Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
File:                     oUYsqczoyP_R-dfefH6QXG6JPPw.mft (raw, json)
Hash identifier:          fbJeeMKQDyEQ8wosV8K8tip/OP+edOSweavPMvrmQNY=
Subject key identifier:   49:44:87:DD:33:42:4D:9E:8A:DA:36:9A:15:2C:32:49:6E:94:D2:4E
Authority key identifier: A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC
Certificate issuer:       /CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
Certificate serial:       019D38665792D7C5187FA0B7E2E6658B99DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:02:04 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:04 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:04 +0000
Files and hashes:         1: oUYsqczoyP_R-dfefH6QXG6JPPw.crl (hash: z/9PDRwmsXfBAHV0EeX6WD0hHnrREVlxElZfuCACg6s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:57:92:d7:c5:18:7f:a0:b7:e2:e6:65:8b:99:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
        Validity
            Not Before: Mar 29 07:02:04 2026 GMT
            Not After : Mar 30 07:02:04 2026 GMT
        Subject: CN=494487dd33424d9e8ada369a152c32496e94d24e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:06:f2:10:45:5a:6b:84:e4:42:53:60:26:36:
                    9d:6b:a8:d8:d1:54:58:63:5c:60:5d:47:df:38:71:
                    03:f7:4e:fe:1b:bb:1a:c0:c8:6d:ed:67:ea:03:f0:
                    7e:0f:ec:00:d4:a5:fa:85:64:5c:28:1d:8c:80:f3:
                    ff:86:54:3b:17:35:0c:5d:b1:ec:c2:6d:39:52:fb:
                    73:ab:31:37:5f:3f:55:e7:cf:65:de:7c:28:24:b4:
                    c2:52:e5:7e:dc:12:b6:ac:6c:05:56:16:e6:3c:fd:
                    94:95:69:08:f5:90:bb:14:9c:77:1c:e5:d4:95:25:
                    bd:63:cc:9d:03:cb:c1:15:ff:25:b2:76:48:e4:e1:
                    5c:54:c1:89:3b:0f:e3:55:93:60:19:89:26:4a:62:
                    1c:7c:d4:f1:83:0a:61:39:7b:d4:bd:e5:f5:9b:1c:
                    43:45:aa:2a:94:c3:c4:42:f1:97:88:e9:c2:6b:0e:
                    35:e4:21:f1:3e:b8:14:0c:6f:1d:15:c3:d5:d8:f2:
                    af:ea:64:c3:04:c2:e2:4e:74:d5:e2:b8:5c:9e:9a:
                    05:92:63:5e:c1:06:a7:c9:25:0e:44:3c:ad:47:9d:
                    98:08:ac:18:e1:20:7b:fb:42:e8:b7:84:c4:01:44:
                    5a:c7:b1:ab:17:a7:a5:46:3f:2d:dc:55:03:a6:17:
                    79:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:44:87:DD:33:42:4D:9E:8A:DA:36:9A:15:2C:32:49:6E:94:D2:4E
            X509v3 Authority Key Identifier:
                keyid:A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:2e:c1:e3:9c:89:92:0f:17:81:64:b5:2c:36:48:17:b4:16:
         83:3e:25:e3:ca:3b:c3:0b:ac:0f:b6:92:85:70:30:25:c1:d0:
         5d:9b:98:b7:b6:f5:35:e9:69:0c:f6:b2:87:4b:11:5e:32:32:
         99:c0:6a:fb:a8:05:39:70:ee:bb:6c:04:e3:b0:e0:8d:75:e3:
         bb:50:39:1d:3e:dc:fa:4b:30:8f:fb:4e:50:7b:2e:96:2b:7c:
         1b:fb:a6:22:b0:30:d1:b4:15:4f:67:fa:78:af:4e:8a:e6:5b:
         a3:38:f8:91:30:5a:75:f0:01:79:bc:a4:91:fd:06:22:5f:22:
         83:a3:f6:46:b4:cb:b8:13:aa:e2:88:9b:08:51:39:fa:1b:17:
         43:4e:cd:d7:60:de:2c:93:b5:15:c6:ea:67:56:81:52:b8:f1:
         8b:a1:5f:e8:06:51:bb:69:25:33:19:80:52:50:df:b9:2b:90:
         2e:bb:42:35:32:dc:59:cc:99:e3:7d:ef:45:63:c6:5f:d2:cc:
         94:a0:ac:64:df:90:8c:ba:bf:35:cd:28:a8:b3:4e:89:03:13:
         73:59:87:f6:6f:95:45:35:55:4b:9a:ec:98:e8:c9:4b:a5:54:
         68:23:5f:4e:9a:54:43:c3:d4:b6:0f:40:21:61:54:35:80:50:
         f1:8d:93:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZleS18UYf6C34uZli5naMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDYyY2E5Y2NlOGM4ZmZkMWY5ZDdkZTdjN2U5MDVjNmU4
OTNjZmMwHhcNMjYwMzI5MDcwMjA0WhcNMjYwMzMwMDcwMjA0WjAzMTEwLwYDVQQD
Eyg0OTQ0ODdkZDMzNDI0ZDllOGFkYTM2OWExNTJjMzI0OTZlOTRkMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgbyEEVaa4TkQlNgJjada6jY0VRY
Y1xgXUffOHED907+G7sawMht7WfqA/B+D+wA1KX6hWRcKB2MgPP/hlQ7FzUMXbHs
wm05UvtzqzE3Xz9V589l3nwoJLTCUuV+3BK2rGwFVhbmPP2UlWkI9ZC7FJx3HOXU
lSW9Y8ydA8vBFf8lsnZI5OFcVMGJOw/jVZNgGYkmSmIcfNTxgwphOXvUveX1mxxD
RaoqlMPEQvGXiOnCaw415CHxPrgUDG8dFcPV2PKv6mTDBMLiTnTV4rhcnpoFkmNe
wQanySUORDytR52YCKwY4SB7+0Lot4TEAURax7GrF6elRj8t3FUDphd5gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElEh90zQk2eito2mhUsMklulNJOMB8GA1UdIwQY
MBaAFKFGLKnM6Mj/0fnX3nx+kFxuiTz8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4Mjgt
MjcyY2M5MmNjNjBiLzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4MjgtMjcyY2M5MmNjNjBi
LzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQi7B45yJ
kg8XgWS1LDZIF7QWgz4l48o7wwusD7aShXAwJcHQXZuYt7b1NelpDPayh0sRXjIy
mcBq+6gFOXDuu2wE47DgjXXju1A5HT7c+kswj/tOUHsulit8G/umIrAw0bQVT2f6
eK9OiuZbozj4kTBadfABebykkf0GIl8ig6P2RrTLuBOq4oibCFE5+hsXQ07N12De
LJO1FcbqZ1aBUrjxi6Ff6AZRu2klMxmAUlDfuSuQLrtCNTLcWcyZ433vRWPGX9LM
lKCsZN+QjLq/Nc0oqLNOiQMTc1mH9m+VRTVVS5rsmOjJS6VUaCNfTppUQ8PUtg9A
IWFUNYBQ8Y2TSQ==
-----END CERTIFICATE-----