Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
File:                     oewv8gIW07xkdbhQpGXjYvTs7s0.mft (raw, json)
Hash identifier:          AknMFpLhkeaMZQYT2ZdD6oCQ88Kg8qiW951EekLSd/U=
Subject key identifier:   80:90:B3:81:22:A6:0E:88:1B:E7:7E:91:99:85:01:61:60:36:74:C9
Authority key identifier: A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD
Certificate issuer:       /CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
Certificate serial:       019D37529E520712E916CF0030B2E214C19F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
Manifest number:          0510
Signing time:             Sun 29 Mar 2026 02:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:54 +0000
Files and hashes:         1: oewv8gIW07xkdbhQpGXjYvTs7s0.crl (hash: C5bufhwHZWl5RNnb17bRsoSGGsopznY9FMXbTz0jHFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:9e:52:07:12:e9:16:cf:00:30:b2:e2:14:c1:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1ec2ff20216d3bc6475b850a465e362f4eceecd
        Validity
            Not Before: Mar 29 02:00:54 2026 GMT
            Not After : Mar 30 02:00:54 2026 GMT
        Subject: CN=8090b38122a60e881be77e9199850161603674c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:84:36:1d:86:2b:04:e5:db:ab:d8:f7:54:c0:
                    8a:66:f0:1a:de:07:4f:8e:77:8c:f0:d5:a8:5d:ef:
                    f9:90:29:64:4c:b7:8a:fa:fa:85:ab:1f:2e:58:26:
                    37:e6:b3:e4:b0:bd:d0:03:3e:58:b3:4d:f9:af:30:
                    43:74:63:9c:0a:e6:5a:a5:69:ea:c2:21:58:c8:c7:
                    4b:a4:1e:c0:4a:b1:1c:a4:3b:05:5d:be:30:d2:85:
                    35:75:7d:89:8b:c7:e7:7b:9e:1d:f6:89:fc:f1:83:
                    b2:c9:f5:2a:19:02:83:8a:98:5f:28:e7:5c:91:20:
                    30:d0:2a:60:d9:5a:b0:29:ec:4a:39:ce:45:9e:b4:
                    11:99:2e:11:f6:a9:e0:8e:b7:cf:61:83:d9:0a:c2:
                    c3:76:d6:45:1d:ca:e5:be:36:0b:c8:66:3c:6a:00:
                    39:ea:4c:6c:92:48:1d:0a:3e:67:30:9e:6a:95:b4:
                    65:e8:b6:c6:bd:05:ca:1c:c6:c2:09:97:d7:bc:6b:
                    9e:73:e3:0a:d9:5c:71:bd:a4:69:7a:a2:4a:c7:85:
                    c4:03:de:04:3f:6d:5c:ca:d6:fd:cf:76:bd:e5:f1:
                    3a:f1:93:9a:03:a6:f4:a5:f4:ed:12:0e:59:ca:3e:
                    7e:9b:f0:1e:8a:97:bc:bd:b4:8c:0b:b9:40:9f:e0:
                    b2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:90:B3:81:22:A6:0E:88:1B:E7:7E:91:99:85:01:61:60:36:74:C9
            X509v3 Authority Key Identifier:
                keyid:A1:EC:2F:F2:02:16:D3:BC:64:75:B8:50:A4:65:E3:62:F4:EC:EE:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oewv8gIW07xkdbhQpGXjYvTs7s0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/23bd5e-f7e4-4d9d-b573-507563885403/1/oewv8gIW07xkdbhQpGXjYvTs7s0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:fb:c6:55:a1:4b:ab:29:f9:84:a2:e1:a9:f6:fc:99:5f:84:
         c9:0a:46:db:e2:3f:08:ad:e0:1c:e6:81:8c:c8:e2:9e:2e:c9:
         7b:2d:21:e9:e6:05:45:61:e8:b7:9e:75:a0:43:e2:ec:84:cb:
         0e:9b:37:20:b0:84:73:be:ab:1b:56:0f:f3:e0:eb:52:ae:81:
         2c:77:89:48:9a:6f:96:6d:60:33:12:42:dc:39:1e:8d:81:fc:
         00:2c:4f:6b:8e:98:6d:43:95:4f:6e:71:7b:99:c3:da:0d:52:
         9d:f8:98:09:19:94:9a:c8:69:d7:62:c9:71:ab:eb:a7:b1:de:
         3d:30:2a:5d:82:04:c4:08:9f:8e:63:f4:8d:f3:a8:b7:9c:2f:
         a8:66:f8:b4:21:ac:f7:01:6a:24:b8:dd:24:a8:0d:e3:82:6a:
         83:59:d0:38:37:87:9e:6d:37:74:f0:b5:6a:f7:f5:2f:95:7d:
         b8:b0:44:a2:37:05:a4:0a:12:9d:89:a8:fb:07:6b:62:b0:fc:
         cc:66:a1:04:47:1a:59:21:08:ed:d7:2d:ab:d1:68:3c:fd:d5:
         ff:48:b2:75:bb:5a:bd:62:4f:fe:dd:9f:31:65:91:57:a6:9f:
         59:92:05:46:95:c2:8e:87:b9:f6:e9:13:f9:47:3d:fd:08:3e:
         49:df:a7:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Up5SBxLpFs8AMLLiFMGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZWMyZmYyMDIxNmQzYmM2NDc1Yjg1MGE0NjVlMzYyZjRl
Y2VlY2QwHhcNMjYwMzI5MDIwMDU0WhcNMjYwMzMwMDIwMDU0WjAzMTEwLwYDVQQD
Eyg4MDkwYjM4MTIyYTYwZTg4MWJlNzdlOTE5OTg1MDE2MTYwMzY3NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYQ2HYYrBOXbq9j3VMCKZvAa3gdP
jneM8NWoXe/5kClkTLeK+vqFqx8uWCY35rPksL3QAz5Ys035rzBDdGOcCuZapWnq
wiFYyMdLpB7ASrEcpDsFXb4w0oU1dX2Ji8fne54d9on88YOyyfUqGQKDiphfKOdc
kSAw0Cpg2VqwKexKOc5FnrQRmS4R9qngjrfPYYPZCsLDdtZFHcrlvjYLyGY8agA5
6kxskkgdCj5nMJ5qlbRl6LbGvQXKHMbCCZfXvGuec+MK2VxxvaRpeqJKx4XEA94E
P21cytb9z3a95fE68ZOaA6b0pfTtEg5Zyj5+m/Aeipe8vbSMC7lAn+CyxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICQs4Eipg6IG+d+kZmFAWFgNnTJMB8GA1UdIwQY
MBaAFKHsL/ICFtO8ZHW4UKRl42L07O7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMt
NTA3NTYzODg1NDAzLzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yM2JkNWUtZjdlNC00ZDlkLWI1NzMtNTA3NTYzODg1NDAz
LzEvb2V3djhnSVcwN3hrZGJoUXBHWGpZdlRzN3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdPvGVaFL
qyn5hKLhqfb8mV+EyQpG2+I/CK3gHOaBjMjini7Jey0h6eYFRWHot551oEPi7ITL
Dps3ILCEc76rG1YP8+DrUq6BLHeJSJpvlm1gMxJC3DkejYH8ACxPa46YbUOVT25x
e5nD2g1SnfiYCRmUmshp12LJcavrp7HePTAqXYIExAifjmP0jfOot5wvqGb4tCGs
9wFqJLjdJKgN44Jqg1nQODeHnm03dPC1avf1L5V9uLBEojcFpAoSnYmo+wdrYrD8
zGahBEcaWSEI7dctq9FoPP3V/0iydbtavWJP/t2fMWWRV6afWZIFRpXCjoe59ukT
+Uc9/Qg+Sd+n/g==
-----END CERTIFICATE-----