Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
File:                     oOWh7YHyM49feJpE6u2w7uP3EJ4.mft (raw, json)
Hash identifier:          1J5Ak7rjCWxmUjEnqbLXtTNMtqcnaqcrDiPvBxk56pI=
Subject key identifier:   3E:97:7D:28:2C:4E:05:4F:5E:E0:7B:F4:7D:1C:4F:D8:36:E1:1A:D1
Authority key identifier: A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E
Certificate issuer:       /CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e
Certificate serial:       019D378911C93C97BF25F680638E502082FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
Manifest number:          0172
Signing time:             Sun 29 Mar 2026 03:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:22 +0000
Files and hashes:         1: oOWh7YHyM49feJpE6u2w7uP3EJ4.crl (hash: ohJwmh2ztug1UjApDy1iyu1APofJ1bNBNadcpaBxH7Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:11:c9:3c:97:bf:25:f6:80:63:8e:50:20:82:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0e5a1ed81f2338f5f789a44eaedb0eee3f7109e
        Validity
            Not Before: Mar 29 03:00:22 2026 GMT
            Not After : Mar 30 03:00:22 2026 GMT
        Subject: CN=3e977d282c4e054f5ee07bf47d1c4fd836e11ad1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:7b:75:e1:4e:7a:8d:32:5a:7d:91:27:61:6c:
                    cf:db:fc:a9:89:3b:d3:9c:f0:0d:0a:c2:c6:db:37:
                    b0:6a:3f:78:91:55:fa:56:ca:1e:85:cd:ac:c9:b0:
                    7c:89:26:cf:74:6b:ca:2c:9f:2a:f2:54:84:de:da:
                    fe:bc:e9:4b:60:a9:0e:ef:00:ee:2f:3a:32:ec:02:
                    92:d4:8b:b2:ba:ee:92:cb:dd:83:e3:a7:92:52:ec:
                    b3:5e:76:92:32:4f:fa:a4:da:e8:fd:a5:7d:e6:b6:
                    c1:0d:23:8e:d5:76:63:6a:4a:a0:e8:44:eb:f1:d5:
                    00:ce:df:aa:e7:7b:99:bf:f3:d9:0f:24:4e:a2:86:
                    e0:00:b2:e8:1f:80:19:65:16:26:3d:d8:12:99:3c:
                    0b:8d:8f:cd:ff:b2:99:a0:f4:72:96:3a:65:b5:b8:
                    67:de:0b:a8:35:c7:13:ca:60:43:7a:71:3c:ca:7d:
                    04:80:10:a7:1b:9d:f2:27:79:ea:76:71:77:b8:38:
                    4d:2c:5c:2a:0b:71:b4:99:50:7b:1b:c0:c9:fe:27:
                    5c:4c:9c:b0:fb:56:32:bd:e2:4e:51:9f:f5:f0:39:
                    f9:8e:bf:ca:50:e1:fb:c2:c5:a2:4a:0c:97:c8:16:
                    06:b6:3a:58:db:bc:f1:08:df:3b:07:48:cd:f5:3d:
                    e6:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:97:7D:28:2C:4E:05:4F:5E:E0:7B:F4:7D:1C:4F:D8:36:E1:1A:D1
            X509v3 Authority Key Identifier:
                keyid:A0:E5:A1:ED:81:F2:33:8F:5F:78:9A:44:EA:ED:B0:EE:E3:F7:10:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOWh7YHyM49feJpE6u2w7uP3EJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d9df20-f633-44df-bc3a-0d53fc10a8e9/1/oOWh7YHyM49feJpE6u2w7uP3EJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:55:a3:5d:e6:0c:c8:76:eb:42:16:42:e2:6c:21:04:62:7b:
         1a:57:49:34:0d:ac:35:ba:6a:2e:46:92:6c:b9:60:c9:6e:b7:
         df:d4:23:46:26:fc:23:51:3e:f8:a3:97:e4:4a:68:40:46:76:
         bb:a6:01:5e:09:f5:c1:4a:00:e0:b9:9f:e3:9f:ca:6b:0a:f9:
         04:8d:68:d0:7e:2f:7e:70:9c:7a:7e:7e:d1:52:70:08:dd:15:
         32:6e:dc:93:0a:a5:4d:88:88:de:d8:63:31:63:df:60:57:f2:
         bb:87:60:fe:6c:53:62:88:da:70:c5:48:1c:ca:0a:37:8b:dd:
         e6:69:06:e8:2c:8a:d7:d6:3e:c5:3e:87:2d:b0:6a:9d:6a:5f:
         68:1d:78:d4:a3:4a:0a:96:19:f4:45:bd:90:4e:a9:bb:ea:c0:
         91:91:21:f1:07:be:cc:76:49:b6:f3:c3:66:1d:b2:45:cc:06:
         81:eb:55:86:b9:49:2b:1b:8d:a7:01:e2:eb:bf:6f:db:83:63:
         6f:55:ad:75:ec:d6:e7:b3:ca:a2:f8:0c:01:bb:42:ed:6a:c2:
         e4:5c:ac:8b:fd:c3:ff:b4:2f:46:99:2b:74:2e:46:ac:b7:df:
         97:fe:15:58:30:e4:30:1f:85:61:e6:98:a7:21:be:6f:84:60:
         48:65:2b:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRHJPJe/JfaAY45QIIL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTVhMWVkODFmMjMzOGY1Zjc4OWE0NGVhZWRiMGVlZTNm
NzEwOWUwHhcNMjYwMzI5MDMwMDIyWhcNMjYwMzMwMDMwMDIyWjAzMTEwLwYDVQQD
EygzZTk3N2QyODJjNGUwNTRmNWVlMDdiZjQ3ZDFjNGZkODM2ZTExYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAint14U56jTJafZEnYWzP2/ypiTvT
nPANCsLG2zewaj94kVX6Vsoehc2sybB8iSbPdGvKLJ8q8lSE3tr+vOlLYKkO7wDu
Lzoy7AKS1Iuyuu6Sy92D46eSUuyzXnaSMk/6pNro/aV95rbBDSOO1XZjakqg6ETr
8dUAzt+q53uZv/PZDyROoobgALLoH4AZZRYmPdgSmTwLjY/N/7KZoPRyljpltbhn
3guoNccTymBDenE8yn0EgBCnG53yJ3nqdnF3uDhNLFwqC3G0mVB7G8DJ/idcTJyw
+1YyveJOUZ/18Dn5jr/KUOH7wsWiSgyXyBYGtjpY27zxCN87B0jN9T3mZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6XfSgsTgVPXuB79H0cT9g24RrRMB8GA1UdIwQY
MBaAFKDloe2B8jOPX3iaROrtsO7j9xCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2Et
MGQ1M2ZjMTBhOGU5LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOWRmMjAtZjYzMy00NGRmLWJjM2EtMGQ1M2ZjMTBhOGU5
LzEvb09XaDdZSHlNNDlmZUpwRTZ1Mnc3dVAzRUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAlWjXeYM
yHbrQhZC4mwhBGJ7GldJNA2sNbpqLkaSbLlgyW6339QjRib8I1E++KOX5EpoQEZ2
u6YBXgn1wUoA4Lmf45/Kawr5BI1o0H4vfnCcen5+0VJwCN0VMm7ckwqlTYiI3thj
MWPfYFfyu4dg/mxTYojacMVIHMoKN4vd5mkG6CyK19Y+xT6HLbBqnWpfaB141KNK
CpYZ9EW9kE6pu+rAkZEh8Qe+zHZJtvPDZh2yRcwGgetVhrlJKxuNpwHi679v24Nj
b1WtdezW57PKovgMAbtC7WrC5Fysi/3D/7QvRpkrdC5GrLffl/4VWDDkMB+FYeaY
pyG+b4RgSGUrjw==
-----END CERTIFICATE-----