Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          LnsA4RD3ERvygwHajbElY6q4cGYboJTPvfZ1pKh4tmA=
Subject key identifier:   EE:D7:B1:4B:97:55:69:CD:0A:65:E1:E5:52:36:3D:CF:26:52:24:55
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019D37892FCA66065C1312F659BC6183FB6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          0810
Signing time:             Sun 29 Mar 2026 03:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:30 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: bitil6A53mcsOtuWaI4riTiM375s/VZfDPVxXmtG0F4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:2f:ca:66:06:5c:13:12:f6:59:bc:61:83:fb:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Mar 29 03:00:30 2026 GMT
            Not After : Mar 30 03:00:30 2026 GMT
        Subject: CN=eed7b14b975569cd0a65e1e552363dcf26522455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:62:cc:4b:76:5f:e4:f1:bc:5d:be:92:35:b3:
                    7a:57:1b:53:45:f3:52:71:4f:fa:ae:2a:80:2d:b1:
                    0f:0d:47:de:ae:94:1e:8f:d5:b2:22:af:b1:ad:8e:
                    c4:aa:bb:1c:02:37:af:87:d1:d2:53:6f:b5:a5:aa:
                    48:12:ac:da:4a:74:30:5c:07:97:a7:7b:26:95:4e:
                    7c:ff:c4:e0:41:ab:64:b4:b5:0b:b5:9e:58:a9:25:
                    1d:b1:8b:42:fd:b4:98:ac:a2:5c:9a:0f:5c:75:58:
                    c0:3e:83:ed:cd:6a:51:25:ba:31:ae:d2:0d:f7:eb:
                    93:79:a7:06:33:f7:97:f2:83:08:57:bb:9f:d3:97:
                    a0:6b:03:54:be:2d:8b:39:2c:de:e0:fd:63:72:e1:
                    60:d3:2e:7e:1e:b1:3c:c1:7f:69:66:cf:5c:30:9a:
                    65:4c:8b:18:03:01:08:7e:ed:2d:07:fc:ca:50:6f:
                    86:8c:46:15:1f:fa:0d:55:3a:09:b7:33:52:00:c9:
                    7c:44:a2:f3:55:49:7a:1c:94:65:9b:d6:e6:13:da:
                    48:a4:9b:d0:75:ad:78:8d:3a:33:a5:83:f6:92:22:
                    cf:97:8e:06:68:2e:d1:cf:da:dd:04:6a:c8:77:aa:
                    03:ce:87:8f:44:c7:2a:05:83:e8:9f:8c:30:69:9d:
                    2b:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:D7:B1:4B:97:55:69:CD:0A:65:E1:E5:52:36:3D:CF:26:52:24:55
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:fd:6f:92:ab:e6:b2:8f:08:e2:d9:01:55:2d:a7:bb:55:3b:
         97:53:f7:f5:34:df:03:8f:d2:b5:0d:71:c0:1f:c0:52:6d:e5:
         03:00:0f:ce:60:48:ca:5d:2c:d6:46:a2:e0:1a:00:a0:7d:cf:
         67:dd:a6:99:20:93:62:91:31:b6:11:6a:11:a1:38:89:2e:bb:
         27:34:d5:c8:d2:00:e0:fb:c3:7f:90:0b:be:af:fa:ea:c4:9d:
         4f:b0:4e:6f:b4:ab:d3:c7:91:f6:8d:e0:43:ba:aa:7b:2f:b7:
         24:87:60:21:86:c7:90:f0:d6:81:a1:ae:86:61:b2:80:a2:65:
         72:c0:e4:65:54:da:a8:90:b2:0c:da:c1:83:8a:06:a4:72:cd:
         77:54:f0:b7:97:d5:25:49:de:55:39:44:96:fc:ac:47:39:6e:
         f9:16:ad:f2:65:51:a9:78:94:09:8a:56:bc:5a:bf:71:7b:4a:
         93:e6:f5:71:c1:f7:d6:a3:67:48:0b:90:d2:58:a4:cc:5e:49:
         80:21:f8:da:80:09:08:07:b2:56:b7:bf:79:15:5b:89:31:59:
         66:93:dd:b5:63:a4:30:01:82:59:c6:06:d5:d8:99:4d:1f:f0:
         c0:c1:b3:f3:92:2f:32:df:10:28:b0:d3:3a:1b:2a:0f:25:5b:
         7f:8a:69:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iS/KZgZcExL2Wbxhg/tvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjYwMzI5MDMwMDMwWhcNMjYwMzMwMDMwMDMwWjAzMTEwLwYDVQQD
EyhlZWQ3YjE0Yjk3NTU2OWNkMGE2NWUxZTU1MjM2M2RjZjI2NTIyNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWLMS3Zf5PG8Xb6SNbN6VxtTRfNS
cU/6riqALbEPDUferpQej9WyIq+xrY7EqrscAjevh9HSU2+1papIEqzaSnQwXAeX
p3smlU58/8TgQatktLULtZ5YqSUdsYtC/bSYrKJcmg9cdVjAPoPtzWpRJboxrtIN
9+uTeacGM/eX8oMIV7uf05egawNUvi2LOSze4P1jcuFg0y5+HrE8wX9pZs9cMJpl
TIsYAwEIfu0tB/zKUG+GjEYVH/oNVToJtzNSAMl8RKLzVUl6HJRlm9bmE9pIpJvQ
da14jTozpYP2kiLPl44GaC7Rz9rdBGrId6oDzoePRMcqBYPon4wwaZ0rrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7XsUuXVWnNCmXh5VI2Pc8mUiRVMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcv1vkqvm
so8I4tkBVS2nu1U7l1P39TTfA4/StQ1xwB/AUm3lAwAPzmBIyl0s1kai4BoAoH3P
Z92mmSCTYpExthFqEaE4iS67JzTVyNIA4PvDf5ALvq/66sSdT7BOb7Sr08eR9o3g
Q7qqey+3JIdgIYbHkPDWgaGuhmGygKJlcsDkZVTaqJCyDNrBg4oGpHLNd1Twt5fV
JUneVTlElvysRzlu+Rat8mVRqXiUCYpWvFq/cXtKk+b1ccH31qNnSAuQ0likzF5J
gCH42oAJCAeyVre/eRVbiTFZZpPdtWOkMAGCWcYG1diZTR/wwMGz85IvMt8QKLDT
OhsqDyVbf4ppaQ==
-----END CERTIFICATE-----