Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          TtQsByRgfpGr7VMvJDC8piZWh1aGlKtDzmBWfV0f3TQ=
Subject key identifier:   66:E6:66:1F:43:7E:8C:C5:45:41:58:D0:89:72:A0:9A:63:73:A2:F5
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       019D38D2FE9BECD4A32F284CD3F90E445898
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 09:00:44 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:44 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:44 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: fRaY0BdE9uGj246wEA5DFSc0BLRkzspgBH8DQ9Pfe+0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:fe:9b:ec:d4:a3:2f:28:4c:d3:f9:0e:44:58:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: Mar 29 09:00:44 2026 GMT
            Not After : Mar 30 09:00:44 2026 GMT
        Subject: CN=66e6661f437e8cc5454158d08972a09a6373a2f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:94:d9:b0:09:ec:3d:da:12:34:49:8c:e2:46:
                    ab:9c:e7:25:9c:9d:ae:e0:f3:25:5b:85:52:15:7f:
                    75:0a:47:c5:0a:b9:70:e6:87:d8:35:cc:20:54:7b:
                    bf:96:c6:d5:c2:41:66:56:27:28:ec:b4:f1:2b:02:
                    fc:ec:e3:da:94:e8:a7:5c:2f:5d:9b:49:44:61:5a:
                    ef:a8:4c:a5:95:5d:a0:e4:7f:9c:a9:d6:9b:65:10:
                    23:4f:6b:62:6c:a5:54:6f:5e:f3:8c:f1:a4:6b:ce:
                    45:a9:77:b4:af:4e:5c:6b:6f:29:11:ec:c9:45:18:
                    b1:51:08:cb:79:75:6e:0a:de:a0:1f:67:d3:2c:29:
                    97:db:11:f4:73:62:15:ee:c4:51:35:e3:8e:44:bb:
                    01:04:a4:ac:89:12:fb:4d:b2:4d:1d:22:ab:ca:5f:
                    0b:91:78:99:72:88:9c:f2:5e:33:53:b4:8c:25:02:
                    81:bd:6f:44:30:0f:83:2a:b7:78:c9:55:d0:60:16:
                    52:69:68:4c:4c:25:2a:30:00:31:54:df:f8:13:62:
                    bc:b1:bc:6f:60:59:1c:1d:cb:90:7c:c1:9c:4c:85:
                    73:6e:82:ae:03:4d:05:5e:df:36:ff:c1:25:36:73:
                    6f:c3:fe:e7:3a:1f:a8:2d:fc:2e:ce:86:e8:c4:9c:
                    4a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E6:66:1F:43:7E:8C:C5:45:41:58:D0:89:72:A0:9A:63:73:A2:F5
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:87:ca:78:f6:b7:e6:3b:a7:36:0f:62:e8:1a:c9:7e:85:cb:
         94:12:be:fd:f6:0f:fc:12:5d:e0:9d:42:7e:de:21:5d:6a:6d:
         23:df:fb:ed:df:11:be:87:e4:3b:92:5a:bb:79:0f:f0:59:db:
         5f:d1:7a:6c:ea:02:64:b4:77:ea:f9:86:7e:3f:2b:c5:3b:55:
         68:c8:ef:5d:97:72:19:c7:18:ce:c3:30:e6:09:06:c4:ec:6c:
         46:bd:a2:f6:1d:09:56:e6:ce:cb:24:7a:3f:36:09:d5:c3:59:
         d4:43:af:8d:65:31:56:99:fe:98:28:70:ad:e8:2d:3f:85:1c:
         f0:c0:4d:4b:30:68:77:ef:86:28:cc:fa:9d:cd:f1:66:1b:ee:
         af:b0:1a:3b:c7:cf:fa:fc:8b:fa:29:60:61:6f:12:a3:74:78:
         f5:f4:ca:f4:eb:ec:2a:ff:09:70:27:b2:46:64:64:db:a8:6a:
         cd:64:70:1a:e1:64:a0:01:ff:8d:ef:72:5c:3d:5d:0a:a0:2c:
         b8:41:a8:85:66:e7:a5:6b:ad:65:dd:32:b0:86:b5:03:38:35:
         f8:58:40:9b:43:e5:c9:7c:1d:bf:a6:5c:e7:ea:d0:37:f5:fc:
         c0:7a:ec:8a:e5:f8:c0:92:e3:ef:ec:e6:c3:17:74:d9:97:d2:
         f5:d0:f5:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040v6b7NSjLyhM0/kORFiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjYwMzI5MDkwMDQ0WhcNMjYwMzMwMDkwMDQ0WjAzMTEwLwYDVQQD
Eyg2NmU2NjYxZjQzN2U4Y2M1NDU0MTU4ZDA4OTcyYTA5YTYzNzNhMmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpTZsAnsPdoSNEmM4karnOclnJ2u
4PMlW4VSFX91CkfFCrlw5ofYNcwgVHu/lsbVwkFmVico7LTxKwL87OPalOinXC9d
m0lEYVrvqEyllV2g5H+cqdabZRAjT2tibKVUb17zjPGka85FqXe0r05ca28pEezJ
RRixUQjLeXVuCt6gH2fTLCmX2xH0c2IV7sRRNeOORLsBBKSsiRL7TbJNHSKryl8L
kXiZcoic8l4zU7SMJQKBvW9EMA+DKrd4yVXQYBZSaWhMTCUqMAAxVN/4E2K8sbxv
YFkcHcuQfMGcTIVzboKuA00FXt82/8ElNnNvw/7nOh+oLfwuzoboxJxKVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbmZh9DfozFRUFY0IlyoJpjc6L1MB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIofKePa3
5junNg9i6BrJfoXLlBK+/fYP/BJd4J1Cft4hXWptI9/77d8RvofkO5Jau3kP8Fnb
X9F6bOoCZLR36vmGfj8rxTtVaMjvXZdyGccYzsMw5gkGxOxsRr2i9h0JVubOyyR6
PzYJ1cNZ1EOvjWUxVpn+mChwregtP4Uc8MBNSzBod++GKMz6nc3xZhvur7AaO8fP
+vyL+ilgYW8So3R49fTK9OvsKv8JcCeyRmRk26hqzWRwGuFkoAH/je9yXD1dCqAs
uEGohWbnpWutZd0ysIa1Azg1+FhAm0PlyXwdv6Zc5+rQN/X8wHrsiuX4wJLj7+zm
wxd02ZfS9dD1AQ==
-----END CERTIFICATE-----