Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          5GomCDLyeWJYY00Tp8GL5Rj+EQ2l5OZKR3x/dwk5xLY=
Subject key identifier:   E0:E0:50:B7:FF:C5:C4:14:8E:3C:C1:65:07:92:19:1B:D7:EB:43:B1
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       019EB73317E938D4CDB03C42F412D11FC550
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          1952
Signing time:             Thu 11 Jun 2026 15:00:39 +0000
Manifest this update:     Thu 11 Jun 2026 15:00:39 +0000
Manifest next update:     Fri 12 Jun 2026 15:00:39 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: ly17y1PtWZPGUjXTK9mhEpFf3Pokk8QfgkWnkJWlINI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 12 Jun 2026 15:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:b7:33:17:e9:38:d4:cd:b0:3c:42:f4:12:d1:1f:c5:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: Jun 11 15:00:39 2026 GMT
            Not After : Jun 12 15:00:39 2026 GMT
        Subject: CN=e0e050b7ffc5c4148e3cc1650792191bd7eb43b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:54:c1:4e:a3:68:f1:c7:c4:8a:e2:5f:66:36:
                    1b:11:d2:df:10:94:6a:5d:04:db:b6:6a:21:53:39:
                    db:51:0a:0d:a6:e0:6d:29:c7:12:bc:d3:1f:5d:5e:
                    39:75:6e:ec:fe:34:14:c8:91:8b:5e:4d:d6:ba:05:
                    8f:03:32:7c:b2:41:a9:b9:1e:c2:17:8e:b4:d3:80:
                    ad:ff:db:40:04:a3:f1:05:82:6b:f1:37:bd:40:8a:
                    a0:39:3e:84:2e:92:fe:1a:2f:dd:04:c8:7c:9d:f7:
                    94:c9:f3:40:92:d4:5d:7c:32:44:e6:44:be:3e:d1:
                    d8:ce:66:2b:a9:3e:b8:b1:de:ec:58:9f:15:6a:ad:
                    ea:d2:0c:c1:5d:3c:8e:77:c6:9e:21:d7:59:5a:a8:
                    98:6a:11:3b:fa:e3:08:b7:62:ac:6d:cb:69:a0:27:
                    c7:d8:2c:05:3d:44:85:ca:5f:14:68:61:42:b6:48:
                    35:b0:b0:65:53:4f:a1:ba:9d:90:52:c3:61:32:5d:
                    51:f6:c5:64:4b:07:f0:cc:74:ca:bf:3f:52:28:e1:
                    a4:e2:85:b0:a5:fe:9e:c9:25:7f:5a:30:94:ed:2c:
                    f7:7d:44:35:31:d4:8a:9e:3c:e9:52:ff:3a:e9:ba:
                    f7:2a:f9:cb:fd:9e:73:4a:52:03:aa:e9:49:95:a8:
                    3b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:E0:50:B7:FF:C5:C4:14:8E:3C:C1:65:07:92:19:1B:D7:EB:43:B1
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:36:6a:98:90:5f:35:b3:20:1f:bb:38:a2:e3:79:61:67:74:
         02:cf:54:76:72:3a:67:95:f9:3a:e7:46:0f:9c:7c:07:6e:36:
         27:8d:93:62:37:fc:a0:a9:87:02:42:0c:46:b8:53:4c:16:a4:
         42:53:84:7b:9b:8e:ab:da:e4:53:cb:48:03:be:9a:d0:a9:8e:
         3d:3b:ec:56:7c:da:02:69:56:8f:f2:cf:85:41:da:56:5e:a7:
         a2:f2:70:bf:67:17:fd:54:a2:41:a0:6e:ff:71:b5:d0:82:dd:
         95:a3:76:c1:7c:2e:92:50:77:b8:7f:36:d4:94:f5:65:a4:3c:
         37:8a:c2:01:ba:e5:0e:ac:65:1e:4e:ac:c7:07:1a:d5:c9:b8:
         b4:01:d3:ec:b3:19:7d:3e:e4:20:97:43:e8:d2:58:3b:57:84:
         50:9d:35:c5:6a:a2:d8:55:89:7b:17:fa:71:73:ef:fd:fc:e3:
         12:f3:1b:03:2c:14:4e:e7:b5:f7:ac:48:01:d2:70:dc:48:5b:
         1b:e6:fd:db:e9:69:17:58:f2:80:c5:75:26:c0:ff:4e:f7:ec:
         80:b0:1e:05:1a:77:bf:5a:86:66:b0:4a:40:10:ef:b4:23:cc:
         8f:84:24:41:f0:81:9c:8d:c0:d7:86:ca:6c:20:63:0d:c3:b3:
         c5:51:d1:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ63MxfpONTNsDxC9BLRH8VQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjYwNjExMTUwMDM5WhcNMjYwNjEyMTUwMDM5WjAzMTEwLwYDVQQD
EyhlMGUwNTBiN2ZmYzVjNDE0OGUzY2MxNjUwNzkyMTkxYmQ3ZWI0M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1TBTqNo8cfEiuJfZjYbEdLfEJRq
XQTbtmohUznbUQoNpuBtKccSvNMfXV45dW7s/jQUyJGLXk3WugWPAzJ8skGpuR7C
F46004Ct/9tABKPxBYJr8Te9QIqgOT6ELpL+Gi/dBMh8nfeUyfNAktRdfDJE5kS+
PtHYzmYrqT64sd7sWJ8Vaq3q0gzBXTyOd8aeIddZWqiYahE7+uMIt2KsbctpoCfH
2CwFPUSFyl8UaGFCtkg1sLBlU0+hup2QUsNhMl1R9sVkSwfwzHTKvz9SKOGk4oWw
pf6eySV/WjCU7Sz3fUQ1MdSKnjzpUv866br3KvnL/Z5zSlIDqulJlag7qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODgULf/xcQUjjzBZQeSGRvX60OxMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlzZqmJBf
NbMgH7s4ouN5YWd0As9UdnI6Z5X5OudGD5x8B242J42TYjf8oKmHAkIMRrhTTBak
QlOEe5uOq9rkU8tIA76a0KmOPTvsVnzaAmlWj/LPhUHaVl6novJwv2cX/VSiQaBu
/3G10ILdlaN2wXwuklB3uH821JT1ZaQ8N4rCAbrlDqxlHk6sxwca1cm4tAHT7LMZ
fT7kIJdD6NJYO1eEUJ01xWqi2FWJexf6cXPv/fzjEvMbAywUTue196xIAdJw3Ehb
G+b92+lpF1jygMV1JsD/TvfsgLAeBRp3v1qGZrBKQBDvtCPMj4QkQfCBnI3A14bK
bCBjDcOzxVHRlw==
-----END CERTIFICATE-----