Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          lrpb951pVCuIgjQRvS1Tw1ju6Urnnf9G6wmGiOUI/F4=
Subject key identifier:   E4:4C:97:3B:4C:17:7E:61:F6:6E:E3:EF:62:8B:D1:0C:A6:64:22:95
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       019D3866103326737B58772A6C1EFD6EFA10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          07E2
Signing time:             Sun 29 Mar 2026 07:01:46 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:46 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:46 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: aMJKuqhW6rqVtlF5TWiAPZ2Zetxgva2/yq4LDpgaz/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:10:33:26:73:7b:58:77:2a:6c:1e:fd:6e:fa:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Mar 29 07:01:46 2026 GMT
            Not After : Mar 30 07:01:46 2026 GMT
        Subject: CN=e44c973b4c177e61f66ee3ef628bd10ca6642295
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:46:fc:ed:d9:d7:bd:81:60:08:fd:3e:2b:39:
                    58:1a:bd:7c:d9:54:e3:ce:8a:e4:9e:fa:72:33:ec:
                    e7:2e:bf:c7:4a:cf:56:b4:5a:12:fd:04:92:42:9c:
                    e2:ee:11:ca:6b:2c:0f:d9:f4:79:7c:1e:96:2f:ae:
                    83:85:94:01:38:d6:54:e7:b0:65:06:1d:1e:b1:90:
                    dd:32:4d:08:1b:a9:e3:a5:43:22:2e:6e:cd:09:78:
                    6b:87:e7:ff:a8:ef:77:38:08:7d:c4:2e:78:43:34:
                    f6:29:a0:df:4c:7b:ce:ad:70:dd:52:4e:49:d2:2f:
                    73:9c:fa:8c:a1:d8:69:34:86:e8:d6:09:48:6f:57:
                    fb:74:51:60:9b:da:33:12:8e:51:31:43:5f:8a:29:
                    5b:a8:91:ae:d0:ce:94:1e:d8:fd:fe:ca:74:c2:01:
                    c0:2b:c3:a4:37:98:13:f4:25:fd:86:0f:75:eb:ff:
                    19:54:d1:7a:7e:b5:3b:70:86:f5:98:39:94:96:6f:
                    b3:cb:a7:2e:16:57:9d:76:db:27:ef:18:86:9d:f7:
                    1d:58:30:49:b7:83:c0:6c:ab:43:6a:c9:36:55:b4:
                    f9:cd:61:55:2d:d4:ff:91:ca:39:00:14:f1:90:33:
                    7d:a7:9c:8d:e3:33:8b:c1:1d:89:fb:a1:31:dc:24:
                    52:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:4C:97:3B:4C:17:7E:61:F6:6E:E3:EF:62:8B:D1:0C:A6:64:22:95
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:52:16:38:b2:ee:90:6e:ef:fc:d8:4b:2a:62:79:69:09:15:
         89:74:c3:3d:6d:ee:fd:11:15:a8:75:30:ab:e8:26:eb:78:93:
         2d:4a:71:fd:a5:85:1f:dc:a3:77:3f:9d:2c:18:18:60:13:9b:
         36:07:d6:03:8e:bd:35:f1:99:64:4d:e4:e3:e7:87:6c:6f:0f:
         c1:93:e5:8f:96:b1:e0:be:14:84:c0:40:97:ff:9c:1c:ed:58:
         6d:c0:37:03:76:8a:0c:7f:84:b4:b3:2a:96:b6:74:6e:e9:18:
         30:60:fb:a4:9a:09:6c:34:47:05:2e:11:f6:8c:3d:2d:b3:1e:
         ed:18:15:80:2d:5b:77:9c:a1:ef:6c:94:19:d9:75:5c:e5:9e:
         d3:47:62:c3:c4:09:2b:3f:02:c9:25:65:65:03:e2:f9:0e:d3:
         aa:1a:c8:16:d8:75:5d:fa:15:3d:bd:b8:7d:e6:4b:a6:89:47:
         3e:6a:36:f7:b9:91:dc:3d:bb:55:e9:15:39:41:b8:5f:b2:ff:
         68:3b:58:2d:7a:5c:6e:f8:cf:d4:2e:7a:f6:d8:97:58:e2:9b:
         bb:e1:2e:2f:83:d2:3d:90:04:4b:bb:2a:d3:43:0f:6f:8c:7f:
         90:09:74:e9:28:c8:95:26:6f:b8:33:92:01:db:f4:45:82:db:
         cb:1f:ad:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhAzJnN7WHcqbB79bvoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjYwMzI5MDcwMTQ2WhcNMjYwMzMwMDcwMTQ2WjAzMTEwLwYDVQQD
EyhlNDRjOTczYjRjMTc3ZTYxZjY2ZWUzZWY2MjhiZDEwY2E2NjQyMjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkb87dnXvYFgCP0+KzlYGr182VTj
zorknvpyM+znLr/HSs9WtFoS/QSSQpzi7hHKaywP2fR5fB6WL66DhZQBONZU57Bl
Bh0esZDdMk0IG6njpUMiLm7NCXhrh+f/qO93OAh9xC54QzT2KaDfTHvOrXDdUk5J
0i9znPqModhpNIbo1glIb1f7dFFgm9ozEo5RMUNfiilbqJGu0M6UHtj9/sp0wgHA
K8OkN5gT9CX9hg916/8ZVNF6frU7cIb1mDmUlm+zy6cuFleddtsn7xiGnfcdWDBJ
t4PAbKtDask2VbT5zWFVLdT/kco5ABTxkDN9p5yN4zOLwR2J+6Ex3CRSywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFORMlztMF35h9m7j72KL0QymZCKVMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtVIWOLLu
kG7v/NhLKmJ5aQkViXTDPW3u/REVqHUwq+gm63iTLUpx/aWFH9yjdz+dLBgYYBOb
NgfWA469NfGZZE3k4+eHbG8PwZPlj5ax4L4UhMBAl/+cHO1YbcA3A3aKDH+EtLMq
lrZ0bukYMGD7pJoJbDRHBS4R9ow9LbMe7RgVgC1bd5yh72yUGdl1XOWe00diw8QJ
Kz8CySVlZQPi+Q7TqhrIFth1XfoVPb24feZLpolHPmo297mR3D27VekVOUG4X7L/
aDtYLXpcbvjP1C569tiXWOKbu+EuL4PSPZAES7sq00MPb4x/kAl06SjIlSZvuDOS
Adv0RYLbyx+t0g==
-----END CERTIFICATE-----