Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
File:                     oWhu-kcXfglRrIjFZNj4hQvuxdA.mft (raw, json)
Hash identifier:          uoedKECIhL17l2BYB3z41ByeSq52CYixrqxt9es2FMM=
Subject key identifier:   D1:1B:06:C6:6A:3C:0B:DC:F3:69:28:11:CC:AE:1A:16:2A:B5:9B:C6
Authority key identifier: A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0
Certificate issuer:       /CN=a1686efa47177e0951ac88c564d8f8850beec5d0
Certificate serial:       019D390998C5EF910FBF36B737385996CBA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
Manifest number:          0F1F
Signing time:             Sun 29 Mar 2026 10:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:23 +0000
Files and hashes:         1: oWhu-kcXfglRrIjFZNj4hQvuxdA.crl (hash: R6MvpZsIZgqWN3a3MSkIToo3P4j+4xK3iBkRodZpnNM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:98:c5:ef:91:0f:bf:36:b7:37:38:59:96:cb:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1686efa47177e0951ac88c564d8f8850beec5d0
        Validity
            Not Before: Mar 29 10:00:23 2026 GMT
            Not After : Mar 30 10:00:23 2026 GMT
        Subject: CN=d11b06c66a3c0bdcf3692811ccae1a162ab59bc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9f:e4:a0:7c:6b:e9:8e:8b:45:99:d6:0d:87:
                    2e:53:fe:80:ec:72:69:0e:26:a4:cd:9b:cc:bd:cf:
                    44:9a:63:1e:fc:ca:c9:60:12:5e:46:bb:9b:db:fc:
                    bd:9b:d3:4a:00:82:90:e8:4b:12:6e:35:2c:ee:73:
                    22:f4:d4:f6:eb:46:73:b8:35:d5:1b:87:44:58:50:
                    1c:f8:f8:1e:d4:a5:84:02:b9:c6:84:d7:38:1c:98:
                    02:34:50:0a:99:ee:b8:15:8f:f8:af:c3:7b:d5:d9:
                    98:37:80:dc:b0:bd:f8:41:6b:ca:40:d8:95:39:f0:
                    f7:77:83:41:4c:1b:57:97:59:71:f0:da:fe:58:27:
                    ce:9f:98:b9:67:81:0b:87:df:be:38:bc:d9:3c:1c:
                    05:44:c4:4f:33:66:98:06:88:d7:f4:78:61:d7:31:
                    5d:d2:b7:6c:c0:52:4e:66:2e:0f:67:1e:1f:41:1b:
                    f2:15:0c:ee:df:3d:41:57:3e:26:63:72:54:2d:9d:
                    e4:c4:00:b3:45:78:32:b2:c9:b9:29:d9:8e:72:bf:
                    08:e1:fb:3f:2a:89:ae:5c:52:9d:b9:69:e6:3d:c0:
                    1a:b3:fe:23:2f:e9:e8:22:8f:e2:a4:da:1b:ed:11:
                    3c:d9:b7:9f:03:49:08:d9:3f:39:65:7d:77:4c:aa:
                    e9:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:1B:06:C6:6A:3C:0B:DC:F3:69:28:11:CC:AE:1A:16:2A:B5:9B:C6
            X509v3 Authority Key Identifier:
                keyid:A1:68:6E:FA:47:17:7E:09:51:AC:88:C5:64:D8:F8:85:0B:EE:C5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWhu-kcXfglRrIjFZNj4hQvuxdA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/11d198-854f-4883-ab90-ca41b33b883a/1/oWhu-kcXfglRrIjFZNj4hQvuxdA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:08:f1:23:bc:0e:ea:91:a5:a3:d8:54:3d:12:da:03:ef:49:
         3a:08:8e:5d:85:58:36:7d:6c:ce:69:3d:56:94:f2:69:3c:6c:
         7d:ae:f2:9b:b4:56:66:e3:96:4f:26:6b:73:1a:41:d2:fd:89:
         bc:ba:5a:97:c9:2f:45:94:9c:b6:3d:cf:df:65:ff:fb:1d:a3:
         81:45:d8:52:5a:77:59:d9:ee:af:2f:c9:91:19:6f:66:45:cb:
         4b:b0:ef:d5:de:39:cb:4b:fc:58:5a:80:77:37:fb:21:78:ca:
         64:e1:b7:a9:96:13:1d:57:68:68:35:10:75:2f:69:2f:cf:83:
         94:94:3d:3a:62:d1:8f:9d:8d:88:75:1b:86:da:0d:fe:03:a6:
         fb:e9:da:a0:72:bb:fe:e1:38:47:ad:d7:93:41:59:bf:c3:b0:
         4a:18:02:08:bf:ac:cd:f6:18:f8:47:9b:1a:c4:f2:af:f2:e1:
         0b:61:3e:7f:48:da:cf:fe:d4:32:14:f5:49:51:f3:d8:db:cb:
         33:4f:33:9d:98:aa:39:5b:14:cb:ed:97:f2:ba:43:89:ea:54:
         8a:cb:b0:2f:b2:ba:c7:78:fe:d8:57:64:d2:56:e1:3a:9e:91:
         57:ec:29:45:7d:12:f7:f8:f1:e1:54:a8:a2:da:fb:52:b4:42:
         d3:57:4e:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZjF75EPvza3NzhZlsunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjg2ZWZhNDcxNzdlMDk1MWFjODhjNTY0ZDhmODg1MGJl
ZWM1ZDAwHhcNMjYwMzI5MTAwMDIzWhcNMjYwMzMwMTAwMDIzWjAzMTEwLwYDVQQD
EyhkMTFiMDZjNjZhM2MwYmRjZjM2OTI4MTFjY2FlMWExNjJhYjU5YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ/koHxr6Y6LRZnWDYcuU/6A7HJp
DiakzZvMvc9EmmMe/MrJYBJeRrub2/y9m9NKAIKQ6EsSbjUs7nMi9NT260ZzuDXV
G4dEWFAc+Pge1KWEArnGhNc4HJgCNFAKme64FY/4r8N71dmYN4DcsL34QWvKQNiV
OfD3d4NBTBtXl1lx8Nr+WCfOn5i5Z4ELh9++OLzZPBwFRMRPM2aYBojX9Hhh1zFd
0rdswFJOZi4PZx4fQRvyFQzu3z1BVz4mY3JULZ3kxACzRXgyssm5KdmOcr8I4fs/
KomuXFKduWnmPcAas/4jL+noIo/ipNob7RE82befA0kI2T85ZX13TKrp0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEbBsZqPAvc82koEcyuGhYqtZvGMB8GA1UdIwQY
MBaAFKFobvpHF34JUayIxWTY+IUL7sXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAt
Y2E0MWIzM2I4ODNhLzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMWQxOTgtODU0Zi00ODgzLWFiOTAtY2E0MWIzM2I4ODNh
LzEvb1dodS1rY1hmZ2xScklqRlpOajRoUXZ1eGRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwjxI7wO
6pGlo9hUPRLaA+9JOgiOXYVYNn1szmk9VpTyaTxsfa7ym7RWZuOWTyZrcxpB0v2J
vLpal8kvRZSctj3P32X/+x2jgUXYUlp3Wdnury/JkRlvZkXLS7Dv1d45y0v8WFqA
dzf7IXjKZOG3qZYTHVdoaDUQdS9pL8+DlJQ9OmLRj52NiHUbhtoN/gOm++naoHK7
/uE4R63Xk0FZv8OwShgCCL+szfYY+EebGsTyr/LhC2E+f0jaz/7UMhT1SVHz2NvL
M08znZiqOVsUy+2X8rpDiepUisuwL7K6x3j+2Fdk0lbhOp6RV+wpRX0S9/jx4VSo
otr7UrRC01dO2g==
-----END CERTIFICATE-----