Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
File:                     O5pBDtUm-GwybZG2KApEGhbAxnY.mft (raw, json)
Hash identifier:          l+KVQzXs9KJtbLAJjM5GwLLg0aakszK6dO7WTH/GUSM=
Subject key identifier:   5B:D6:72:36:44:55:7F:A2:69:6E:29:CD:1C:22:A0:94:B5:08:7F:F5
Authority key identifier: 3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76
Certificate issuer:       /CN=3b9a410ed526f86c326d91b6280a441a16c0c676
Certificate serial:       019D38D3AB4AEE5FCDDC722D61434FE69F76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
Manifest number:          09F9
Signing time:             Sun 29 Mar 2026 09:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:29 +0000
Files and hashes:         1: O5pBDtUm-GwybZG2KApEGhbAxnY.crl (hash: IuBm7Ac5hq2OE5shESe/87n+iOJfQijP2Fk9SG9Ya74=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:ab:4a:ee:5f:cd:dc:72:2d:61:43:4f:e6:9f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b9a410ed526f86c326d91b6280a441a16c0c676
        Validity
            Not Before: Mar 29 09:01:29 2026 GMT
            Not After : Mar 30 09:01:29 2026 GMT
        Subject: CN=5bd6723644557fa2696e29cd1c22a094b5087ff5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ca:0e:ee:c7:39:1f:97:7e:65:3b:fc:8f:b6:
                    b8:c7:73:06:eb:aa:3d:c6:67:62:4d:c7:5d:22:89:
                    dc:7b:66:26:cb:d3:61:b1:4b:51:b7:f2:cc:10:9e:
                    9d:ed:74:7d:a4:06:bf:e4:1c:60:b9:71:74:b8:03:
                    48:77:f4:47:43:a3:1c:ed:4d:43:4b:0b:32:bf:52:
                    62:ff:09:e8:38:99:1b:9f:a6:2b:94:3c:92:b0:ec:
                    7a:a2:9e:c1:f8:5f:0c:72:77:03:7a:27:8c:2b:b1:
                    de:a9:da:6e:da:93:d5:91:59:ac:0c:62:5a:20:02:
                    75:27:0a:8c:29:9c:df:33:e0:13:78:28:27:5b:23:
                    e0:a3:8b:9d:2e:bf:70:67:c4:c8:0d:ca:84:aa:ac:
                    32:c5:09:c8:b2:71:ca:fa:a3:00:96:52:6d:27:84:
                    74:86:3a:19:0a:82:12:3b:86:23:7a:ab:8b:66:89:
                    c8:a5:52:7f:72:dc:58:f0:24:93:da:f4:dd:b6:2b:
                    be:dd:f7:93:1d:3c:96:f3:5d:22:d4:ec:a1:e9:ca:
                    48:8e:2d:4d:b3:22:68:36:50:b3:c8:7d:a0:c0:b7:
                    12:2f:95:4e:15:5f:cd:2c:5b:12:99:20:67:da:4a:
                    0b:43:04:89:59:02:f8:04:48:5c:e6:3f:2e:40:53:
                    f6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:D6:72:36:44:55:7F:A2:69:6E:29:CD:1C:22:A0:94:B5:08:7F:F5
            X509v3 Authority Key Identifier:
                keyid:3B:9A:41:0E:D5:26:F8:6C:32:6D:91:B6:28:0A:44:1A:16:C0:C6:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5pBDtUm-GwybZG2KApEGhbAxnY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/5e8e04-e6ea-4d59-b2f7-df0a6dc282a0/1/O5pBDtUm-GwybZG2KApEGhbAxnY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:2b:73:3a:e6:95:bf:ea:10:ed:1c:db:e5:5b:62:cf:ca:6f:
         bc:db:81:9d:f0:13:4a:49:2a:a4:1e:ab:cb:3c:3c:d4:72:cf:
         ac:5c:2e:ea:ab:07:29:1b:8e:1f:ae:a8:82:cb:35:19:36:73:
         8f:c3:f1:c5:4c:84:2f:30:43:4c:93:fc:92:e4:5d:3b:42:e2:
         88:9a:a6:f3:5b:66:48:80:6f:1e:12:5e:08:bd:2f:00:60:eb:
         ec:be:84:2b:d8:aa:e5:9c:d3:60:14:b7:0e:bf:57:66:76:75:
         4c:36:f9:ff:c2:e5:a3:a3:91:41:70:3e:fa:41:ff:3c:64:5d:
         38:5e:fb:54:6d:1f:2a:0e:60:c2:36:5a:2d:2e:f6:cd:17:f1:
         0f:9a:82:e0:ff:df:ec:9a:7a:3a:c0:92:cc:4e:f5:75:54:74:
         42:7b:38:e7:72:5f:28:d0:0e:e4:98:69:5d:51:10:ed:9d:0d:
         9a:24:35:c6:6f:b9:2b:19:cb:5f:e5:02:7e:45:95:5e:ed:2f:
         de:f7:9e:54:45:05:98:68:62:0c:c9:3d:59:35:e5:9b:3f:98:
         ee:4c:8a:db:11:2f:70:d6:69:8c:cf:75:e5:a9:ee:40:5c:43:
         f9:e2:51:28:5f:c2:fc:f6:1a:05:d5:31:ab:93:58:5c:41:b0:
         e2:48:fd:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406tK7l/N3HItYUNP5p92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOWE0MTBlZDUyNmY4NmMzMjZkOTFiNjI4MGE0NDFhMTZj
MGM2NzYwHhcNMjYwMzI5MDkwMTI5WhcNMjYwMzMwMDkwMTI5WjAzMTEwLwYDVQQD
Eyg1YmQ2NzIzNjQ0NTU3ZmEyNjk2ZTI5Y2QxYzIyYTA5NGI1MDg3ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsoO7sc5H5d+ZTv8j7a4x3MG66o9
xmdiTcddIonce2Ymy9NhsUtRt/LMEJ6d7XR9pAa/5BxguXF0uANId/RHQ6Mc7U1D
Swsyv1Ji/wnoOJkbn6YrlDySsOx6op7B+F8McncDeieMK7Heqdpu2pPVkVmsDGJa
IAJ1JwqMKZzfM+ATeCgnWyPgo4udLr9wZ8TIDcqEqqwyxQnIsnHK+qMAllJtJ4R0
hjoZCoISO4YjequLZonIpVJ/ctxY8CST2vTdtiu+3feTHTyW810i1Oyh6cpIji1N
syJoNlCzyH2gwLcSL5VOFV/NLFsSmSBn2koLQwSJWQL4BEhc5j8uQFP2IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvWcjZEVX+iaW4pzRwioJS1CH/1MB8GA1UdIwQY
MBaAFDuaQQ7VJvhsMm2RtigKRBoWwMZ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjct
ZGYwYTZkYzI4MmEwLzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC81ZThlMDQtZTZlYS00ZDU5LWIyZjctZGYwYTZkYzI4MmEw
LzEvTzVwQkR0VW0tR3d5YlpHMktBcEVHaGJBeG5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmCtzOuaV
v+oQ7Rzb5Vtiz8pvvNuBnfATSkkqpB6ryzw81HLPrFwu6qsHKRuOH66ogss1GTZz
j8PxxUyELzBDTJP8kuRdO0LiiJqm81tmSIBvHhJeCL0vAGDr7L6EK9iq5ZzTYBS3
Dr9XZnZ1TDb5/8Llo6ORQXA++kH/PGRdOF77VG0fKg5gwjZaLS72zRfxD5qC4P/f
7Jp6OsCSzE71dVR0Qns453JfKNAO5JhpXVEQ7Z0NmiQ1xm+5KxnLX+UCfkWVXu0v
3veeVEUFmGhiDMk9WTXlmz+Y7kyK2xEvcNZpjM915anuQFxD+eJRKF/C/PYaBdUx
q5NYXEGw4kj9ng==
-----END CERTIFICATE-----