJuKkYCWicAF0pY4Mo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:88:b1:aa:3b:45:8c:76:75:fc:95:38:81:b8:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
        Validity
            Not Before: Mar 29 16:01:51 2026 GMT
            Not After : Mar 30 16:01:51 2026 GMT
        Subject: CN=1189b71f8598178f1d0b5246a4c5adccbffb07c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:e4:58:cf:5d:c7:42:f1:4f:a3:7f:05:0d:37:
                    7a:ea:57:18:6f:74:d1:c3:4c:c9:30:c3:13:83:46:
                    43:ad:c3:cd:05:c1:6f:ea:35:12:d1:6f:10:f9:bc:
                    52:1b:f5:6d:8a:8c:c5:63:de:14:c8:a2:37:d8:52:
                    65:e4:5c:fc:d6:2e:0b:b9:ee:d1:ea:f7:88:2c:d0:
                    5d:13:52:56:08:36:29:a2:51:3f:36:ba:19:19:48:
                    ce:03:98:6e:f2:b3:d1:ea:cd:d1:13:09:3c:d4:65:
                    91:22:65:b7:90:d6:6c:f9:25:26:c9:64:50:12:52:
                    bc:e0:39:4f:1d:de:90:ae:45:ec:75:5f:f5:36:54:
                    c5:3e:5c:6e:e9:5b:50:06:4c:fb:c1:83:8d:e6:3c:
                    12:f6:e9:74:b5:78:dd:f1:63:56:4c:51:62:b6:bc:
                    92:75:f6:37:8a:fa:35:57:16:7b:c1:e3:5f:6d:9a:
                    04:d5:0b:10:dc:65:f5:c8:81:46:d7:a5:16:d5:1a:
                    16:75:a9:66:99:c5:fe:c0:f0:b7:a7:6b:da:ec:08:
                    2f:95:24:0e:6c:ee:06:7f:15:53:4e:b4:2e:c7:af:
                    80:ea:54:4d:72:34:0f:cf:ab:fb:e6:3e:84:8f:4c:
                    7c:f8:c3:1e:66:8c:e0:05:90:ba:96:71:1a:a0:1a:
                    07:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:89:B7:1F:85:98:17:8F:1D:0B:52:46:A4:C5:AD:CC:BF:FB:07:C1
            X509v3 Authority Key Identifier:
                keyid:3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:48:25:70:1f:01:47:0e:da:ad:ef:23:d6:18:c6:b4:a9:ef:
         19:64:43:15:d6:13:07:d2:e8:2b:7d:b9:d1:5b:04:32:19:06:
         e4:e0:dd:da:b1:bf:71:4b:27:68:9f:7e:cc:1a:ea:d1:14:4d:
         5c:38:cb:eb:11:29:dd:f1:0f:72:ee:bb:66:14:ac:46:2b:cd:
         03:ad:99:8a:b4:d9:a4:60:f0:98:76:55:22:95:97:39:55:49:
         11:ec:8d:81:99:82:de:f4:c2:47:09:29:e0:aa:59:a5:8d:a0:
         de:4b:0e:c6:1e:6b:c8:dc:d2:04:c4:ab:3e:b6:42:b0:d8:5e:
         21:7b:b0:4d:e7:e0:55:b8:61:c1:5f:56:9e:98:70:4a:e6:6b:
         50:1c:82:6f:e3:56:45:2e:7d:25:34:05:9a:9e:1a:1f:c3:24:
         d5:55:b2:d4:90:74:19:35:d8:04:68:2c:c2:6c:d7:31:c2:00:
         bd:67:ee:46:ca:ea:17:9d:23:ee:66:22:12:b2:f0:63:3d:3f:
         f1:97:3f:3c:61:be:6c:9f:07:10:ae:b2:b4:fc:50:b7:3c:ca:
         2f:3d:b7:da:a9:ba:fd:f5:13:06:5f:1f:45:a5:e1:4c:0a:d8:
         53:69:0c:fe:b8:ea:98:e0:4f:3a:ef:1d:1f:40:0b:72:cd:d7:
         39:68:41:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VIixqjtFjHZ1/JU4gbh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2I0YzFkYjNhMjgyYTJjNWFlMTY5NDJlOGQ2MDYxYmU3
NDUxNmIwHhcNMjYwMzI5MTYwMTUxWhcNMjYwMzMwMTYwMTUxWjAzMTEwLwYDVQQD
EygxMTg5YjcxZjg1OTgxNzhmMWQwYjUyNDZhNGM1YWRjY2JmZmIwN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+RYz13HQvFPo38FDTd66lcYb3TR
w0zJMMMTg0ZDrcPNBcFv6jUS0W8Q+bxSG/VtiozFY94UyKI32FJl5Fz81i4Lue7R
6veILNBdE1JWCDYpolE/NroZGUjOA5hu8rPR6s3REwk81GWRImW3kNZs+SUmyWRQ
ElK84DlPHd6QrkXsdV/1NlTFPlxu6VtQBkz7wYON5jwS9ul0tXjd8WNWTFFitryS
dfY3ivo1VxZ7weNfbZoE1QsQ3GX1yIFG16UW1RoWdalmmcX+wPC3p2va7AgvlSQO
bO4GfxVTTrQux6+A6lRNcjQPz6v75j6Ej0x8+MMeZozgBZC6lnEaoBoHCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBGJtx+FmBePHQtSRqTFrcy/+wfBMB8GA1UdIwQY
MBaAFDrLTB2zooKixa4WlC6NYGG+dFFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgt
Y2JmMzRlYmNhNGI5LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgtY2JmMzRlYmNhNGI5
LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEglcB8B
Rw7are8j1hjGtKnvGWRDFdYTB9LoK3250VsEMhkG5ODd2rG/cUsnaJ9+zBrq0RRN
XDjL6xEp3fEPcu67ZhSsRivNA62ZirTZpGDwmHZVIpWXOVVJEeyNgZmC3vTCRwkp
4KpZpY2g3ksOxh5ryNzSBMSrPrZCsNheIXuwTefgVbhhwV9WnphwSuZrUByCb+NW
RS59JTQFmp4aH8Mk1VWy1JB0GTXYBGgswmzXMcIAvWfuRsrqF50j7mYiErLwYz0/
8Zc/PGG+bJ8HEK6ytPxQtzzKLz232qm6/fUTBl8fRaXhTArYU2kM/rjqmOBPOu8d
H0ALcs3XOWhBPA==
-----END CERTIFICATE-----