Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
File:                     ogqr6NvAhXg0PCW4xomHpevAOMk.mft (raw, json)
Hash identifier:          4vYvXWddZkqAJowsq0UW//OH7/lyzuKxjrzr43uzl1M=
Subject key identifier:   B9:E1:E7:3E:13:7F:A0:84:0B:60:36:2D:AA:11:C2:BD:DA:88:67:C9
Authority key identifier: A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9
Certificate issuer:       /CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
Certificate serial:       019D3909B61E9B712FC0B380CD4B8D614731
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
Manifest number:          02DF
Signing time:             Sun 29 Mar 2026 10:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:30 +0000
Files and hashes:         1: ogqr6NvAhXg0PCW4xomHpevAOMk.crl (hash: jjZI4sYVDq06rphFXSjBYwWTMYx3cEd1d0eKMSvp4F0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:b6:1e:9b:71:2f:c0:b3:80:cd:4b:8d:61:47:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a20aabe8dbc08578343c25b8c68987a5ebc038c9
        Validity
            Not Before: Mar 29 10:00:30 2026 GMT
            Not After : Mar 30 10:00:30 2026 GMT
        Subject: CN=b9e1e73e137fa0840b60362daa11c2bdda8867c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:37:7a:a3:25:d9:51:bf:51:b3:1d:b3:60:92:
                    8c:38:a3:1f:3e:09:df:91:73:d4:2b:78:c5:d3:bb:
                    00:27:8a:e8:f6:da:62:67:38:a1:b7:d8:19:36:7d:
                    0b:75:da:3a:79:20:74:5f:40:2f:d4:9b:96:35:05:
                    3e:07:15:65:f7:a5:25:ff:05:cf:ae:08:e4:cd:ec:
                    5e:e4:1d:ec:d1:6d:a2:87:fa:58:01:14:f9:73:cb:
                    9c:23:43:a4:27:9a:a9:20:3d:4b:21:f8:dd:b4:87:
                    91:bd:ac:fa:95:ad:98:9f:71:9f:b6:34:30:5a:9a:
                    76:16:f3:f7:d5:89:86:34:38:9e:b7:5f:83:2d:40:
                    ce:ee:6b:4f:c4:e2:f4:b1:b0:62:e2:2a:0e:67:38:
                    c8:21:bb:fc:99:cc:93:e1:0b:e3:14:cc:ab:61:df:
                    c7:9e:9b:0b:68:f4:b4:ec:ac:ed:d4:68:02:2d:48:
                    2d:dc:b8:1d:04:23:a2:28:e7:68:7f:ff:c3:ec:44:
                    b0:c3:81:1f:52:df:c2:eb:18:b5:33:af:c1:b4:bc:
                    20:1f:95:b3:49:92:d5:d1:0b:ea:c1:94:4c:13:c3:
                    4c:14:62:18:7f:b5:99:ea:96:22:71:3d:19:79:42:
                    2e:d7:92:c9:49:e9:f0:0e:22:3d:b0:f3:2e:0c:09:
                    7f:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:E1:E7:3E:13:7F:A0:84:0B:60:36:2D:AA:11:C2:BD:DA:88:67:C9
            X509v3 Authority Key Identifier:
                keyid:A2:0A:AB:E8:DB:C0:85:78:34:3C:25:B8:C6:89:87:A5:EB:C0:38:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogqr6NvAhXg0PCW4xomHpevAOMk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/87cd33-d623-4f11-ac26-71d649c3fd35/1/ogqr6NvAhXg0PCW4xomHpevAOMk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:8a:e7:9b:03:46:08:fa:60:65:eb:9d:ea:df:6f:75:b2:d5:
         12:92:73:05:8d:30:d7:db:47:fb:f9:21:a5:56:0b:5a:c9:41:
         ac:8d:78:fc:48:b8:86:24:f2:83:85:c2:2a:65:7c:29:1b:bc:
         c7:cd:d0:61:09:2b:97:fb:89:7c:43:d8:d7:af:f3:ba:25:f7:
         18:f7:25:b7:83:cb:8e:fe:fe:13:06:0d:30:c8:69:36:46:c1:
         19:22:6c:3c:c7:b5:08:62:d5:06:4b:4f:66:5f:0c:01:60:72:
         dd:12:a7:fc:44:8f:90:6b:18:48:e2:ef:82:39:6e:09:69:7e:
         68:bf:2d:a2:ad:2c:c7:0e:cf:b1:a6:62:e8:9f:2e:b6:66:af:
         a8:3b:e8:c0:37:64:fb:fe:1f:5b:ae:38:68:14:04:5f:a4:80:
         78:f1:5c:c5:77:f8:cd:2e:94:4e:0f:fb:0a:0b:b6:18:a6:61:
         ca:e3:38:3c:85:af:8c:39:b0:b0:c0:ab:87:5f:86:0f:0a:14:
         da:9c:e6:77:ec:37:a1:90:fd:f2:1d:bb:b6:6e:cc:5d:76:4d:
         7f:34:1f:4a:94:99:00:9e:6d:85:62:55:f1:73:ba:3b:67:48:
         6a:07:30:0d:cf:46:36:10:39:60:07:4e:5c:b8:06:58:c3:35:
         b6:55:31:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CbYem3EvwLOAzUuNYUcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMGFhYmU4ZGJjMDg1NzgzNDNjMjViOGM2ODk4N2E1ZWJj
MDM4YzkwHhcNMjYwMzI5MTAwMDMwWhcNMjYwMzMwMTAwMDMwWjAzMTEwLwYDVQQD
EyhiOWUxZTczZTEzN2ZhMDg0MGI2MDM2MmRhYTExYzJiZGRhODg2N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zd6oyXZUb9Rsx2zYJKMOKMfPgnf
kXPUK3jF07sAJ4ro9tpiZziht9gZNn0Lddo6eSB0X0Av1JuWNQU+BxVl96Ul/wXP
rgjkzexe5B3s0W2ih/pYART5c8ucI0OkJ5qpID1LIfjdtIeRvaz6la2Yn3GftjQw
Wpp2FvP31YmGNDiet1+DLUDO7mtPxOL0sbBi4ioOZzjIIbv8mcyT4QvjFMyrYd/H
npsLaPS07Kzt1GgCLUgt3LgdBCOiKOdof//D7ESww4EfUt/C6xi1M6/BtLwgH5Wz
SZLV0QvqwZRME8NMFGIYf7WZ6pYicT0ZeUIu15LJSenwDiI9sPMuDAl/owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLnh5z4Tf6CEC2A2LaoRwr3aiGfJMB8GA1UdIwQY
MBaAFKIKq+jbwIV4NDwluMaJh6XrwDjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYt
NzFkNjQ5YzNmZDM1LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84N2NkMzMtZDYyMy00ZjExLWFjMjYtNzFkNjQ5YzNmZDM1
LzEvb2dxcjZOdkFoWGcwUENXNHhvbUhwZXZBT01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYrnmwNG
CPpgZeud6t9vdbLVEpJzBY0w19tH+/khpVYLWslBrI14/Ei4hiTyg4XCKmV8KRu8
x83QYQkrl/uJfEPY16/zuiX3GPclt4PLjv7+EwYNMMhpNkbBGSJsPMe1CGLVBktP
Zl8MAWBy3RKn/ESPkGsYSOLvgjluCWl+aL8toq0sxw7PsaZi6J8utmavqDvowDdk
+/4fW644aBQEX6SAePFcxXf4zS6UTg/7Cgu2GKZhyuM4PIWvjDmwsMCrh1+GDwoU
2pzmd+w3oZD98h27tm7MXXZNfzQfSpSZAJ5thWJV8XO6O2dIagcwDc9GNhA5YAdO
XLgGWMM1tlUxGw==
-----END CERTIFICATE-----