Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
File:                     O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft (raw, json)
Hash identifier:          ix0JncwmnWJZ8anXl2ZWmlq+gQQTCdVItLy9TeAnbXs=
Subject key identifier:   A9:C2:50:F5:8D:4C:41:77:8C:78:2E:10:84:09:D5:4D:4F:0C:CA:22
Authority key identifier: 3B:A2:E2:7F:E7:54:26:EF:C8:B5:2B:26:8E:82:93:A8:99:4E:68:FD
Certificate issuer:       /CN=3ba2e27fe75426efc8b52b268e8293a8994e68fd
Certificate serial:       019D38662DB2B54533D539AA3B4F8EDD5230
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
Manifest number:          10F7
Signing time:             Sun 29 Mar 2026 07:01:53 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:53 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:53 +0000
Files and hashes:         1: O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl (hash: L3acUNbJvB0kg4SQa4+HHYNNhom2BcIveNnyXQthmqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2d:b2:b5:45:33:d5:39:aa:3b:4f:8e:dd:52:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ba2e27fe75426efc8b52b268e8293a8994e68fd
        Validity
            Not Before: Mar 29 07:01:53 2026 GMT
            Not After : Mar 30 07:01:53 2026 GMT
        Subject: CN=a9c250f58d4c41778c782e108409d54d4f0cca22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:9f:32:e9:68:dc:4f:47:1e:01:6b:9a:49:82:
                    21:c0:dd:40:5c:8c:20:6a:60:15:f2:c9:42:d8:4b:
                    2a:17:a3:66:b8:67:ad:fc:af:14:1e:65:f7:3a:4a:
                    18:b1:ba:cc:78:99:dd:ad:27:52:0d:60:51:e2:2e:
                    d4:20:b3:58:f4:d2:bb:53:e1:57:7e:e7:96:0c:78:
                    4b:c1:74:b3:08:23:62:7f:27:7d:3e:1c:fb:29:71:
                    7d:7f:43:33:40:09:88:95:c8:4e:ce:c5:ea:45:e2:
                    f9:a4:51:d3:65:f6:34:4c:36:3b:63:63:86:45:42:
                    fe:24:ac:bf:82:cf:c0:c8:8f:3a:00:cd:81:b6:bc:
                    31:74:9d:c6:89:db:9c:16:fc:8e:f4:a8:d6:75:3f:
                    bd:6a:95:c2:99:3c:4f:07:08:8f:56:87:e5:f2:36:
                    c9:34:e8:1e:72:88:02:e8:ab:9e:83:c8:2d:02:a5:
                    64:d6:82:12:60:a4:29:03:b6:60:d5:63:e2:10:97:
                    64:1d:5a:90:ad:68:44:43:c5:e1:09:98:18:52:7b:
                    cf:8b:2b:e1:e8:11:4d:a9:e2:e0:96:a2:8b:a3:c4:
                    c5:a3:2e:8f:59:ef:60:44:39:b8:74:42:0f:d6:bc:
                    56:f0:c6:cf:c1:f4:86:f7:e6:ef:1e:18:6e:d9:ed:
                    ad:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:C2:50:F5:8D:4C:41:77:8C:78:2E:10:84:09:D5:4D:4F:0C:CA:22
            X509v3 Authority Key Identifier:
                keyid:3B:A2:E2:7F:E7:54:26:EF:C8:B5:2B:26:8E:82:93:A8:99:4E:68:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6Lif-dUJu_ItSsmjoKTqJlOaP0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/ec6b88-5e6b-4cfe-bc95-33ac6dbcfb97/1/O6Lif-dUJu_ItSsmjoKTqJlOaP0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:7b:15:eb:25:9a:0b:55:20:3f:5f:4a:03:e3:c3:ec:d1:d4:
         2b:b7:56:2a:3c:5c:2f:ec:54:ed:f9:40:03:a5:d3:50:31:db:
         72:bf:bd:cf:a1:31:e9:10:74:54:94:d2:9e:c5:56:fd:e0:d1:
         5b:5d:83:c4:89:64:5e:31:76:cd:9a:10:ac:4a:b2:05:93:e1:
         95:1f:29:33:1b:e8:22:38:e6:a6:04:62:c3:68:c9:a2:cf:3f:
         b4:21:87:cf:7c:38:71:00:54:2b:e8:e8:80:9a:7d:8c:af:66:
         dd:88:2e:2f:fd:77:cf:37:7d:98:03:5c:7f:0c:8a:52:26:8a:
         17:9f:16:a9:ca:bb:a6:03:04:bc:84:b7:6f:72:28:70:e5:6f:
         49:11:70:af:99:af:82:e5:42:61:ea:b4:1f:61:5f:63:3b:74:
         d7:35:e6:81:63:90:e4:80:16:84:95:89:84:94:21:18:c4:f8:
         0a:f9:a7:05:31:41:d5:6d:a7:44:5c:78:1f:f1:d0:d5:26:ff:
         d9:0a:bc:33:53:4d:f5:66:15:a1:1b:dc:3a:21:03:15:01:de:
         1f:62:83:3d:16:e0:48:a0:fe:2c:71:95:bb:17:86:59:05:d0:
         d7:e9:51:f0:21:e1:76:3f:84:52:13:73:a3:2b:07:59:42:55:
         f1:c9:10:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zi2ytUUz1TmqO0+O3VIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTJlMjdmZTc1NDI2ZWZjOGI1MmIyNjhlODI5M2E4OTk0
ZTY4ZmQwHhcNMjYwMzI5MDcwMTUzWhcNMjYwMzMwMDcwMTUzWjAzMTEwLwYDVQQD
EyhhOWMyNTBmNThkNGM0MTc3OGM3ODJlMTA4NDA5ZDU0ZDRmMGNjYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ8y6WjcT0ceAWuaSYIhwN1AXIwg
amAV8slC2EsqF6NmuGet/K8UHmX3OkoYsbrMeJndrSdSDWBR4i7UILNY9NK7U+FX
fueWDHhLwXSzCCNifyd9Phz7KXF9f0MzQAmIlchOzsXqReL5pFHTZfY0TDY7Y2OG
RUL+JKy/gs/AyI86AM2BtrwxdJ3GiducFvyO9KjWdT+9apXCmTxPBwiPVofl8jbJ
NOgecogC6Kueg8gtAqVk1oISYKQpA7Zg1WPiEJdkHVqQrWhEQ8XhCZgYUnvPiyvh
6BFNqeLglqKLo8TFoy6PWe9gRDm4dEIP1rxW8MbPwfSG9+bvHhhu2e2tzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKnCUPWNTEF3jHguEIQJ1U1PDMoiMB8GA1UdIwQY
MBaAFDui4n/nVCbvyLUrJo6Ck6iZTmj9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9lYzZiODgtNWU2Yi00Y2ZlLWJjOTUt
MzNhYzZkYmNmYjk3LzEvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9lYzZiODgtNWU2Yi00Y2ZlLWJjOTUtMzNhYzZkYmNmYjk3
LzEvTzZMaWYtZFVKdV9JdFNzbWpvS1RxSmxPYVAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADnsV6yWa
C1UgP19KA+PD7NHUK7dWKjxcL+xU7flAA6XTUDHbcr+9z6Ex6RB0VJTSnsVW/eDR
W12DxIlkXjF2zZoQrEqyBZPhlR8pMxvoIjjmpgRiw2jJos8/tCGHz3w4cQBUK+jo
gJp9jK9m3YguL/13zzd9mANcfwyKUiaKF58Wqcq7pgMEvIS3b3IocOVvSRFwr5mv
guVCYeq0H2FfYzt01zXmgWOQ5IAWhJWJhJQhGMT4CvmnBTFB1W2nRFx4H/HQ1Sb/
2Qq8M1NN9WYVoRvcOiEDFQHeH2KDPRbgSKD+LHGVuxeGWQXQ1+lR8CHhdj+EUhNz
oysHWUJV8ckQXQ==
-----END CERTIFICATE-----