Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          SsuON0OIh/Joywx+n01LiOPrZ9cEAv7Kpz2S1HJwcKk=
Subject key identifier:   47:A7:E6:C4:E7:18:1B:B3:FF:CC:F5:86:A6:A6:9B:9D:DA:3F:E3:35
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019D37C11EB80F3BB2BBD27FFE6A5F8E63DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0C9E
Signing time:             Sun 29 Mar 2026 04:01:36 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:36 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:36 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: x2rW/ScNPVvCq89IK9iA8pns8Vn0q0F16J0zHZyf2Ow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:1e:b8:0f:3b:b2:bb:d2:7f:fe:6a:5f:8e:63:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Mar 29 04:01:36 2026 GMT
            Not After : Mar 30 04:01:36 2026 GMT
        Subject: CN=47a7e6c4e7181bb3ffccf586a6a69b9dda3fe335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:9a:38:16:46:d5:f1:38:fa:a8:54:b1:7e:e9:
                    1c:fd:40:dc:e2:f0:e8:c2:23:75:f7:f7:db:aa:5a:
                    9c:49:9d:9c:60:36:c1:ca:85:c0:9b:03:8a:0b:a3:
                    e8:67:6a:9b:de:58:e0:d5:6e:ad:56:5e:0d:37:4d:
                    f2:df:b0:af:ff:97:d6:45:50:f3:1f:ec:f8:da:1e:
                    d3:d3:54:57:ab:99:ad:e1:42:5d:1d:c4:b1:de:a1:
                    0d:6b:93:f3:c4:80:b2:33:f4:e2:11:98:3d:30:69:
                    22:92:26:a8:a8:cb:3b:c7:ff:87:d7:86:e9:e0:2f:
                    47:2d:0a:58:95:73:11:a6:4f:45:b1:47:20:59:a1:
                    ed:a6:65:11:57:61:ab:5f:9f:a6:59:27:1a:83:0e:
                    62:c9:a3:64:ea:a0:33:ea:b2:57:cf:00:71:d1:12:
                    2d:14:46:79:9f:3a:f6:46:0d:78:49:db:af:7c:28:
                    bc:9e:8e:5c:09:28:69:0f:e4:dd:b4:c1:78:42:86:
                    e7:f4:53:af:95:b3:45:bd:a4:cd:3b:5d:53:11:fc:
                    d5:dc:5c:b1:b5:40:48:76:91:73:69:8f:51:e6:2a:
                    51:65:3b:3b:30:e4:2c:7c:72:c9:62:c5:ec:e0:d0:
                    bd:72:58:94:63:78:7b:bb:6e:eb:f8:b8:94:51:c1:
                    bf:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A7:E6:C4:E7:18:1B:B3:FF:CC:F5:86:A6:A6:9B:9D:DA:3F:E3:35
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:3c:12:a9:aa:7a:1b:7c:1c:7a:29:e4:f6:3f:de:0e:68:ec:
         ca:03:5a:8a:d1:45:95:13:06:74:03:aa:18:df:19:9c:36:35:
         4a:73:d9:05:29:d9:55:71:3e:f8:9c:27:21:21:45:7b:b6:35:
         f1:00:0f:20:0c:2a:a0:d6:04:94:54:e7:3b:31:71:f9:06:31:
         ec:d6:6a:a8:33:01:3d:ed:6f:47:10:fe:f6:17:10:16:24:f4:
         46:3f:e8:0e:20:01:3e:99:8f:2d:f5:c4:24:16:18:32:e5:40:
         72:ea:af:df:76:c0:58:5b:25:df:8a:0c:a7:43:3e:9a:74:45:
         a1:31:6a:02:1a:df:e0:64:67:ca:62:22:9f:4a:c4:92:b1:83:
         0f:f2:44:10:03:2f:00:5c:f4:c7:03:27:11:20:48:3e:7e:a7:
         84:9d:b5:eb:14:70:b7:85:11:90:59:a6:b3:fa:13:9d:be:ff:
         5f:1b:e5:10:0e:c1:33:e5:41:dd:15:0c:95:6a:79:cd:f5:82:
         fb:f6:c9:ad:9a:05:75:bd:46:02:f3:0b:89:84:c3:ae:52:81:
         de:ab:5e:f4:f2:b5:98:c7:39:26:e8:6b:38:9f:86:f2:05:22:
         36:95:2a:f1:e5:b7:a9:9b:a8:48:3e:a7:cc:37:00:1c:54:62:
         0e:21:1e:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wR64Dzuyu9J//mpfjmPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjYwMzI5MDQwMTM2WhcNMjYwMzMwMDQwMTM2WjAzMTEwLwYDVQQD
Eyg0N2E3ZTZjNGU3MTgxYmIzZmZjY2Y1ODZhNmE2OWI5ZGRhM2ZlMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5o4FkbV8Tj6qFSxfukc/UDc4vDo
wiN19/fbqlqcSZ2cYDbByoXAmwOKC6PoZ2qb3ljg1W6tVl4NN03y37Cv/5fWRVDz
H+z42h7T01RXq5mt4UJdHcSx3qENa5PzxICyM/TiEZg9MGkikiaoqMs7x/+H14bp
4C9HLQpYlXMRpk9FsUcgWaHtpmURV2GrX5+mWScagw5iyaNk6qAz6rJXzwBx0RIt
FEZ5nzr2Rg14SduvfCi8no5cCShpD+TdtMF4Qobn9FOvlbNFvaTNO11TEfzV3Fyx
tUBIdpFzaY9R5ipRZTs7MOQsfHLJYsXs4NC9cliUY3h7u27r+LiUUcG/MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEen5sTnGBuz/8z1hqamm53aP+M1MB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANzwSqap6
G3wceink9j/eDmjsygNaitFFlRMGdAOqGN8ZnDY1SnPZBSnZVXE++JwnISFFe7Y1
8QAPIAwqoNYElFTnOzFx+QYx7NZqqDMBPe1vRxD+9hcQFiT0Rj/oDiABPpmPLfXE
JBYYMuVAcuqv33bAWFsl34oMp0M+mnRFoTFqAhrf4GRnymIin0rEkrGDD/JEEAMv
AFz0xwMnESBIPn6nhJ216xRwt4URkFmms/oTnb7/XxvlEA7BM+VB3RUMlWp5zfWC
+/bJrZoFdb1GAvMLiYTDrlKB3qte9PK1mMc5JuhrOJ+G8gUiNpUq8eW3qZuoSD6n
zDcAHFRiDiEe5Q==
-----END CERTIFICATE-----