Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          M6RNhfC94V0WGMYU5PuCBJd/QlVyBMLQ10nEmupAooc=
Subject key identifier:   36:EB:ED:19:E9:25:06:08:22:F3:AB:94:07:6D:DF:90:E1:1C:BD:23
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019D37894E94F143B4525BBC0A5C86B002BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          0560
Signing time:             Sun 29 Mar 2026 03:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:38 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: cGENmzqbSSSUMOJleWT9HKK4EnVK8ffdjioaMCc/JaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:4e:94:f1:43:b4:52:5b:bc:0a:5c:86:b0:02:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Mar 29 03:00:38 2026 GMT
            Not After : Mar 30 03:00:38 2026 GMT
        Subject: CN=36ebed19e925060822f3ab94076ddf90e11cbd23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:ba:54:3f:4e:08:e0:ba:66:dc:ab:fc:88:8b:
                    7c:fe:d4:b6:78:97:c5:61:77:68:85:f0:21:77:91:
                    53:b1:97:f6:ad:0f:53:ed:2c:4d:01:92:05:0b:39:
                    04:43:03:07:9b:af:b5:93:7c:28:fc:f1:c8:98:33:
                    11:86:88:9b:97:28:d4:00:f6:09:fd:91:7b:07:f6:
                    3b:50:60:0a:c4:43:3b:15:f6:4b:ac:ef:38:01:59:
                    c0:67:a5:c6:2c:8d:79:c6:3f:16:e5:fa:c4:d2:da:
                    b1:f2:fd:28:21:59:ff:31:95:b8:8f:89:9f:65:c6:
                    a7:f7:c0:ab:92:15:c9:5f:be:c6:89:8a:0f:fa:24:
                    9c:8f:e4:df:0b:6c:b0:06:d3:ec:5f:2d:4c:a0:b5:
                    f5:d0:69:20:0f:c8:cf:b5:b6:c1:dc:c8:a9:e0:f5:
                    09:d1:60:1f:3d:77:4c:78:eb:66:cc:4a:90:67:0d:
                    df:78:0d:63:40:8e:a0:24:66:87:b6:42:0a:95:ca:
                    c1:8a:e4:8c:ab:4d:f5:8d:19:84:56:c5:32:ae:a4:
                    5c:fc:d5:f7:2f:ac:b2:7c:3b:7d:64:85:4c:d3:e0:
                    60:00:c5:6f:a3:02:9e:2e:ae:6c:1f:20:2d:a3:e4:
                    f3:4e:57:d9:c4:95:2b:8c:90:47:58:c9:ab:db:dd:
                    f3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:EB:ED:19:E9:25:06:08:22:F3:AB:94:07:6D:DF:90:E1:1C:BD:23
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:e2:68:26:f6:07:00:b5:ab:7f:57:8a:41:f0:fb:85:fb:16:
         5c:16:d1:69:61:79:ab:5d:5c:3f:6e:0a:d6:8f:72:3b:2c:21:
         88:3a:e1:0b:ab:5b:78:d9:77:3e:6c:a9:db:90:12:fb:e1:22:
         d6:32:2a:cb:27:b2:45:b7:73:bc:c2:3f:78:dd:07:32:18:8c:
         7d:3e:61:7f:2f:03:a7:13:06:0a:ce:a2:98:63:f6:18:0d:51:
         ce:81:94:f4:98:6e:4b:5e:de:f8:07:47:e0:6f:a2:c1:b9:89:
         6b:01:ca:79:54:55:c3:5d:bd:6f:b0:46:92:17:33:57:84:60:
         6d:e7:76:ab:85:6c:05:78:30:5a:04:26:6b:df:a9:61:69:b1:
         e9:c0:01:5d:1e:0c:62:d6:89:73:ed:63:4c:1d:67:67:98:ae:
         a7:da:21:8d:e6:ed:19:17:84:f2:86:0d:ca:29:7d:6c:1a:b6:
         4d:41:b5:52:22:e5:10:c3:73:fb:55:1d:de:32:f2:fb:d9:8f:
         52:ec:8a:d5:40:be:bc:af:01:e3:49:c2:b8:5a:7e:ca:d8:da:
         32:38:24:17:1a:3f:4f:59:7f:de:fd:08:c4:6d:4b:66:67:03:
         81:af:8c:ae:f3:15:01:ce:ef:0a:b3:02:f2:a2:d8:cd:16:a2:
         b2:f0:aa:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iU6U8UO0Ulu8ClyGsAK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjYwMzI5MDMwMDM4WhcNMjYwMzMwMDMwMDM4WjAzMTEwLwYDVQQD
EygzNmViZWQxOWU5MjUwNjA4MjJmM2FiOTQwNzZkZGY5MGUxMWNiZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLpUP04I4Lpm3Kv8iIt8/tS2eJfF
YXdohfAhd5FTsZf2rQ9T7SxNAZIFCzkEQwMHm6+1k3wo/PHImDMRhoiblyjUAPYJ
/ZF7B/Y7UGAKxEM7FfZLrO84AVnAZ6XGLI15xj8W5frE0tqx8v0oIVn/MZW4j4mf
Zcan98CrkhXJX77GiYoP+iScj+TfC2ywBtPsXy1MoLX10GkgD8jPtbbB3Mip4PUJ
0WAfPXdMeOtmzEqQZw3feA1jQI6gJGaHtkIKlcrBiuSMq031jRmEVsUyrqRc/NX3
L6yyfDt9ZIVM0+BgAMVvowKeLq5sHyAto+TzTlfZxJUrjJBHWMmr293zDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDbr7RnpJQYIIvOrlAdt35DhHL0jMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOOJoJvYH
ALWrf1eKQfD7hfsWXBbRaWF5q11cP24K1o9yOywhiDrhC6tbeNl3Pmyp25AS++Ei
1jIqyyeyRbdzvMI/eN0HMhiMfT5hfy8DpxMGCs6imGP2GA1RzoGU9JhuS17e+AdH
4G+iwbmJawHKeVRVw129b7BGkhczV4Rgbed2q4VsBXgwWgQma9+pYWmx6cABXR4M
YtaJc+1jTB1nZ5iup9ohjebtGReE8oYNyil9bBq2TUG1UiLlEMNz+1Ud3jLy+9mP
UuyK1UC+vK8B40nCuFp+ytjaMjgkFxo/T1l/3v0IxG1LZmcDga+MrvMVAc7vCrMC
8qLYzRaisvCq0Q==
-----END CERTIFICATE-----