Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          p9ie6eLBvjb6z9hrE38/TAnB7wJN0SJMuJW65k/Ck6I=
Subject key identifier:   8F:50:41:75:8F:3E:F1:C9:3E:27:76:EA:8E:9A:E8:62:F1:C7:1B:A1
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019D38661101852B8FFDDA9886B2180777F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:46 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:46 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:46 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: AA8OKjih1gv+oisTnaSscfgGChxQObRRRbs3CHK0UCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:11:01:85:2b:8f:fd:da:98:86:b2:18:07:77:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Mar 29 07:01:46 2026 GMT
            Not After : Mar 30 07:01:46 2026 GMT
        Subject: CN=8f5041758f3ef1c93e2776ea8e9ae862f1c71ba1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:00:2c:79:54:b0:d7:41:88:36:4f:95:b1:fb:
                    65:f9:72:7b:56:52:7a:54:e6:0b:6d:bb:fa:29:5f:
                    f5:29:17:f5:10:b2:ca:ac:57:48:cd:95:4a:9b:38:
                    0d:37:d8:37:eb:b5:91:05:b8:bd:44:d0:f3:29:32:
                    96:13:cc:7f:a6:7a:f6:ea:b0:2d:0e:5a:b7:ad:59:
                    ce:17:df:92:31:7f:18:e0:89:8d:16:f2:0a:d7:8f:
                    50:e8:e7:10:85:bb:1d:f3:5d:ed:78:94:ab:c6:04:
                    f8:b5:b9:8b:23:82:f0:ce:0a:d6:25:70:55:f1:90:
                    66:bf:59:8c:ed:fe:e2:33:d6:25:22:3c:e4:6b:fd:
                    15:72:5a:53:45:9e:b4:10:a9:3a:e6:bb:c1:ad:18:
                    42:ab:4d:a5:aa:23:83:6a:8d:d2:f6:30:9d:88:58:
                    13:ad:4f:ce:44:fb:59:c0:a6:92:5f:1a:7a:34:95:
                    dc:f7:ec:4a:a8:31:25:47:42:68:dc:59:61:83:65:
                    fa:02:ce:4c:1a:5c:75:1c:9f:8b:4b:5c:d5:f4:b7:
                    ce:c0:b7:cb:94:3b:d4:0c:8c:f9:b5:36:ea:21:d7:
                    0b:b9:6b:19:66:1d:50:c3:6a:35:fd:11:33:1f:a9:
                    eb:2f:4e:78:d2:52:a4:a1:20:36:55:5b:27:65:5b:
                    ff:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:50:41:75:8F:3E:F1:C9:3E:27:76:EA:8E:9A:E8:62:F1:C7:1B:A1
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:5a:07:ed:c7:dc:ac:7b:c2:9d:23:8a:a2:05:5f:ac:ee:e5:
         b1:f2:3c:15:ce:34:96:dd:50:d8:e3:d2:1e:35:2c:ad:86:a3:
         18:ca:f6:59:2d:a3:d1:79:0c:85:9d:bc:49:4a:ce:85:95:73:
         94:a6:3e:32:cd:8a:15:55:ce:94:cf:d3:2e:bb:6e:ef:35:1a:
         6d:d8:e7:53:ff:60:3a:25:b7:41:a2:1d:42:94:74:fd:f6:5c:
         44:2b:8f:96:16:13:83:f9:b5:40:3b:a1:52:0d:88:22:19:be:
         c5:94:04:35:2b:d3:d1:f5:bc:60:ec:7b:78:25:1f:8a:55:45:
         88:aa:98:06:7e:b2:4e:73:bd:31:d7:82:75:3a:c4:1b:ef:3c:
         ee:c2:ac:69:81:69:ee:4a:9b:19:51:45:77:58:fc:c0:3e:e4:
         86:80:7b:d7:30:18:82:f5:f7:ae:42:62:db:0a:54:6d:a7:b7:
         da:5b:05:a7:82:c7:cb:b7:28:bc:13:8e:62:6a:09:c5:dd:7f:
         58:04:a7:bf:d1:a7:b6:fa:25:10:04:61:c7:93:e1:ff:0c:78:
         d8:69:92:70:68:e8:e6:68:73:88:18:5e:dd:70:f6:5d:f4:2f:
         9d:6c:c6:b8:d5:96:5e:c2:e3:00:d0:05:97:a7:c2:60:b8:31:
         2a:1c:22:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhEBhSuP/dqYhrIYB3fxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjYwMzI5MDcwMTQ2WhcNMjYwMzMwMDcwMTQ2WjAzMTEwLwYDVQQD
Eyg4ZjUwNDE3NThmM2VmMWM5M2UyNzc2ZWE4ZTlhZTg2MmYxYzcxYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAAseVSw10GINk+Vsftl+XJ7VlJ6
VOYLbbv6KV/1KRf1ELLKrFdIzZVKmzgNN9g367WRBbi9RNDzKTKWE8x/pnr26rAt
Dlq3rVnOF9+SMX8Y4ImNFvIK149Q6OcQhbsd813teJSrxgT4tbmLI4LwzgrWJXBV
8ZBmv1mM7f7iM9YlIjzka/0VclpTRZ60EKk65rvBrRhCq02lqiODao3S9jCdiFgT
rU/ORPtZwKaSXxp6NJXc9+xKqDElR0Jo3Flhg2X6As5MGlx1HJ+LS1zV9LfOwLfL
lDvUDIz5tTbqIdcLuWsZZh1Qw2o1/REzH6nrL0540lKkoSA2VVsnZVv/xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9QQXWPPvHJPid26o6a6GLxxxuhMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqVoH7cfc
rHvCnSOKogVfrO7lsfI8Fc40lt1Q2OPSHjUsrYajGMr2WS2j0XkMhZ28SUrOhZVz
lKY+Ms2KFVXOlM/TLrtu7zUabdjnU/9gOiW3QaIdQpR0/fZcRCuPlhYTg/m1QDuh
Ug2IIhm+xZQENSvT0fW8YOx7eCUfilVFiKqYBn6yTnO9MdeCdTrEG+887sKsaYFp
7kqbGVFFd1j8wD7khoB71zAYgvX3rkJi2wpUbae32lsFp4LHy7covBOOYmoJxd1/
WASnv9GntvolEARhx5Ph/wx42GmScGjo5mhziBhe3XD2XfQvnWzGuNWWXsLjANAF
l6fCYLgxKhwi8g==
-----END CERTIFICATE-----