Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          Oc/Mt+i+r+Me9HT7JfUtAnRfaJMVRxYMNnF/MpaTdQQ=
Subject key identifier:   CB:96:B5:B6:FB:13:37:EE:0F:CD:30:E1:F9:5D:22:F1:77:12:AE:A0
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       019D37C050B6F752C52A7E0D55AF50A43473
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          14D5
Signing time:             Sun 29 Mar 2026 04:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:43 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: xoUcRSpGzSkz+KXaJHlQa7g/pJ82yaMdTOLO+JibXLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:50:b6:f7:52:c5:2a:7e:0d:55:af:50:a4:34:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: Mar 29 04:00:43 2026 GMT
            Not After : Mar 30 04:00:43 2026 GMT
        Subject: CN=cb96b5b6fb1337ee0fcd30e1f95d22f17712aea0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ea:71:71:e7:20:03:62:79:95:c6:a4:89:8a:
                    12:71:26:8e:c2:87:21:ea:c9:11:d1:51:49:65:df:
                    de:d5:ec:0e:18:15:85:d5:7c:f4:4c:d3:87:61:be:
                    8e:ce:cd:57:34:e2:3f:d1:49:ee:96:72:77:82:90:
                    25:a3:a9:e1:e3:77:75:ab:ca:cf:0a:3c:e2:3f:9f:
                    a5:65:69:2c:8f:af:28:40:9f:8d:66:3b:9e:9c:91:
                    b2:3c:bc:e4:bc:76:1e:cc:d5:78:37:a4:21:ea:56:
                    3f:44:32:37:5b:d5:e1:7d:11:95:a3:24:ed:a2:6f:
                    2e:d6:08:37:0e:f5:45:24:91:81:a5:41:60:cd:90:
                    f3:e4:ab:48:92:c2:33:24:9a:6b:31:91:6f:f8:95:
                    ce:56:b0:c9:6c:49:d4:f8:6e:83:29:4e:a7:53:3b:
                    1a:7d:b5:7e:8b:c7:9c:aa:42:39:11:1e:1f:2a:45:
                    fb:23:32:75:cb:11:9d:5c:a1:b2:8f:9f:ac:1a:cf:
                    bf:3e:dc:aa:ae:c9:4d:43:d0:e4:90:a6:95:de:f9:
                    c5:dc:48:aa:97:e9:b8:89:e6:ba:ef:30:e2:d2:e7:
                    34:b9:b3:7a:2e:d6:c4:b7:c7:8d:f3:2c:3c:d5:5f:
                    ad:16:fb:6e:eb:30:64:0c:19:a2:c5:5f:70:4b:af:
                    0c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:96:B5:B6:FB:13:37:EE:0F:CD:30:E1:F9:5D:22:F1:77:12:AE:A0
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:0b:c6:81:01:03:b1:d5:be:45:d7:e3:b0:42:23:41:4f:c4:
         5a:5b:ed:b6:10:1b:8f:39:f5:f3:8a:8d:70:02:d8:54:8b:54:
         0c:9f:dc:1e:82:1e:68:4d:9f:56:bb:13:f8:c9:c6:45:b8:f2:
         19:8a:1e:9a:78:82:c8:ed:e5:9d:73:94:a1:68:3f:2f:60:9a:
         bc:89:46:a8:a9:19:4f:1b:55:94:ce:78:ed:66:f9:d5:c7:10:
         3c:29:35:5d:98:6d:ac:a6:c8:22:82:85:db:93:3e:27:c2:e0:
         2e:41:59:92:01:ae:be:90:55:42:7d:7e:dd:96:f0:b5:87:b2:
         4b:93:05:65:6a:21:9b:96:46:2b:13:2f:4c:f2:49:21:fc:b7:
         55:b9:cb:5d:12:e4:32:bb:ee:68:7d:f9:06:d3:4e:fd:29:19:
         a6:d0:c9:92:fb:a6:97:94:bd:7e:0c:58:50:83:7e:cc:d6:75:
         28:0b:57:fb:14:ab:f3:96:c1:49:13:db:bc:0a:04:78:d0:cf:
         fd:a2:8d:49:a9:0f:83:25:73:d0:0b:70:62:d6:81:fb:4b:64:
         c6:1b:f3:bc:0f:c4:12:06:f4:e5:a7:f6:59:1d:8a:1e:a5:7c:
         37:20:14:86:2a:00:e8:fe:5b:6d:04:a7:ee:6f:56:e3:10:77:
         14:72:82:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFC291LFKn4NVa9QpDRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjYwMzI5MDQwMDQzWhcNMjYwMzMwMDQwMDQzWjAzMTEwLwYDVQQD
EyhjYjk2YjViNmZiMTMzN2VlMGZjZDMwZTFmOTVkMjJmMTc3MTJhZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+pxcecgA2J5lcakiYoScSaOwoch
6skR0VFJZd/e1ewOGBWF1Xz0TNOHYb6Ozs1XNOI/0UnulnJ3gpAlo6nh43d1q8rP
CjziP5+lZWksj68oQJ+NZjuenJGyPLzkvHYezNV4N6Qh6lY/RDI3W9XhfRGVoyTt
om8u1gg3DvVFJJGBpUFgzZDz5KtIksIzJJprMZFv+JXOVrDJbEnU+G6DKU6nUzsa
fbV+i8ecqkI5ER4fKkX7IzJ1yxGdXKGyj5+sGs+/PtyqrslNQ9DkkKaV3vnF3Eiq
l+m4iea67zDi0uc0ubN6LtbEt8eN8yw81V+tFvtu6zBkDBmixV9wS68M9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuWtbb7EzfuD80w4fldIvF3Eq6gMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQvGgQED
sdW+RdfjsEIjQU/EWlvtthAbjzn184qNcALYVItUDJ/cHoIeaE2fVrsT+MnGRbjy
GYoemniCyO3lnXOUoWg/L2CavIlGqKkZTxtVlM547Wb51ccQPCk1XZhtrKbIIoKF
25M+J8LgLkFZkgGuvpBVQn1+3ZbwtYeyS5MFZWohm5ZGKxMvTPJJIfy3VbnLXRLk
MrvuaH35BtNO/SkZptDJkvuml5S9fgxYUIN+zNZ1KAtX+xSr85bBSRPbvAoEeNDP
/aKNSakPgyVz0AtwYtaB+0tkxhvzvA/EEgb05af2WR2KHqV8NyAUhioA6P5bbQSn
7m9W4xB3FHKCQA==
-----END CERTIFICATE-----