Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          EFuWOBB0f096Sc9viN5L5c855lA0/yTHhZTD1t+eHfU=
Subject key identifier:   D3:0C:73:74:59:85:76:39:DF:E4:83:39:97:9F:A0:1A:28:92:27:30
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       019D38D3A0B243439DAAA26160752B7576F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:26 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: wqFMT8yan99F6jV0MaXdl8RMMhnYcWojekphb7k/kZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a0:b2:43:43:9d:aa:a2:61:60:75:2b:75:76:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Mar 29 09:01:26 2026 GMT
            Not After : Mar 30 09:01:26 2026 GMT
        Subject: CN=d30c737459857639dfe48339979fa01a28922730
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:7c:ad:62:d4:c9:7c:42:9b:b9:a2:42:06:ca:
                    91:fa:d5:17:8a:ad:64:9e:18:3b:50:d4:27:8a:a7:
                    d1:c3:31:b1:98:9c:4c:20:6f:f6:a0:eb:e3:84:93:
                    12:d8:b9:17:75:53:42:5c:ff:d6:3c:7e:49:aa:6e:
                    b9:20:ce:6b:c5:14:3c:a0:6a:25:28:df:46:a0:72:
                    df:f9:9b:96:91:98:11:64:dc:3b:4c:cf:76:da:27:
                    e3:f9:42:61:f8:49:b5:ca:df:a5:b5:7c:73:87:e4:
                    c5:52:1f:86:6d:b5:49:d3:f9:41:42:93:10:13:ae:
                    45:1c:32:39:e9:e5:d1:8b:d3:19:c3:91:d0:1d:0e:
                    f5:15:d8:af:f6:2b:67:68:5a:b5:37:5b:45:80:d4:
                    e5:96:39:e5:3f:e7:41:b3:07:0e:8e:f6:1e:88:95:
                    33:df:d7:1d:51:cc:22:7f:47:53:c6:8f:74:d5:2c:
                    65:2b:75:fd:84:ae:f3:ee:04:d9:6a:b6:69:5a:86:
                    20:d9:19:17:7e:95:fd:1b:c6:54:71:55:25:e5:c7:
                    78:f9:ff:e4:7c:34:ef:a1:a2:0d:a5:2c:80:38:4e:
                    4c:5e:67:d9:18:ab:7e:6d:f0:29:85:b2:3f:41:28:
                    81:3e:c4:60:ba:f2:99:0b:f5:21:02:7f:4a:92:24:
                    93:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:0C:73:74:59:85:76:39:DF:E4:83:39:97:9F:A0:1A:28:92:27:30
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:f5:b4:6c:24:69:a2:98:f1:d1:aa:3a:e2:cd:5f:b1:9c:11:
         b6:6c:aa:c9:5a:af:36:01:03:29:63:72:c1:cd:cf:d7:25:d2:
         a2:aa:71:ff:f0:ce:f3:71:34:22:f2:c5:45:20:75:ef:b7:48:
         e6:4a:64:a6:eb:af:af:47:d6:78:4d:f2:74:79:85:09:b5:b2:
         ef:cb:4a:53:ed:61:c2:8a:b6:e2:82:87:40:4a:67:f8:79:44:
         6a:07:4b:36:b6:e2:04:e3:d5:1c:26:31:b9:e1:4a:ab:0a:ab:
         44:63:3b:b6:d4:cb:56:93:ff:f7:26:10:45:95:56:19:50:e7:
         ca:46:e3:82:55:26:4a:7b:14:18:23:71:4a:a0:7c:99:4d:c8:
         5c:0d:d6:8a:f9:ed:71:70:5c:87:12:66:24:3a:c2:05:86:25:
         09:75:c6:c9:31:ff:af:85:b9:d0:0d:07:86:3c:d3:9d:b0:78:
         79:3e:bc:70:76:4c:af:84:ea:0a:26:d8:06:c2:0f:c1:94:15:
         61:ab:c4:af:74:b3:7b:3f:cc:c4:34:f6:cf:1f:cf:5a:20:2e:
         c6:77:90:a5:1b:56:2c:c1:78:ce:bb:4a:5b:0f:94:25:f0:d0:
         8c:71:cd:48:91:78:58:a5:3d:bb:ee:a6:c4:64:de:de:c8:a6:
         3b:04:7c:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406CyQ0OdqqJhYHUrdXb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjYwMzI5MDkwMTI2WhcNMjYwMzMwMDkwMTI2WjAzMTEwLwYDVQQD
EyhkMzBjNzM3NDU5ODU3NjM5ZGZlNDgzMzk5NzlmYTAxYTI4OTIyNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3ytYtTJfEKbuaJCBsqR+tUXiq1k
nhg7UNQniqfRwzGxmJxMIG/2oOvjhJMS2LkXdVNCXP/WPH5Jqm65IM5rxRQ8oGol
KN9GoHLf+ZuWkZgRZNw7TM922ifj+UJh+Em1yt+ltXxzh+TFUh+GbbVJ0/lBQpMQ
E65FHDI56eXRi9MZw5HQHQ71Fdiv9itnaFq1N1tFgNTlljnlP+dBswcOjvYeiJUz
39cdUcwif0dTxo901SxlK3X9hK7z7gTZarZpWoYg2RkXfpX9G8ZUcVUl5cd4+f/k
fDTvoaINpSyAOE5MXmfZGKt+bfAphbI/QSiBPsRguvKZC/UhAn9KkiSTYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMMc3RZhXY53+SDOZefoBookicwMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhfW0bCRp
opjx0ao64s1fsZwRtmyqyVqvNgEDKWNywc3P1yXSoqpx//DO83E0IvLFRSB177dI
5kpkpuuvr0fWeE3ydHmFCbWy78tKU+1hwoq24oKHQEpn+HlEagdLNrbiBOPVHCYx
ueFKqwqrRGM7ttTLVpP/9yYQRZVWGVDnykbjglUmSnsUGCNxSqB8mU3IXA3Wivnt
cXBchxJmJDrCBYYlCXXGyTH/r4W50A0HhjzTnbB4eT68cHZMr4TqCibYBsIPwZQV
YavEr3Szez/MxDT2zx/PWiAuxneQpRtWLMF4zrtKWw+UJfDQjHHNSJF4WKU9u+6m
xGTe3simOwR83g==
-----END CERTIFICATE-----