Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          Q0QlqPW0PcGL/hZySvT53bAKeTNEV+WlPZuGvvYoSDg=
Subject key identifier:   AA:B7:B8:43:F6:5E:01:6E:5A:03:68:3F:93:88:3D:89:84:E8:3F:C7
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       019D37C06BD8BCB1269278789BA5A39540A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0C9F
Signing time:             Sun 29 Mar 2026 04:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:50 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: YM741u8QCvU0UrB//d1PFZwbPWiqf/cMLpmsafWx8G0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:6b:d8:bc:b1:26:92:78:78:9b:a5:a3:95:40:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Mar 29 04:00:50 2026 GMT
            Not After : Mar 30 04:00:50 2026 GMT
        Subject: CN=aab7b843f65e016e5a03683f93883d8984e83fc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ed:41:d9:21:a3:91:81:24:b4:20:99:58:a6:
                    4f:77:7b:38:75:ca:5c:03:53:81:72:f7:c8:79:f9:
                    28:82:bb:7c:11:cb:b8:39:3a:08:74:e5:03:7c:97:
                    db:4f:ee:12:83:fd:48:e7:ef:a7:a6:0e:85:e1:32:
                    91:8e:5d:ad:7f:72:a4:ff:4c:b7:a2:d8:e2:ea:ec:
                    04:9d:ba:8a:a8:b5:98:14:5b:b4:9b:b1:59:69:cc:
                    14:de:ee:bb:2c:e7:12:f8:20:f7:55:c1:ed:d6:b1:
                    00:b4:39:df:b2:b1:06:26:32:3e:ca:3a:b2:ea:72:
                    d4:21:d4:21:91:08:97:46:6c:0e:e1:63:95:84:1f:
                    24:09:58:46:da:41:01:5f:41:78:08:de:59:b2:36:
                    85:fd:fb:46:0e:20:55:ac:25:59:e5:4b:b1:da:0f:
                    9d:a1:37:a9:68:c7:05:a7:32:88:9a:d2:c2:7f:bc:
                    3e:8f:e3:d2:d8:69:b3:2c:22:fb:5a:79:91:fa:28:
                    cd:c1:a1:5b:c8:e4:c8:e2:ab:06:97:4d:58:95:93:
                    a2:3d:d6:9e:8e:c4:86:35:ef:b0:0a:1b:02:2e:8b:
                    34:d9:c7:f4:b5:54:02:10:29:01:8d:0e:c7:39:c3:
                    c9:56:b1:1b:b8:36:56:85:fc:bc:2d:cd:80:f4:57:
                    ff:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:B7:B8:43:F6:5E:01:6E:5A:03:68:3F:93:88:3D:89:84:E8:3F:C7
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:64:04:ee:7f:36:7a:26:41:45:21:27:da:e6:56:81:ae:07:
         fb:cb:41:b1:fb:44:c9:f3:1b:c4:c7:f2:0c:fc:3e:be:52:1e:
         28:f6:98:4c:4a:f7:df:39:4e:9e:6f:96:3b:12:2c:87:73:17:
         c8:94:2e:f6:a5:87:7d:74:35:fb:b7:37:42:e4:fb:67:74:32:
         e2:d5:c3:ee:87:b3:5f:09:cf:a3:e3:8f:1f:0c:84:f6:a6:6e:
         5a:28:fa:ce:c9:50:65:79:6a:9a:0f:f7:b8:93:e8:10:c8:68:
         fa:85:93:a8:53:a2:53:e0:97:75:4c:a8:14:8f:fd:34:2b:45:
         42:2b:c5:ce:ae:53:9f:2b:c6:c6:87:64:ef:e7:5f:69:c0:ff:
         b7:04:a6:ac:a9:c0:58:05:3c:f4:3b:8f:50:df:8a:df:80:1f:
         77:50:f9:d2:53:e0:72:c5:5e:c3:1d:49:da:63:cd:43:03:7c:
         39:e2:27:5c:39:c3:07:e6:5e:a3:0a:27:d0:e0:55:85:d4:3a:
         f6:1d:bb:0a:42:e0:67:28:f8:a5:87:82:cc:a1:2e:7b:b4:d8:
         3f:11:6c:16:f8:78:6d:b8:06:32:86:97:6a:37:a1:65:43:f2:
         d6:01:f0:fd:c9:66:e4:bb:dc:07:7b:5f:3c:a7:a6:c3:34:9d:
         59:90:e7:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wGvYvLEmknh4m6WjlUChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjYwMzI5MDQwMDUwWhcNMjYwMzMwMDQwMDUwWjAzMTEwLwYDVQQD
EyhhYWI3Yjg0M2Y2NWUwMTZlNWEwMzY4M2Y5Mzg4M2Q4OTg0ZTgzZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO1B2SGjkYEktCCZWKZPd3s4dcpc
A1OBcvfIefkogrt8Ecu4OToIdOUDfJfbT+4Sg/1I5++npg6F4TKRjl2tf3Kk/0y3
otji6uwEnbqKqLWYFFu0m7FZacwU3u67LOcS+CD3VcHt1rEAtDnfsrEGJjI+yjqy
6nLUIdQhkQiXRmwO4WOVhB8kCVhG2kEBX0F4CN5ZsjaF/ftGDiBVrCVZ5Uux2g+d
oTepaMcFpzKImtLCf7w+j+PS2GmzLCL7WnmR+ijNwaFbyOTI4qsGl01YlZOiPdae
jsSGNe+wChsCLos02cf0tVQCECkBjQ7HOcPJVrEbuDZWhfy8Lc2A9Ff/tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKq3uEP2XgFuWgNoP5OIPYmE6D/HMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJmQE7n82
eiZBRSEn2uZWga4H+8tBsftEyfMbxMfyDPw+vlIeKPaYTEr33zlOnm+WOxIsh3MX
yJQu9qWHfXQ1+7c3QuT7Z3Qy4tXD7oezXwnPo+OPHwyE9qZuWij6zslQZXlqmg/3
uJPoEMho+oWTqFOiU+CXdUyoFI/9NCtFQivFzq5TnyvGxodk7+dfacD/twSmrKnA
WAU89DuPUN+K34Afd1D50lPgcsVewx1J2mPNQwN8OeInXDnDB+Zeowon0OBVhdQ6
9h27CkLgZyj4pYeCzKEue7TYPxFsFvh4bbgGMoaXajehZUPy1gHw/clm5LvcB3tf
PKemwzSdWZDnEQ==
-----END CERTIFICATE-----