Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          2KjQUmi7Ciaa0aFVf/UEBCfQ3oe5SA7he+O/PUtJIW8=
Subject key identifier:   9F:67:9D:13:63:54:5B:94:54:23:8C:82:41:16:99:85:B9:7A:48:DD
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       019D37C0DE1DEDEF2BCF1CED27AD023BDC0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          181A
Signing time:             Sun 29 Mar 2026 04:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:19 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: zHjZe5yT0tXYqGgd1nA6j0ST+mrJw7icLMLwTrwEj6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:de:1d:ed:ef:2b:cf:1c:ed:27:ad:02:3b:dc:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: Mar 29 04:01:19 2026 GMT
            Not After : Mar 30 04:01:19 2026 GMT
        Subject: CN=9f679d1363545b9454238c8241169985b97a48dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:9f:7a:53:bc:ab:47:a3:bf:6f:53:33:04:9c:
                    4c:e8:e9:fb:41:83:87:35:e8:7f:63:d7:94:53:94:
                    5b:98:2d:78:33:72:e4:45:01:10:83:2e:70:53:29:
                    9d:e2:9a:ec:9e:29:1e:bb:f7:7a:5d:f1:a1:b9:c8:
                    48:e9:8d:a2:5a:9f:95:92:de:6d:5b:df:83:fb:2d:
                    25:b9:e5:6c:f8:22:35:6e:c0:c5:af:5b:3e:c6:76:
                    4c:90:95:c2:f2:87:4a:81:44:b6:f8:45:2b:36:59:
                    79:4b:a5:87:e1:ab:75:3c:31:c0:bc:46:aa:0b:ac:
                    ff:b7:f1:0a:e1:02:3c:92:eb:49:7d:f4:29:d9:bd:
                    c1:59:b0:95:6f:8f:23:d4:d5:ad:0f:b0:7b:51:29:
                    fd:83:e1:e3:27:2d:4e:c0:5a:1d:0f:07:6d:7d:8d:
                    3a:4b:c3:92:53:dd:87:68:92:c3:77:98:a3:84:5d:
                    1a:a2:36:d4:9e:d7:4e:74:ed:e1:eb:20:b6:c7:29:
                    b4:b4:01:8b:33:4b:ff:70:08:fe:62:06:39:1e:77:
                    d2:76:8d:07:7b:64:ac:df:5b:b2:42:2b:40:25:c6:
                    1b:14:d1:a0:3c:e9:39:91:b8:95:01:2d:87:fd:d3:
                    79:7d:30:e9:77:15:4d:a7:62:c5:29:a6:23:16:40:
                    3a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:67:9D:13:63:54:5B:94:54:23:8C:82:41:16:99:85:B9:7A:48:DD
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:f3:98:e1:23:0b:eb:6a:3e:49:a6:ca:a6:fb:6d:4a:af:19:
         c6:16:1d:ae:a9:0a:bd:02:b5:46:30:e9:3e:7c:be:4b:cd:fe:
         f1:1f:24:4e:10:a6:e7:f0:4a:9b:56:f4:d8:a1:f0:ba:f5:01:
         fd:45:d3:8b:07:d2:d5:99:2b:fe:40:34:68:1f:fb:bd:c3:4b:
         63:f2:5e:21:78:aa:b3:86:cc:5f:77:d6:25:52:75:6b:88:bb:
         f6:22:e4:4b:a2:9e:fa:ae:5f:56:e4:85:cd:63:be:04:00:3d:
         82:bd:ca:ff:22:69:f0:61:bd:2f:63:81:43:5b:48:73:a7:fd:
         51:9e:08:41:3d:43:c4:19:52:70:0e:53:89:4d:48:67:55:aa:
         38:bf:8b:20:2a:47:1f:44:7f:91:58:90:cc:79:db:1e:d7:c7:
         30:64:2d:fc:4b:86:e1:05:e9:9e:06:8c:22:b6:a6:0c:56:ec:
         24:49:aa:74:3c:c8:70:7c:f7:c8:37:45:6a:5e:46:ef:d9:e8:
         ad:f8:5d:8d:6f:ba:00:78:de:b8:58:b2:06:63:b6:c0:d1:a2:
         75:23:94:14:32:f3:f8:7e:ba:10:23:47:de:7e:87:68:09:dd:
         aa:05:da:58:08:a8:4b:c8:79:45:f6:bb:d1:ce:89:47:60:70:
         6f:12:1f:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wN4d7e8rzxztJ60CO9wNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjYwMzI5MDQwMTE5WhcNMjYwMzMwMDQwMTE5WjAzMTEwLwYDVQQD
Eyg5ZjY3OWQxMzYzNTQ1Yjk0NTQyMzhjODI0MTE2OTk4NWI5N2E0OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp96U7yrR6O/b1MzBJxM6On7QYOH
Neh/Y9eUU5RbmC14M3LkRQEQgy5wUymd4prsnikeu/d6XfGhuchI6Y2iWp+Vkt5t
W9+D+y0lueVs+CI1bsDFr1s+xnZMkJXC8odKgUS2+EUrNll5S6WH4at1PDHAvEaq
C6z/t/EK4QI8kutJffQp2b3BWbCVb48j1NWtD7B7USn9g+HjJy1OwFodDwdtfY06
S8OSU92HaJLDd5ijhF0aojbUntdOdO3h6yC2xym0tAGLM0v/cAj+YgY5HnfSdo0H
e2Ss31uyQitAJcYbFNGgPOk5kbiVAS2H/dN5fTDpdxVNp2LFKaYjFkA6mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9nnRNjVFuUVCOMgkEWmYW5ekjdMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmPOY4SML
62o+SabKpvttSq8ZxhYdrqkKvQK1RjDpPny+S83+8R8kThCm5/BKm1b02KHwuvUB
/UXTiwfS1Zkr/kA0aB/7vcNLY/JeIXiqs4bMX3fWJVJ1a4i79iLkS6Ke+q5fVuSF
zWO+BAA9gr3K/yJp8GG9L2OBQ1tIc6f9UZ4IQT1DxBlScA5TiU1IZ1WqOL+LICpH
H0R/kViQzHnbHtfHMGQt/EuG4QXpngaMIramDFbsJEmqdDzIcHz3yDdFal5G79no
rfhdjW+6AHjeuFiyBmO2wNGidSOUFDLz+H66ECNH3n6HaAndqgXaWAioS8h5Rfa7
0c6JR2BwbxIfGw==
-----END CERTIFICATE-----