Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
File:                     OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft (raw, json)
Hash identifier:          gAkeaRTYKHVAQlyj3TNTbSrElXifWrQ5qhtm0OqrUyQ=
Subject key identifier:   4D:53:8D:4F:AA:F2:B2:18:0D:2D:3E:7D:74:5E:31:A2:89:40:94:E2
Authority key identifier: 38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9
Certificate issuer:       /CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
Certificate serial:       019D3909837A69A81E836A8B429FDBF6222F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
Manifest number:          0496
Signing time:             Sun 29 Mar 2026 10:00:17 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:17 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:17 +0000
Files and hashes:         1: OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl (hash: VWWVlWsKW0PHXJ4xWo9oDoSvJfjf0Tw7HhCL08JNnJ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:83:7a:69:a8:1e:83:6a:8b:42:9f:db:f6:22:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38ba0b9d0f1f674b1397cfcea6dd4680c8351af9
        Validity
            Not Before: Mar 29 10:00:17 2026 GMT
            Not After : Mar 30 10:00:17 2026 GMT
        Subject: CN=4d538d4faaf2b2180d2d3e7d745e31a2894094e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ce:78:6c:eb:10:fb:76:e9:74:3a:43:b3:cb:
                    84:9c:05:0d:ab:89:42:ce:d1:25:32:74:af:d3:4d:
                    48:f9:c3:37:e2:5d:e2:f5:b2:8d:97:6d:36:08:b4:
                    83:32:17:c4:9b:ed:5a:2f:de:86:57:29:25:13:99:
                    bf:9c:84:84:96:6d:7b:c7:c1:56:b0:7b:77:25:1c:
                    d1:8a:e0:4a:77:eb:a9:61:bd:30:64:15:f7:58:ff:
                    52:c6:e2:e8:56:91:59:7c:68:72:db:2d:05:d4:64:
                    12:1f:f1:c8:3b:78:58:d8:1e:98:4e:99:c3:3a:3e:
                    a8:34:d4:33:92:08:43:ae:08:17:97:a7:07:8a:d9:
                    ba:b2:da:9b:ac:25:91:f2:c5:25:7b:ae:34:7d:34:
                    9a:57:67:9d:17:25:3c:a8:9c:e3:f3:98:a3:15:25:
                    13:e3:cf:a2:e7:c0:43:3e:fc:89:5d:8b:8f:f4:46:
                    00:23:ff:77:4a:51:3e:c5:a4:bb:9d:7b:5b:af:31:
                    33:6a:6e:99:d0:04:3b:20:d0:f1:70:52:da:5c:27:
                    5b:1f:f3:3b:d3:60:cb:f2:4c:99:f8:c6:66:65:37:
                    90:dc:da:3f:c1:8e:e8:e7:c5:3b:6b:18:6a:b8:82:
                    7d:15:21:8d:59:32:12:ae:d8:72:53:a8:ce:ba:0e:
                    42:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:53:8D:4F:AA:F2:B2:18:0D:2D:3E:7D:74:5E:31:A2:89:40:94:E2
            X509v3 Authority Key Identifier:
                keyid:38:BA:0B:9D:0F:1F:67:4B:13:97:CF:CE:A6:DD:46:80:C8:35:1A:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/959dad-90c8-40b6-8740-2eedae0fa788/1/OLoLnQ8fZ0sTl8_Opt1GgMg1Gvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:45:fb:fa:b7:2c:21:70:ad:4d:1f:ec:59:61:68:84:d3:7a:
         4a:1b:f5:e8:68:ab:a4:65:cf:ae:65:c8:a5:79:fd:f4:30:78:
         3d:d2:21:de:6e:8b:28:47:07:93:5a:c9:ed:a8:48:f4:50:cb:
         6a:d6:98:ea:ba:ec:0a:a9:04:04:d7:9e:d7:6f:7e:d9:f1:83:
         44:fc:71:f4:2d:b4:d8:2d:fe:22:23:58:ef:1b:0e:11:fd:6f:
         75:34:9e:de:ee:d8:53:d2:20:df:08:ab:93:6f:59:9e:10:bb:
         4a:13:9f:08:d7:87:cb:3c:75:23:13:0d:07:8e:61:dc:20:e1:
         77:24:c0:c3:c6:b5:09:50:d2:e1:fe:f9:fd:12:e1:21:1e:8b:
         1b:d3:f4:23:27:d6:fa:a0:a0:9c:0a:9c:e4:d6:b0:aa:5f:a6:
         7b:38:60:2d:f9:db:37:b4:2f:ed:7e:3b:c0:7e:11:41:df:b0:
         62:d0:47:5c:24:26:17:a6:b5:8c:56:e9:84:ee:12:83:03:11:
         74:70:39:ca:ba:a7:29:da:3f:90:20:a0:6f:7d:97:1a:f2:18:
         ba:14:cc:32:a0:52:d0:a4:ed:3f:6c:99:dc:f2:a2:7f:03:51:
         e4:5c:b1:8e:ba:64:2a:ad:5a:3a:fb:ec:31:4b:ca:dd:97:c1:
         26:bb:3a:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYN6aageg2qLQp/b9iIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmEwYjlkMGYxZjY3NGIxMzk3Y2ZjZWE2ZGQ0NjgwYzgz
NTFhZjkwHhcNMjYwMzI5MTAwMDE3WhcNMjYwMzMwMTAwMDE3WjAzMTEwLwYDVQQD
Eyg0ZDUzOGQ0ZmFhZjJiMjE4MGQyZDNlN2Q3NDVlMzFhMjg5NDA5NGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0854bOsQ+3bpdDpDs8uEnAUNq4lC
ztElMnSv001I+cM34l3i9bKNl202CLSDMhfEm+1aL96GVyklE5m/nISElm17x8FW
sHt3JRzRiuBKd+upYb0wZBX3WP9SxuLoVpFZfGhy2y0F1GQSH/HIO3hY2B6YTpnD
Oj6oNNQzkghDrggXl6cHitm6stqbrCWR8sUle640fTSaV2edFyU8qJzj85ijFSUT
48+i58BDPvyJXYuP9EYAI/93SlE+xaS7nXtbrzEzam6Z0AQ7INDxcFLaXCdbH/M7
02DL8kyZ+MZmZTeQ3No/wY7o58U7axhquIJ9FSGNWTISrthyU6jOug5CbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1TjU+q8rIYDS0+fXReMaKJQJTiMB8GA1UdIwQY
MBaAFDi6C50PH2dLE5fPzqbdRoDINRr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAt
MmVlZGFlMGZhNzg4LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85NTlkYWQtOTBjOC00MGI2LTg3NDAtMmVlZGFlMGZhNzg4
LzEvT0xvTG5ROGZaMHNUbDhfT3B0MUdnTWcxR3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnUX7+rcs
IXCtTR/sWWFohNN6Shv16GirpGXPrmXIpXn99DB4PdIh3m6LKEcHk1rJ7ahI9FDL
ataY6rrsCqkEBNee129+2fGDRPxx9C202C3+IiNY7xsOEf1vdTSe3u7YU9Ig3wir
k29ZnhC7ShOfCNeHyzx1IxMNB45h3CDhdyTAw8a1CVDS4f75/RLhIR6LG9P0IyfW
+qCgnAqc5Nawql+mezhgLfnbN7Qv7X47wH4RQd+wYtBHXCQmF6a1jFbphO4SgwMR
dHA5yrqnKdo/kCCgb32XGvIYuhTMMqBS0KTtP2yZ3PKifwNR5FyxjrpkKq1aOvvs
MUvK3ZfBJrs6og==
-----END CERTIFICATE-----