Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
File:                     OXy939eSBtZcTugWjq9ucJAg-V0.mft (raw, json)
Hash identifier:          7Fa3ayEpybqXn5lFdk48l/EXncvsc4htMLNGNKmB5vs=
Subject key identifier:   B4:9E:0B:03:4D:0E:21:FD:15:5C:F1:56:A9:EC:49:BC:5B:68:26:B5
Authority key identifier: 39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D
Certificate issuer:       /CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
Certificate serial:       019D38666B8571CFD94C0B7C00199F38FF48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
Manifest number:          0C4E
Signing time:             Sun 29 Mar 2026 07:02:09 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:09 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:09 +0000
Files and hashes:         1: OXy939eSBtZcTugWjq9ucJAg-V0.crl (hash: GhKceRSCKUmPZwyQhHvbp238VKkeen0BSK+7ubljGzM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:6b:85:71:cf:d9:4c:0b:7c:00:19:9f:38:ff:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397cbddfd79206d65c4ee8168eaf6e709020f95d
        Validity
            Not Before: Mar 29 07:02:09 2026 GMT
            Not After : Mar 30 07:02:09 2026 GMT
        Subject: CN=b49e0b034d0e21fd155cf156a9ec49bc5b6826b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:a6:b5:f1:e5:21:81:83:cc:ad:d5:49:7e:91:
                    37:36:20:57:73:da:12:96:84:0a:11:a0:37:94:8d:
                    11:80:8b:0c:4e:aa:26:b2:0b:21:5f:36:48:b9:5e:
                    b3:5f:66:0c:1c:16:a9:ca:92:9f:fa:15:32:26:87:
                    b1:8c:78:5b:fb:80:ae:b9:c7:2b:70:f5:14:1c:a4:
                    09:ab:9e:1c:07:f2:af:b0:bb:7f:92:c8:6d:cf:5f:
                    46:bd:61:fd:af:dd:09:a7:d1:11:62:1b:0e:6f:36:
                    c0:d7:bc:fd:2f:af:43:01:fc:aa:a7:b7:13:95:65:
                    10:25:5d:51:d2:50:8f:9b:36:82:60:97:b5:4f:14:
                    98:e5:d7:7b:6b:8e:9f:f5:85:74:7b:d1:6b:97:88:
                    91:61:ce:ef:4a:9a:9e:c3:2b:36:2f:38:17:e1:3f:
                    16:7b:7f:19:48:65:49:a1:04:04:27:76:ae:20:30:
                    11:ea:56:a5:db:54:30:f3:2c:61:1f:a5:88:8b:b9:
                    4d:5d:f2:1d:63:65:60:b9:b1:c8:8d:d9:31:69:a1:
                    d5:78:02:e2:60:fe:e9:e1:22:a9:d8:a6:9d:82:07:
                    db:50:bd:84:51:52:a3:00:7d:b6:09:51:12:c8:17:
                    d0:e7:cd:14:91:21:7c:64:68:fd:29:31:46:32:86:
                    26:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:9E:0B:03:4D:0E:21:FD:15:5C:F1:56:A9:EC:49:BC:5B:68:26:B5
            X509v3 Authority Key Identifier:
                keyid:39:7C:BD:DF:D7:92:06:D6:5C:4E:E8:16:8E:AF:6E:70:90:20:F9:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXy939eSBtZcTugWjq9ucJAg-V0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d7a4d5-5144-4e18-887c-a6b0fde21906/1/OXy939eSBtZcTugWjq9ucJAg-V0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:da:6e:49:0e:46:6f:6c:19:86:15:34:19:8f:21:11:69:93:
         92:06:17:9c:6e:9e:92:cc:e1:45:f2:5d:c2:ad:ed:86:62:2b:
         28:ae:1b:14:49:16:0d:c6:8c:40:45:74:5d:7e:e3:14:ee:65:
         38:b1:a4:81:4d:68:68:cd:51:d4:58:61:15:59:ed:b3:13:e4:
         f8:55:0f:73:a3:ac:40:b4:eb:27:36:1d:4f:b0:4b:2a:5c:6f:
         69:5b:fc:07:89:17:36:cf:dd:7f:f3:ef:e9:3a:48:70:a3:6e:
         d5:2b:20:11:14:a3:e1:5a:37:d3:8c:5e:c2:75:24:d3:9e:f4:
         4d:c0:04:55:4b:c3:59:39:77:18:e8:0b:d6:94:52:86:50:0b:
         c7:91:9b:f1:e1:4f:7b:18:12:f2:be:29:23:9b:a0:c9:2d:89:
         0e:8f:c6:60:db:b9:df:0a:48:76:1b:68:5d:b0:c7:0b:fd:cf:
         ba:b8:55:b1:5c:a1:cf:66:ee:81:b1:46:b5:fc:e6:de:dc:5c:
         43:9f:16:42:a3:0e:d3:49:98:22:1c:f0:fa:12:36:dd:64:bb:
         fc:14:3f:c6:71:ec:dc:fe:6c:0e:1f:cd:aa:bf:7c:b6:68:1a:
         20:e9:21:9d:f9:1c:fb:77:b4:f9:90:05:f9:38:52:9e:ae:45:
         d0:a7:fc:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmuFcc/ZTAt8ABmfOP9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2NiZGRmZDc5MjA2ZDY1YzRlZTgxNjhlYWY2ZTcwOTAy
MGY5NWQwHhcNMjYwMzI5MDcwMjA5WhcNMjYwMzMwMDcwMjA5WjAzMTEwLwYDVQQD
EyhiNDllMGIwMzRkMGUyMWZkMTU1Y2YxNTZhOWVjNDliYzViNjgyNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qa18eUhgYPMrdVJfpE3NiBXc9oS
loQKEaA3lI0RgIsMTqomsgshXzZIuV6zX2YMHBapypKf+hUyJoexjHhb+4Cuuccr
cPUUHKQJq54cB/KvsLt/kshtz19GvWH9r90Jp9ERYhsObzbA17z9L69DAfyqp7cT
lWUQJV1R0lCPmzaCYJe1TxSY5dd7a46f9YV0e9Frl4iRYc7vSpqewys2LzgX4T8W
e38ZSGVJoQQEJ3auIDAR6lal21Qw8yxhH6WIi7lNXfIdY2VgubHIjdkxaaHVeALi
YP7p4SKp2KadggfbUL2EUVKjAH22CVESyBfQ580UkSF8ZGj9KTFGMoYmAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSeCwNNDiH9FVzxVqnsSbxbaCa1MB8GA1UdIwQY
MBaAFDl8vd/XkgbWXE7oFo6vbnCQIPldMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2Mt
YTZiMGZkZTIxOTA2LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kN2E0ZDUtNTE0NC00ZTE4LTg4N2MtYTZiMGZkZTIxOTA2
LzEvT1h5OTM5ZVNCdFpjVHVnV2pxOXVjSkFnLVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALdpuSQ5G
b2wZhhU0GY8hEWmTkgYXnG6ekszhRfJdwq3thmIrKK4bFEkWDcaMQEV0XX7jFO5l
OLGkgU1oaM1R1FhhFVntsxPk+FUPc6OsQLTrJzYdT7BLKlxvaVv8B4kXNs/df/Pv
6TpIcKNu1SsgERSj4Vo304xewnUk0570TcAEVUvDWTl3GOgL1pRShlALx5Gb8eFP
exgS8r4pI5ugyS2JDo/GYNu53wpIdhtoXbDHC/3PurhVsVyhz2bugbFGtfzm3txc
Q58WQqMO00mYIhzw+hI23WS7/BQ/xnHs3P5sDh/Nqr98tmgaIOkhnfkc+3e0+ZAF
+ThSnq5F0Kf8YQ==
-----END CERTIFICATE-----