Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          K4dKAM58V/Ayj/+kw4z4AwweBizg8KdzoW5Bb60MVDg=
Subject key identifier:   8D:3A:AB:65:45:FF:1A:1D:95:6B:74:F3:60:22:93:21:19:25:45:BB
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       019D38660318E7841273CEEF5F1612B1BB4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          0CE4
Signing time:             Sun 29 Mar 2026 07:01:42 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:42 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:42 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: MpsGOZbNKtZxMazzlk0uAWbTPUTOy51DhfMftBpOE6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:03:18:e7:84:12:73:ce:ef:5f:16:12:b1:bb:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: Mar 29 07:01:42 2026 GMT
            Not After : Mar 30 07:01:42 2026 GMT
        Subject: CN=8d3aab6545ff1a1d956b74f360229321192545bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:98:97:07:c3:c5:66:5a:a3:29:83:da:5b:68:
                    7a:68:ca:c1:fe:4a:77:4c:ec:1d:f2:27:12:59:a9:
                    7a:15:e4:b0:d9:4e:43:9f:d7:d0:7a:08:61:10:ac:
                    4b:ee:a5:64:7b:0a:2e:d4:20:39:83:f6:d4:d5:92:
                    c8:ee:2b:af:4a:da:3b:ed:45:e2:c4:14:99:3e:74:
                    c4:3c:ad:b1:fe:72:64:95:44:0c:4f:a2:58:61:47:
                    12:b8:bc:da:89:94:e1:6f:ac:b1:ba:ca:8f:18:ad:
                    6f:a7:80:ab:9b:70:72:2b:a3:a5:fd:3b:9a:70:0f:
                    cf:60:97:5d:8e:e4:62:00:1f:22:c6:cd:09:06:83:
                    40:01:e0:b6:5d:e6:ae:0b:81:f7:6e:eb:bb:49:19:
                    3c:e8:c6:98:cd:88:5a:11:63:9a:24:e0:dd:33:c7:
                    71:09:01:93:99:0f:20:22:e7:ca:6e:0d:65:20:5a:
                    a9:37:88:71:8e:97:f0:e6:ed:4b:68:ed:2c:87:2b:
                    22:e3:64:4c:b2:81:1a:31:99:71:c5:7c:c2:6d:5e:
                    a5:c8:52:55:1a:04:1c:45:4c:73:4e:26:e4:d0:8b:
                    bd:ec:10:87:5f:73:82:13:4c:f8:ba:44:d1:54:d6:
                    55:05:3d:aa:92:72:94:e7:02:df:e4:0c:f1:8c:c2:
                    36:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:3A:AB:65:45:FF:1A:1D:95:6B:74:F3:60:22:93:21:19:25:45:BB
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:2d:49:b8:c3:73:f6:aa:cb:53:e3:81:6e:da:a3:04:a5:47:
         3c:55:40:d5:31:59:42:60:6c:01:09:73:93:7e:ac:f1:ea:61:
         10:20:a4:63:3d:b4:ba:d2:96:68:fe:da:a9:3f:12:f1:0f:ff:
         0e:bb:9d:f8:fb:1e:97:b0:86:12:a7:9b:9e:8d:79:6f:db:2f:
         8e:5a:de:c8:38:f2:ea:da:14:5f:db:e2:40:7b:a6:76:b3:db:
         91:07:cd:45:50:bf:8d:91:26:98:8c:6a:53:4c:3b:bf:a6:c1:
         f9:72:50:a0:45:95:74:7d:8a:b9:7c:75:3d:84:87:bd:2e:f1:
         09:56:31:57:89:32:6e:ce:99:b0:aa:c1:42:9f:01:38:7c:aa:
         c9:3d:bd:79:ff:25:92:fe:17:37:da:31:cd:94:f9:5a:c2:8a:
         27:42:30:ba:51:d3:9e:5b:c9:bd:d2:b6:54:43:8e:a1:27:02:
         fa:a2:3f:fe:2b:31:c0:61:4a:68:df:fa:08:e5:d3:a8:0e:40:
         e2:3e:4f:37:3c:9c:7d:16:95:07:dc:86:0c:c2:cf:9b:71:d0:
         73:48:cc:8d:3f:16:5a:3f:e9:1b:18:1e:e1:61:b8:22:e2:4e:
         d9:3d:06:4b:9d:06:e6:03:c1:5d:f6:b1:79:13:02:44:8c:1e:
         fc:5d:59:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgMY54QSc87vXxYSsbtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjYwMzI5MDcwMTQyWhcNMjYwMzMwMDcwMTQyWjAzMTEwLwYDVQQD
Eyg4ZDNhYWI2NTQ1ZmYxYTFkOTU2Yjc0ZjM2MDIyOTMyMTE5MjU0NWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspiXB8PFZlqjKYPaW2h6aMrB/kp3
TOwd8icSWal6FeSw2U5Dn9fQeghhEKxL7qVkewou1CA5g/bU1ZLI7iuvSto77UXi
xBSZPnTEPK2x/nJklUQMT6JYYUcSuLzaiZThb6yxusqPGK1vp4Crm3ByK6Ol/Tua
cA/PYJddjuRiAB8ixs0JBoNAAeC2XeauC4H3buu7SRk86MaYzYhaEWOaJODdM8dx
CQGTmQ8gIufKbg1lIFqpN4hxjpfw5u1LaO0shysi42RMsoEaMZlxxXzCbV6lyFJV
GgQcRUxzTibk0Iu97BCHX3OCE0z4ukTRVNZVBT2qknKU5wLf5AzxjMI2VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI06q2VF/xodlWt082AikyEZJUW7MB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGi1JuMNz
9qrLU+OBbtqjBKVHPFVA1TFZQmBsAQlzk36s8ephECCkYz20utKWaP7aqT8S8Q//
Drud+Psel7CGEqebno15b9svjlreyDjy6toUX9viQHumdrPbkQfNRVC/jZEmmIxq
U0w7v6bB+XJQoEWVdH2KuXx1PYSHvS7xCVYxV4kybs6ZsKrBQp8BOHyqyT29ef8l
kv4XN9oxzZT5WsKKJ0IwulHTnlvJvdK2VEOOoScC+qI//isxwGFKaN/6COXTqA5A
4j5PNzycfRaVB9yGDMLPm3HQc0jMjT8WWj/pGxge4WG4IuJO2T0GS50G5gPBXfax
eRMCRIwe/F1ZDA==
-----END CERTIFICATE-----