Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
File:                     oy2niZiHqsRJlYu5DrU1lRqXOgA.mft (raw, json)
Hash identifier:          cLaZcCiypvanlTjeeAaIsJbNhnMyUQh7rzqTaPOsIG0=
Subject key identifier:   DB:7E:08:38:C0:B1:CD:02:45:B7:06:50:8E:F2:5C:1A:63:50:54:F1
Authority key identifier: A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00
Certificate issuer:       /CN=a32da7899887aac449958bb90eb535951a973a00
Certificate serial:       019D3A537767570CFB7E6169958692EEAE34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
Manifest number:          118F
Signing time:             Sun 29 Mar 2026 16:00:41 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:41 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:41 +0000
Files and hashes:         1: oy2niZiHqsRJlYu5DrU1lRqXOgA.crl (hash: t/g6/Llxtk7ZVSIRoPFdnQRR3bp+qU+2pyGB4SMrUYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:77:67:57:0c:fb:7e:61:69:95:86:92:ee:ae:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a32da7899887aac449958bb90eb535951a973a00
        Validity
            Not Before: Mar 29 16:00:41 2026 GMT
            Not After : Mar 30 16:00:41 2026 GMT
        Subject: CN=db7e0838c0b1cd0245b706508ef25c1a635054f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e2:01:c9:80:48:94:f1:66:f0:13:49:e4:f6:
                    48:b6:75:f9:e1:0f:28:37:2e:45:06:02:64:d3:fc:
                    44:56:fa:ca:ee:24:fc:3d:22:41:99:25:a9:28:04:
                    8a:02:24:13:a8:0a:d5:33:0a:92:54:9b:88:03:3c:
                    8a:cb:74:a1:04:ae:e7:fa:1e:be:78:0b:d0:7e:40:
                    95:46:5a:69:c3:69:26:79:6b:8f:1d:67:36:df:12:
                    27:89:3f:bb:72:e6:0f:e2:c9:48:5d:7f:53:4b:8a:
                    05:7c:6c:ec:53:51:be:c0:50:0f:da:9c:a8:5e:4b:
                    44:aa:46:15:de:6d:2c:5a:84:b7:ad:58:50:55:c1:
                    48:0c:b8:68:c4:98:6a:bc:69:04:59:e6:16:cc:9e:
                    14:43:c6:eb:2e:0e:3c:15:39:c7:51:ba:be:96:84:
                    dc:4f:82:d8:79:98:b5:6f:65:2b:eb:b9:74:92:65:
                    4c:3a:20:e0:c3:db:d2:72:59:bb:9d:42:6f:a5:78:
                    be:e2:a7:9e:c8:a6:47:9a:9a:09:dc:44:93:45:74:
                    d2:33:41:2f:cb:61:c4:0b:37:26:9c:0a:66:a7:1d:
                    ef:4d:bc:9a:e6:2f:b8:89:6e:e2:f4:df:ff:a8:ec:
                    cc:a3:38:5f:fb:ab:dd:dd:c8:85:42:17:15:f9:85:
                    5c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:7E:08:38:C0:B1:CD:02:45:B7:06:50:8E:F2:5C:1A:63:50:54:F1
            X509v3 Authority Key Identifier:
                keyid:A3:2D:A7:89:98:87:AA:C4:49:95:8B:B9:0E:B5:35:95:1A:97:3A:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oy2niZiHqsRJlYu5DrU1lRqXOgA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a388b6-43c6-4458-abf5-d3332f9044ec/1/oy2niZiHqsRJlYu5DrU1lRqXOgA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:f3:58:2e:fb:d0:37:92:6e:c2:cc:37:12:80:ab:8d:f8:d0:
         80:08:7f:bd:f9:90:f9:4d:ee:e1:0f:41:5b:30:ea:f0:5c:68:
         91:40:bb:43:b6:31:2e:32:40:48:0c:d1:8f:4e:de:ef:7e:b9:
         fa:e0:62:44:ef:3f:13:65:45:ab:4a:fe:8c:a1:93:50:fc:75:
         6a:6b:82:ba:b0:1d:3e:e6:a8:fc:85:4e:b5:55:9e:8f:66:d6:
         92:ff:53:97:cf:03:2d:62:90:92:24:ec:26:66:43:46:75:e1:
         36:3f:54:b4:e0:1e:b0:b3:d5:eb:cf:1f:d6:37:64:9f:a7:1a:
         e9:2d:ef:4d:c9:c3:de:bc:c9:0b:9d:f6:41:91:39:2b:22:a5:
         60:95:c1:22:d2:82:c5:64:95:49:62:83:00:ee:17:fe:7b:da:
         51:d2:f8:8c:80:9e:ad:c1:b1:c1:8b:18:d3:79:30:70:95:24:
         f4:80:80:7c:7a:a0:8c:b3:26:86:84:88:d4:08:4e:db:8f:25:
         50:9a:79:fa:69:b4:60:94:46:72:4b:aa:b3:c6:51:d8:62:39:
         c9:31:b6:3e:51:a0:ce:3f:98:ed:6d:74:41:f0:2a:79:1f:7f:
         a5:6c:b8:da:0d:ef:8e:80:3f:3c:05:18:af:01:33:16:24:fb:
         3a:ec:40:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U3dnVwz7fmFplYaS7q40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMmRhNzg5OTg4N2FhYzQ0OTk1OGJiOTBlYjUzNTk1MWE5
NzNhMDAwHhcNMjYwMzI5MTYwMDQxWhcNMjYwMzMwMTYwMDQxWjAzMTEwLwYDVQQD
EyhkYjdlMDgzOGMwYjFjZDAyNDViNzA2NTA4ZWYyNWMxYTYzNTA1NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOIByYBIlPFm8BNJ5PZItnX54Q8o
Ny5FBgJk0/xEVvrK7iT8PSJBmSWpKASKAiQTqArVMwqSVJuIAzyKy3ShBK7n+h6+
eAvQfkCVRlppw2kmeWuPHWc23xIniT+7cuYP4slIXX9TS4oFfGzsU1G+wFAP2pyo
XktEqkYV3m0sWoS3rVhQVcFIDLhoxJhqvGkEWeYWzJ4UQ8brLg48FTnHUbq+loTc
T4LYeZi1b2Ur67l0kmVMOiDgw9vSclm7nUJvpXi+4qeeyKZHmpoJ3ESTRXTSM0Ev
y2HECzcmnApmpx3vTbya5i+4iW7i9N//qOzMozhf+6vd3ciFQhcV+YVc5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNt+CDjAsc0CRbcGUI7yXBpjUFTxMB8GA1UdIwQY
MBaAFKMtp4mYh6rESZWLuQ61NZUalzoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUt
ZDMzMzJmOTA0NGVjLzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMzg4YjYtNDNjNi00NDU4LWFiZjUtZDMzMzJmOTA0NGVj
LzEvb3kybmlaaUhxc1JKbFl1NURyVTFsUnFYT2dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPNYLvvQ
N5Juwsw3EoCrjfjQgAh/vfmQ+U3u4Q9BWzDq8FxokUC7Q7YxLjJASAzRj07e7365
+uBiRO8/E2VFq0r+jKGTUPx1amuCurAdPuao/IVOtVWej2bWkv9Tl88DLWKQkiTs
JmZDRnXhNj9UtOAesLPV688f1jdkn6ca6S3vTcnD3rzJC532QZE5KyKlYJXBItKC
xWSVSWKDAO4X/nvaUdL4jICercGxwYsY03kwcJUk9ICAfHqgjLMmhoSI1AhO248l
UJp5+mm0YJRGckuqs8ZR2GI5yTG2PlGgzj+Y7W10QfAqeR9/pWy42g3vjoA/PAUY
rwEzFiT7OuxAQA==
-----END CERTIFICATE-----