Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          GCFJ++p4oHq55lLSHpycuYfWjKtUrus1IUMfYof8Nvo=
Subject key identifier:   A2:C2:C1:CC:79:1A:50:66:2C:58:B4:C1:F5:04:6F:70:CF:7E:A7:D5
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       019D38D2DFD0FB94CEA53EF0445CCDEB21D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          15DA
Signing time:             Sun 29 Mar 2026 09:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:37 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: XmdNKSSMRjpN0WEDt3IfEWDlJDgF5ozyVzQ8YmNgsQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:df:d0:fb:94:ce:a5:3e:f0:44:5c:cd:eb:21:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: Mar 29 09:00:37 2026 GMT
            Not After : Mar 30 09:00:37 2026 GMT
        Subject: CN=a2c2c1cc791a50662c58b4c1f5046f70cf7ea7d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c1:6f:d2:17:0a:8f:40:17:7b:55:82:4f:3d:
                    1d:a5:db:18:8d:ef:4c:61:aa:62:4e:5e:03:68:72:
                    d4:65:c4:31:49:4e:e6:8b:71:2f:7e:3c:8a:e3:d4:
                    53:a3:5a:25:33:be:8c:0a:51:2b:ed:5d:e8:27:33:
                    35:28:5b:20:86:2a:73:16:b6:09:0d:7a:7f:26:9c:
                    ce:2e:e3:cf:ee:8b:ca:6a:a9:9d:9c:22:b0:df:56:
                    cc:e7:7d:36:e4:6c:89:3b:8c:b2:66:52:27:90:7e:
                    8c:81:95:1b:a6:c5:d4:e0:c5:71:0b:1a:0d:8e:01:
                    1d:fd:a0:8f:2e:7a:c7:27:a3:66:44:6f:b5:b4:31:
                    c2:51:1d:f2:ba:4c:1d:ba:34:7f:89:42:a5:a3:09:
                    fd:6e:b1:12:87:fc:4c:bb:de:39:ca:3a:c7:28:30:
                    c6:e5:f4:f2:61:a5:9e:e4:04:ce:b7:b7:77:06:29:
                    f5:07:16:a2:40:b8:56:e6:aa:5c:77:41:9b:f9:72:
                    4b:01:f0:ae:8b:3d:e2:31:2c:9f:3d:8b:d3:7d:75:
                    7a:71:50:cf:be:e2:44:5c:42:46:3e:fd:bc:4a:e7:
                    5b:76:d4:49:07:d3:50:b6:6a:27:2c:c6:8b:d1:9d:
                    ba:23:7a:49:fc:81:05:32:6b:da:81:69:2d:bb:b7:
                    47:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C2:C1:CC:79:1A:50:66:2C:58:B4:C1:F5:04:6F:70:CF:7E:A7:D5
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:cb:c9:fd:a8:44:27:7b:26:61:81:a7:a8:cb:95:38:84:8b:
         f0:f2:26:af:90:ab:cc:59:e7:da:90:3f:84:d5:5a:58:8b:20:
         22:a0:50:a2:9c:55:58:ee:cc:29:ec:9a:d2:4a:5c:2b:a4:72:
         f6:4a:0b:67:b3:f2:78:42:33:33:1a:3c:ea:17:21:fd:55:eb:
         0b:e3:69:96:9d:00:7c:e7:fb:f0:31:79:71:7a:d0:f1:0b:b9:
         43:e1:92:84:12:57:99:e4:fd:74:ae:e5:6a:6a:5e:1b:e7:a2:
         a7:a2:83:b5:8f:76:32:5a:86:5a:aa:8f:f7:f2:15:b9:50:a9:
         51:22:81:b8:01:e5:49:62:8a:1d:94:66:4a:a6:f9:d6:be:39:
         8b:fb:52:b4:79:4e:cf:b8:fe:73:84:d0:bf:48:f5:ef:83:bc:
         c8:f7:a7:70:ee:a4:ef:93:28:ce:be:87:84:b8:96:d6:51:4a:
         d4:65:39:8a:33:29:b4:17:86:80:3b:20:af:94:b3:52:6d:b1:
         66:b5:71:32:8b:b5:65:0d:05:55:89:24:c9:1e:30:a6:b9:f8:
         00:2d:ac:d2:23:85:25:27:e6:d2:f1:9a:70:59:5c:bc:5b:31:
         ac:7e:ee:c2:82:5c:79:a0:ac:39:8b:a7:9b:a3:92:cd:3a:58:
         17:95:dc:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040t/Q+5TOpT7wRFzN6yHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjYwMzI5MDkwMDM3WhcNMjYwMzMwMDkwMDM3WjAzMTEwLwYDVQQD
EyhhMmMyYzFjYzc5MWE1MDY2MmM1OGI0YzFmNTA0NmY3MGNmN2VhN2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsFv0hcKj0AXe1WCTz0dpdsYje9M
YapiTl4DaHLUZcQxSU7mi3EvfjyK49RTo1olM76MClEr7V3oJzM1KFsghipzFrYJ
DXp/JpzOLuPP7ovKaqmdnCKw31bM53025GyJO4yyZlInkH6MgZUbpsXU4MVxCxoN
jgEd/aCPLnrHJ6NmRG+1tDHCUR3yukwdujR/iUKlown9brESh/xMu945yjrHKDDG
5fTyYaWe5ATOt7d3Bin1BxaiQLhW5qpcd0Gb+XJLAfCuiz3iMSyfPYvTfXV6cVDP
vuJEXEJGPv28SudbdtRJB9NQtmonLMaL0Z26I3pJ/IEFMmvagWktu7dHHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLCwcx5GlBmLFi0wfUEb3DPfqfVMB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasvJ/ahE
J3smYYGnqMuVOISL8PImr5CrzFnn2pA/hNVaWIsgIqBQopxVWO7MKeya0kpcK6Ry
9koLZ7PyeEIzMxo86hch/VXrC+Nplp0AfOf78DF5cXrQ8Qu5Q+GShBJXmeT9dK7l
ampeG+eip6KDtY92MlqGWqqP9/IVuVCpUSKBuAHlSWKKHZRmSqb51r45i/tStHlO
z7j+c4TQv0j174O8yPencO6k75Mozr6HhLiW1lFK1GU5ijMptBeGgDsgr5SzUm2x
ZrVxMou1ZQ0FVYkkyR4wprn4AC2s0iOFJSfm0vGacFlcvFsxrH7uwoJceaCsOYun
m6OSzTpYF5XcrQ==
-----END CERTIFICATE-----