Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          QRxKkQ1OwNFgzlCVgLjZpXDO6cGNsFYIrbOAs7lt/g0=
Subject key identifier:   D1:25:C3:55:F8:3B:56:1B:8C:5B:71:50:CF:91:34:8E:AD:5C:31:4B
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       019D386648A0ECBCF54AB9112CE63DB0047E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          1588
Signing time:             Sun 29 Mar 2026 07:02:00 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:00 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:00 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: enYnlI9vqiBRrfPE6jdVkDmJW17pqkhgfVJd0E3emyY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:48:a0:ec:bc:f5:4a:b9:11:2c:e6:3d:b0:04:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Mar 29 07:02:00 2026 GMT
            Not After : Mar 30 07:02:00 2026 GMT
        Subject: CN=d125c355f83b561b8c5b7150cf91348ead5c314b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:53:78:b4:6a:82:db:33:c9:7a:99:50:43:3c:
                    98:30:16:11:4e:3b:7b:38:e0:dd:50:a0:73:b7:9f:
                    79:47:f6:4d:fb:1c:50:6b:cc:1f:d3:32:b8:72:7f:
                    d6:f3:e6:9b:78:4b:be:b6:53:6e:aa:b5:23:fc:40:
                    76:53:5b:1f:2a:14:c4:ab:db:6a:11:07:8d:0a:25:
                    c4:92:6f:ae:03:50:a8:92:93:ae:21:27:fc:8d:4c:
                    6f:e9:01:ed:34:fa:ea:79:fd:34:83:62:67:f6:64:
                    d8:88:a1:7d:09:08:26:cd:a7:ce:d5:a2:99:67:a9:
                    bd:b1:95:fd:49:2d:23:86:68:d9:98:30:e7:da:19:
                    db:8b:dc:4b:51:44:61:c4:21:f2:6c:8b:e2:ad:89:
                    a3:00:15:65:9d:ed:e5:fb:af:89:6d:67:fb:71:fe:
                    38:6a:d7:48:35:d0:31:76:de:ce:ef:4d:2e:db:f8:
                    d5:24:c1:66:f9:53:32:b3:fe:89:6f:35:d1:e2:6d:
                    3d:48:5c:00:f2:9a:9a:4c:27:df:48:28:3e:d4:8b:
                    06:14:a2:7d:f9:9a:b1:de:9c:df:0d:04:03:9e:36:
                    ba:e9:69:40:2e:92:16:cf:75:8b:fb:bd:ee:c7:26:
                    30:e3:3f:0b:1d:ee:f4:1b:20:af:18:a9:b2:e9:63:
                    27:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:25:C3:55:F8:3B:56:1B:8C:5B:71:50:CF:91:34:8E:AD:5C:31:4B
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:3a:d3:3f:41:fe:9b:04:17:56:0d:5b:c5:cc:d6:be:b3:07:
         14:35:5f:02:e0:ad:48:80:3a:dd:c1:76:a2:ad:de:be:33:1d:
         47:73:97:08:0b:bd:dd:d6:29:5c:28:c7:e6:6f:14:1c:f4:01:
         6a:66:84:ec:49:d9:c0:9e:49:3e:f3:7c:af:f1:84:57:66:2b:
         76:23:11:fc:ac:7d:be:bb:6e:b2:83:d1:38:34:1c:bc:df:7c:
         c6:2a:49:ae:d8:93:fa:06:c1:d0:df:ff:1b:46:7b:6c:62:20:
         f2:9f:b9:3d:2c:ed:fc:29:6c:53:c4:bb:b8:dd:4c:dd:3e:e1:
         dd:3b:39:a0:71:97:a6:1d:4d:6f:d0:a8:69:c4:fe:e8:f8:ba:
         b4:d8:7b:b4:a2:27:c7:4c:a0:fd:11:fb:d4:57:13:a8:fb:5a:
         4f:47:1c:48:d3:2f:62:e3:80:75:7f:55:dd:03:a3:e6:08:57:
         15:96:07:3b:9a:42:4b:50:f0:1a:0d:3a:b6:2e:6c:7a:83:e3:
         70:6d:a6:22:5d:ce:b6:14:ad:98:89:4f:cb:ac:9e:38:f9:16:
         ae:da:f2:a0:6e:83:9e:0e:b4:9a:10:0b:79:09:11:9d:2f:c1:
         2c:a8:0e:fd:ab:c0:16:77:9d:3e:49:b1:1c:1a:60:9e:a4:1e:
         6a:d5:5d:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zkig7Lz1SrkRLOY9sAR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjYwMzI5MDcwMjAwWhcNMjYwMzMwMDcwMjAwWjAzMTEwLwYDVQQD
EyhkMTI1YzM1NWY4M2I1NjFiOGM1YjcxNTBjZjkxMzQ4ZWFkNWMzMTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVN4tGqC2zPJeplQQzyYMBYRTjt7
OODdUKBzt595R/ZN+xxQa8wf0zK4cn/W8+abeEu+tlNuqrUj/EB2U1sfKhTEq9tq
EQeNCiXEkm+uA1CokpOuISf8jUxv6QHtNPrqef00g2Jn9mTYiKF9CQgmzafO1aKZ
Z6m9sZX9SS0jhmjZmDDn2hnbi9xLUURhxCHybIvirYmjABVlne3l+6+JbWf7cf44
atdINdAxdt7O700u2/jVJMFm+VMys/6JbzXR4m09SFwA8pqaTCffSCg+1IsGFKJ9
+Zqx3pzfDQQDnja66WlALpIWz3WL+73uxyYw4z8LHe70GyCvGKmy6WMn5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNElw1X4O1YbjFtxUM+RNI6tXDFLMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGTrTP0H+
mwQXVg1bxczWvrMHFDVfAuCtSIA63cF2oq3evjMdR3OXCAu93dYpXCjH5m8UHPQB
amaE7EnZwJ5JPvN8r/GEV2YrdiMR/Kx9vrtusoPRODQcvN98xipJrtiT+gbB0N//
G0Z7bGIg8p+5PSzt/ClsU8S7uN1M3T7h3Ts5oHGXph1Nb9CoacT+6Pi6tNh7tKIn
x0yg/RH71FcTqPtaT0ccSNMvYuOAdX9V3QOj5ghXFZYHO5pCS1DwGg06ti5seoPj
cG2mIl3OthStmIlPy6yeOPkWrtryoG6Dng60mhALeQkRnS/BLKgO/avAFnedPkmx
HBpgnqQeatVdOQ==
-----END CERTIFICATE-----