Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
File:                     oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft (raw, json)
Hash identifier:          Lj4hDNeEeI6O/lxcj/gfIBP6z8cxKxrAIKuVqF9Ef8I=
Subject key identifier:   E7:D7:A3:0E:BE:C4:3B:F7:36:D0:BE:5E:AF:89:CC:7B:13:48:86:F8
Authority key identifier: A1:A4:58:25:62:C3:13:5B:B5:2B:DB:96:14:5E:1A:D0:37:86:B1:48
Certificate issuer:       /CN=a1a4582562c3135bb52bdb96145e1ad03786b148
Certificate serial:       019D3865C348167353F91B414A80CB13826A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
Manifest number:          1634
Signing time:             Sun 29 Mar 2026 07:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:26 +0000
Files and hashes:         1: oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl (hash: bHHpYn5KdfUCv6Y86uzHwEMdQuJmSYDi8wbyB6ziK7U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:c3:48:16:73:53:f9:1b:41:4a:80:cb:13:82:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1a4582562c3135bb52bdb96145e1ad03786b148
        Validity
            Not Before: Mar 29 07:01:26 2026 GMT
            Not After : Mar 30 07:01:26 2026 GMT
        Subject: CN=e7d7a30ebec43bf736d0be5eaf89cc7b134886f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:30:8f:36:36:69:3b:64:0c:55:6d:ee:66:1c:
                    81:08:7f:85:86:67:b8:ff:13:dc:77:d0:89:d3:3c:
                    48:69:e1:92:1f:b3:37:25:fd:ad:18:ff:4e:d0:b3:
                    9e:d0:0a:2e:c2:50:00:7b:e8:3a:22:f2:9b:00:26:
                    0c:71:10:85:51:95:50:ec:1c:e2:aa:b8:dd:99:88:
                    92:3c:db:f8:44:d6:12:98:07:07:1d:4d:a4:cf:d1:
                    e4:8a:84:7a:7d:6d:9a:f0:b6:79:7d:70:ac:8f:87:
                    97:05:6b:c3:89:89:cc:d2:03:ca:42:a8:e3:34:97:
                    65:23:1b:e4:09:84:60:9e:c7:88:bf:02:ef:fa:3a:
                    76:fa:cc:e4:82:ef:e7:a3:51:50:dc:d9:27:df:e0:
                    84:11:e0:14:a6:61:5a:e3:73:8a:1f:6f:f9:ff:9a:
                    cd:ac:fd:bd:5c:4f:50:70:5a:52:b3:d2:5f:f8:43:
                    2b:b8:28:b6:5f:e9:4f:30:4d:36:79:b8:e2:9c:80:
                    e6:72:e5:f6:42:3f:58:8c:79:43:ae:e5:1f:08:4d:
                    f2:c6:b1:b5:8b:2b:f9:df:5e:8f:b6:74:c2:ec:3c:
                    d7:19:16:f2:29:da:07:b8:6d:ec:1b:61:13:e3:06:
                    4d:43:37:51:4f:cd:0e:44:31:0e:3f:77:07:0f:39:
                    21:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D7:A3:0E:BE:C4:3B:F7:36:D0:BE:5E:AF:89:CC:7B:13:48:86:F8
            X509v3 Authority Key Identifier:
                keyid:A1:A4:58:25:62:C3:13:5B:B5:2B:DB:96:14:5E:1A:D0:37:86:B1:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:69:78:d6:88:e4:c9:dc:35:1e:08:ad:f0:86:71:0e:19:10:
         e2:b2:b9:6c:68:56:4c:20:32:5a:00:2a:ad:cb:fc:41:3a:29:
         6d:e4:01:3e:48:8c:d7:43:d9:0e:00:4f:1e:2f:3f:95:0c:a6:
         78:b8:76:79:5c:a0:cb:66:dc:08:58:78:1a:da:5f:b6:d1:5d:
         32:ef:54:21:2a:63:81:4b:ec:f1:ac:d6:70:df:45:cc:95:3f:
         c0:66:fd:56:75:86:b2:7e:00:41:75:fd:23:9a:76:72:43:5a:
         ae:1f:90:16:21:df:ad:88:a7:02:e9:71:20:46:48:98:c1:0a:
         d3:8c:a0:8e:c1:05:93:cf:8b:9e:e9:af:18:2b:1e:c7:f6:96:
         91:8c:be:47:ae:90:9c:a6:42:dd:3c:76:a1:a1:e2:b0:18:3f:
         6f:df:91:ce:7e:7a:22:ed:e8:15:88:77:9c:2b:70:61:b7:df:
         45:9c:f4:de:fa:f2:c7:c7:1b:41:c9:30:bf:91:c6:9a:3c:16:
         37:fb:df:76:7a:33:c4:c4:e7:2d:d0:28:68:78:45:c8:f7:4c:
         ad:bd:60:25:a7:95:e1:08:6c:ec:f3:b4:23:76:18:51:ab:5f:
         9b:d9:55:36:a4:4a:33:92:d3:0b:2c:4e:42:4d:25:84:b1:cf:
         a8:ba:b7:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcNIFnNT+RtBSoDLE4JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTQ1ODI1NjJjMzEzNWJiNTJiZGI5NjE0NWUxYWQwMzc4
NmIxNDgwHhcNMjYwMzI5MDcwMTI2WhcNMjYwMzMwMDcwMTI2WjAzMTEwLwYDVQQD
EyhlN2Q3YTMwZWJlYzQzYmY3MzZkMGJlNWVhZjg5Y2M3YjEzNDg4NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDCPNjZpO2QMVW3uZhyBCH+Fhme4
/xPcd9CJ0zxIaeGSH7M3Jf2tGP9O0LOe0AouwlAAe+g6IvKbACYMcRCFUZVQ7Bzi
qrjdmYiSPNv4RNYSmAcHHU2kz9HkioR6fW2a8LZ5fXCsj4eXBWvDiYnM0gPKQqjj
NJdlIxvkCYRgnseIvwLv+jp2+szkgu/no1FQ3Nkn3+CEEeAUpmFa43OKH2/5/5rN
rP29XE9QcFpSs9Jf+EMruCi2X+lPME02ebjinIDmcuX2Qj9YjHlDruUfCE3yxrG1
iyv5316PtnTC7DzXGRbyKdoHuG3sG2ET4wZNQzdRT80ORDEOP3cHDzkhNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfXow6+xDv3NtC+Xq+JzHsTSIb4MB8GA1UdIwQY
MBaAFKGkWCViwxNbtSvblhReGtA3hrFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS80ZDEwYzAtNjdiZi00MTM1LTk3YWIt
YmJmMmNlMDdlY2FkLzEvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS80ZDEwYzAtNjdiZi00MTM1LTk3YWItYmJmMmNlMDdlY2Fk
LzEvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHml41ojk
ydw1Hgit8IZxDhkQ4rK5bGhWTCAyWgAqrcv8QTopbeQBPkiM10PZDgBPHi8/lQym
eLh2eVygy2bcCFh4GtpfttFdMu9UISpjgUvs8azWcN9FzJU/wGb9VnWGsn4AQXX9
I5p2ckNarh+QFiHfrYinAulxIEZImMEK04ygjsEFk8+LnumvGCsex/aWkYy+R66Q
nKZC3Tx2oaHisBg/b9+Rzn56Iu3oFYh3nCtwYbffRZz03vryx8cbQckwv5HGmjwW
N/vfdnozxMTnLdAoaHhFyPdMrb1gJaeV4Qhs7PO0I3YYUatfm9lVNqRKM5LTCyxO
Qk0lhLHPqLq3Iw==
-----END CERTIFICATE-----