Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
File:                     Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft (raw, json)
Hash identifier:          vdU7s6+jQHUpg8rIkYIDocdNrimvq/lMLZfm9iPTBRw=
Subject key identifier:   16:84:D8:0A:9E:06:8E:1C:6E:FC:8F:49:8B:D3:83:EB:BA:1A:9A:45
Authority key identifier: 3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33
Certificate issuer:       /CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
Certificate serial:       019D3865E3F7CE843D5A5BA0D97AA4F2806C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
Manifest number:          0C9B
Signing time:             Sun 29 Mar 2026 07:01:34 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:34 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:34 +0000
Files and hashes:         1: Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl (hash: P80BM9JNEldGwmOeUc2Y8PgbXBzqnYyuESlnutpYHZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e3:f7:ce:84:3d:5a:5b:a0:d9:7a:a4:f2:80:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aef31b36826879c7ebc112c62941a1cd3a2bb33
        Validity
            Not Before: Mar 29 07:01:34 2026 GMT
            Not After : Mar 30 07:01:34 2026 GMT
        Subject: CN=1684d80a9e068e1c6efc8f498bd383ebba1a9a45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:dc:cc:b5:04:96:fc:2b:8c:d8:43:57:26:f1:
                    0d:e4:48:ad:6d:65:fb:c1:55:68:9b:1b:8a:a8:40:
                    64:ba:45:7f:78:fb:0e:f6:fa:70:a1:f8:ad:59:bb:
                    ff:7a:37:12:4d:4a:8b:93:10:41:a5:3e:88:96:ab:
                    6b:cc:7a:98:65:aa:82:02:c5:7c:f2:e2:48:13:5b:
                    a6:d8:dd:70:37:ba:63:32:eb:6b:3a:1b:c4:5f:51:
                    30:e8:a7:c1:16:21:8a:b4:c0:57:cb:cc:fd:16:e5:
                    a3:50:bd:4c:77:3b:9d:15:b8:2d:c2:93:82:08:39:
                    20:af:aa:95:a5:22:14:b2:67:dd:43:25:7d:8f:f1:
                    c6:b8:38:9a:ef:b8:a6:37:60:58:e8:9e:99:78:ac:
                    0b:cf:45:7d:d9:f6:f3:bb:5c:ed:47:91:5f:fa:f9:
                    9c:aa:c7:3e:22:55:94:29:b2:94:f1:35:52:b5:48:
                    d6:4c:fb:9c:b9:85:96:f2:d2:07:11:a3:f9:4e:c0:
                    c9:52:ce:17:7c:37:73:58:4a:77:64:70:79:5c:29:
                    e2:8c:fb:64:62:18:c1:7a:14:4b:00:66:45:3d:66:
                    d6:d4:a5:f4:13:49:58:5e:56:c4:ad:04:3c:e7:0b:
                    30:18:4f:4f:46:0d:9d:3f:df:f4:af:20:b5:c6:e6:
                    59:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:84:D8:0A:9E:06:8E:1C:6E:FC:8F:49:8B:D3:83:EB:BA:1A:9A:45
            X509v3 Authority Key Identifier:
                keyid:3A:EF:31:B3:68:26:87:9C:7E:BC:11:2C:62:94:1A:1C:D3:A2:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2fb352-ef94-42de-89ac-d9af710ba1de/1/Ou8xs2gmh5x-vBEsYpQaHNOiuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:98:76:24:26:69:9e:c3:e6:11:f9:ad:df:cf:e9:2c:33:ee:
         f6:16:43:f5:47:0b:d1:75:74:36:f3:d8:4c:0b:19:ed:57:7b:
         64:8a:44:40:aa:e1:de:2f:e7:ce:5d:58:03:89:9a:5e:c8:19:
         65:7b:48:7d:83:22:5a:a4:55:86:96:a2:eb:65:74:3a:c9:c4:
         ae:0e:b2:6e:e3:33:92:60:a2:b3:5d:0f:ee:a4:6e:57:b0:a5:
         49:36:3f:f1:e2:c2:7d:0a:00:c3:bc:5a:45:5b:07:92:17:ea:
         3f:43:1a:33:e2:fb:7a:a4:c2:3e:72:8d:e1:02:35:05:ed:a4:
         5e:7c:33:dd:16:9e:37:eb:b0:a4:c7:be:e5:76:e8:e1:02:e0:
         52:33:58:3e:ca:9e:51:a8:1b:83:28:95:dc:21:a8:b7:b4:1b:
         95:dc:f6:bd:83:90:58:81:8f:c1:59:34:e8:cf:b7:31:d1:64:
         a9:c7:29:40:e7:65:b2:d9:95:d2:2b:46:8f:a1:f4:9e:14:8e:
         22:e7:0c:ca:fe:47:82:e3:8c:3e:50:51:c0:4b:cf:77:ea:ad:
         4f:68:6d:6e:55:bc:8d:80:06:e2:38:af:02:b9:62:ee:fc:8b:
         73:27:7d:f1:78:cf:c0:f4:d1:25:97:a3:47:21:64:e2:ae:54:
         ea:6f:3e:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeP3zoQ9Wlug2Xqk8oBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWYzMWIzNjgyNjg3OWM3ZWJjMTEyYzYyOTQxYTFjZDNh
MmJiMzMwHhcNMjYwMzI5MDcwMTM0WhcNMjYwMzMwMDcwMTM0WjAzMTEwLwYDVQQD
EygxNjg0ZDgwYTllMDY4ZTFjNmVmYzhmNDk4YmQzODNlYmJhMWE5YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9zMtQSW/CuM2ENXJvEN5EitbWX7
wVVomxuKqEBkukV/ePsO9vpwofitWbv/ejcSTUqLkxBBpT6IlqtrzHqYZaqCAsV8
8uJIE1um2N1wN7pjMutrOhvEX1Ew6KfBFiGKtMBXy8z9FuWjUL1MdzudFbgtwpOC
CDkgr6qVpSIUsmfdQyV9j/HGuDia77imN2BY6J6ZeKwLz0V92fbzu1ztR5Ff+vmc
qsc+IlWUKbKU8TVStUjWTPucuYWW8tIHEaP5TsDJUs4XfDdzWEp3ZHB5XCnijPtk
YhjBehRLAGZFPWbW1KX0E0lYXlbErQQ85wswGE9PRg2dP9/0ryC1xuZZ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBaE2AqeBo4cbvyPSYvTg+u6GppFMB8GA1UdIwQY
MBaAFDrvMbNoJoecfrwRLGKUGhzTorszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMt
ZDlhZjcxMGJhMWRlLzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZmIzNTItZWY5NC00MmRlLTg5YWMtZDlhZjcxMGJhMWRl
LzEvT3U4eHMyZ21oNXgtdkJFc1lwUWFITk9pdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQJh2JCZp
nsPmEfmt38/pLDPu9hZD9UcL0XV0NvPYTAsZ7Vd7ZIpEQKrh3i/nzl1YA4maXsgZ
ZXtIfYMiWqRVhpai62V0OsnErg6ybuMzkmCis10P7qRuV7ClSTY/8eLCfQoAw7xa
RVsHkhfqP0MaM+L7eqTCPnKN4QI1Be2kXnwz3RaeN+uwpMe+5Xbo4QLgUjNYPsqe
UagbgyiV3CGot7Qbldz2vYOQWIGPwVk06M+3MdFkqccpQOdlstmV0itGj6H0nhSO
IucMyv5HguOMPlBRwEvPd+qtT2htblW8jYAG4jivArli7vyLcyd98XjPwPTRJZej
RyFk4q5U6m8+Ig==
-----END CERTIFICATE-----