Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          1us1eZG+WJg4arLRAwkQnIJOBENLt3giywOBbWx44sA=
Subject key identifier:   1B:D7:1C:B1:CA:A7:E8:AE:F4:38:4C:4B:64:71:A5:5C:EE:ED:6F:74
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       019EB922106128D045BDC5C11197436C22B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          1951
Signing time:             Fri 12 Jun 2026 00:01:17 +0000
Manifest this update:     Fri 12 Jun 2026 00:01:17 +0000
Manifest next update:     Sat 13 Jun 2026 00:01:17 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: qSythP2QizhGuazUlXzMem/qR01AezKpK59j2xx3Lxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 20:26:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b9:22:10:61:28:d0:45:bd:c5:c1:11:97:43:6c:22:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: Jun 12 00:01:17 2026 GMT
            Not After : Jun 13 00:01:17 2026 GMT
        Subject: CN=1bd71cb1caa7e8aef4384c4b6471a55ceeed6f74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d9:0e:a1:c7:0e:ef:a6:6c:cb:eb:df:8c:d1:
                    20:c2:86:d2:08:e0:82:cb:91:e1:ff:e7:9c:2c:18:
                    86:9d:8a:fc:52:52:43:ea:b4:a0:9e:e1:d5:80:52:
                    f1:ee:b2:60:ca:21:64:ae:20:c1:4e:6a:ff:a7:3a:
                    b6:3e:83:d6:4d:bf:5c:8d:3e:42:45:82:9f:85:86:
                    1e:93:4d:90:ea:6d:d3:b1:6a:0f:8c:60:d8:f9:96:
                    b0:69:48:a0:7b:ac:35:dd:b6:e6:d4:1e:32:fd:aa:
                    cd:8e:57:1d:12:cf:bb:7e:2f:e4:19:8a:97:81:ea:
                    6d:6b:e1:cc:5a:e0:23:41:12:0f:1c:28:a9:dd:e8:
                    d5:e9:92:4d:9d:20:46:25:6a:80:2b:a8:d1:ae:cc:
                    c3:bf:7b:d2:58:51:27:15:a3:6d:63:be:b0:d4:34:
                    3a:01:b2:c1:70:d2:c7:d3:09:8c:25:05:28:d1:c5:
                    9a:7f:84:a3:d7:d4:d7:f7:04:70:28:12:02:eb:6d:
                    32:ee:40:98:dd:1c:42:8e:20:4c:89:ea:24:9d:e2:
                    e1:a5:f7:15:34:1f:c2:a9:1a:48:d1:b0:19:f5:2d:
                    e5:33:b9:e6:07:62:f8:a0:ae:3b:8f:6c:30:f9:48:
                    d7:ce:b0:d1:7f:de:82:87:b0:ee:4a:e9:4f:24:40:
                    0d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:D7:1C:B1:CA:A7:E8:AE:F4:38:4C:4B:64:71:A5:5C:EE:ED:6F:74
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:d0:40:66:3a:db:22:56:16:71:f9:e8:89:c8:c7:d4:07:f2:
         72:11:f7:87:88:b0:6b:4a:d2:b9:26:18:b0:0e:89:44:ff:7f:
         79:ed:b4:a5:be:81:e5:aa:80:51:45:eb:60:35:57:14:c5:71:
         78:62:3c:2f:eb:eb:ab:ff:56:63:b9:e3:e7:ac:20:47:5d:e7:
         9c:f4:5c:0a:de:f0:06:09:57:15:d4:cc:b8:c3:e2:20:1e:4d:
         85:63:d3:6d:94:8a:0d:a3:30:f5:17:96:85:9e:1c:5f:cf:36:
         98:5e:1f:88:69:c2:9b:25:71:eb:7b:9a:36:51:23:b7:4f:14:
         3c:e9:84:c4:9e:7c:00:26:ff:bd:93:a5:de:0e:8b:67:06:a6:
         7a:aa:a9:04:9e:54:64:8f:23:57:a8:27:5a:8a:27:dc:9f:ee:
         ab:6f:d5:90:c6:78:be:e6:c2:88:eb:ed:40:e1:20:a7:4c:8e:
         98:8d:54:94:06:74:a1:34:54:a2:f0:ae:db:da:20:a2:8b:74:
         46:45:25:24:66:3e:89:e1:e9:8c:83:a5:14:41:a2:70:54:a8:
         1d:82:6d:e1:9e:41:6e:82:37:42:a5:db:e4:80:49:d3:c5:cb:
         45:32:a5:ec:51:9a:3a:c0:c9:a4:e1:96:86:05:05:03:6b:15:
         1b:de:30:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ65IhBhKNBFvcXBEZdDbCK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjYwNjEyMDAwMTE3WhcNMjYwNjEzMDAwMTE3WjAzMTEwLwYDVQQD
EygxYmQ3MWNiMWNhYTdlOGFlZjQzODRjNGI2NDcxYTU1Y2VlZWQ2Zjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNkOoccO76Zsy+vfjNEgwobSCOCC
y5Hh/+ecLBiGnYr8UlJD6rSgnuHVgFLx7rJgyiFkriDBTmr/pzq2PoPWTb9cjT5C
RYKfhYYek02Q6m3TsWoPjGDY+ZawaUige6w13bbm1B4y/arNjlcdEs+7fi/kGYqX
gepta+HMWuAjQRIPHCip3ejV6ZJNnSBGJWqAK6jRrszDv3vSWFEnFaNtY76w1DQ6
AbLBcNLH0wmMJQUo0cWaf4Sj19TX9wRwKBIC620y7kCY3RxCjiBMieokneLhpfcV
NB/CqRpI0bAZ9S3lM7nmB2L4oK47j2ww+UjXzrDRf96Ch7DuSulPJEANPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvXHLHKp+iu9DhMS2RxpVzu7W90MB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzdBAZjrb
IlYWcfnoicjH1AfychH3h4iwa0rSuSYYsA6JRP9/ee20pb6B5aqAUUXrYDVXFMVx
eGI8L+vrq/9WY7nj56wgR13nnPRcCt7wBglXFdTMuMPiIB5NhWPTbZSKDaMw9ReW
hZ4cX882mF4fiGnCmyVx63uaNlEjt08UPOmExJ58ACb/vZOl3g6LZwameqqpBJ5U
ZI8jV6gnWoon3J/uq2/VkMZ4vubCiOvtQOEgp0yOmI1UlAZ0oTRUovCu29ogoot0
RkUlJGY+ieHpjIOlFEGicFSoHYJt4Z5BboI3QqXb5IBJ08XLRTKl7FGaOsDJpOGW
hgUFA2sVG94wNQ==
-----END CERTIFICATE-----