Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          9JTBaqYmnJMbZUWiW/1JJeJBfVfGwAHMu/8FpfzwXhk=
Subject key identifier:   87:73:F1:C0:BC:1E:CA:DE:EB:78:E6:4B:FC:39:BB:0B:75:71:34:C4
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       019D3940FF7305B22040A493D63B537D2F97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          080B
Signing time:             Sun 29 Mar 2026 11:00:54 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:54 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:54 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: e249AnmOO9Ij6mBNAaoK+pR/7Ze5OKrU8kgXzKp4als=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:ff:73:05:b2:20:40:a4:93:d6:3b:53:7d:2f:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Mar 29 11:00:54 2026 GMT
            Not After : Mar 30 11:00:54 2026 GMT
        Subject: CN=8773f1c0bc1ecadeeb78e64bfc39bb0b757134c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:e4:a0:d8:c9:82:d6:be:1a:a9:03:4d:33:1c:
                    03:0c:e0:58:79:f8:75:07:89:08:a9:1e:3c:24:9f:
                    84:af:21:d7:59:6f:51:5f:d9:ed:ca:78:f2:11:5e:
                    18:b7:59:48:b9:8d:2f:85:73:21:cc:3d:b5:37:f7:
                    e6:c4:b2:66:cf:4c:73:e0:8d:f1:aa:29:2a:d0:c5:
                    55:ff:2e:fb:93:b9:d3:75:79:ab:75:09:a3:40:dc:
                    b7:6c:25:af:28:9c:9f:c6:1b:fb:34:e0:4d:41:3f:
                    34:cf:a6:83:42:0c:a4:96:37:42:63:80:52:dd:03:
                    53:52:ff:ad:c8:40:7d:ad:ff:ee:c9:0c:10:a7:6e:
                    c3:61:14:54:0a:d7:71:c2:fc:6a:78:18:9b:ac:6a:
                    34:21:34:49:d6:e0:0d:c5:c4:3d:08:81:65:8c:c7:
                    14:f3:08:41:08:fe:51:b7:18:51:cd:ea:69:75:db:
                    7b:4f:8f:4d:71:0b:cb:d4:92:f0:9b:e3:d5:26:2a:
                    15:cc:7c:26:95:80:55:e4:24:a2:16:e5:f6:3e:b8:
                    83:32:54:9d:e5:dd:71:97:a2:ac:e0:ee:56:75:d2:
                    21:68:d6:da:09:c5:bd:b8:ec:c9:0e:75:84:04:f1:
                    6b:ac:f5:23:c4:dc:91:7c:1d:67:62:3b:93:b2:ca:
                    8c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:73:F1:C0:BC:1E:CA:DE:EB:78:E6:4B:FC:39:BB:0B:75:71:34:C4
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:00:0b:23:38:e0:d7:2f:1e:e4:45:53:77:f4:bb:35:cb:bf:
         5b:e2:c2:7f:2a:15:cb:19:50:84:c1:25:31:9c:a9:49:1e:d5:
         3f:50:38:25:44:c6:20:94:2a:24:2f:1a:f1:f1:14:af:db:22:
         f9:c2:45:b5:cc:b8:93:04:e6:0d:d5:87:e1:53:5b:d4:37:42:
         53:61:a6:fa:ab:d2:d0:d8:4e:77:5d:5b:2a:38:5e:2a:68:d6:
         83:1a:9e:2a:ae:40:27:33:04:7f:a9:0f:3e:ca:de:4e:7a:a2:
         41:fe:70:26:8a:2f:45:ac:74:89:8f:b6:54:ab:fc:a6:0c:8b:
         9e:aa:b8:53:bf:46:01:e4:3a:53:b3:ab:0f:bb:04:86:31:e5:
         e6:9a:68:f5:db:f1:9b:9e:3d:8e:3d:1e:fd:d0:b6:d1:ef:89:
         d6:19:f5:93:3a:1d:16:06:b9:db:70:27:c2:f8:98:8d:3a:6d:
         4e:e6:52:62:62:5e:3c:ce:f4:f3:42:af:b1:45:53:34:74:d3:
         e7:0f:be:e7:76:19:20:af:99:05:f1:e1:d3:6d:60:d3:fc:e7:
         22:30:b1:06:84:c7:57:eb:68:79:e6:05:5e:84:7d:36:8d:8f:
         da:6d:16:ef:53:c8:18:a3:17:d6:5b:00:2e:4a:25:69:a6:8e:
         2e:3f:35:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QP9zBbIgQKST1jtTfS+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjYwMzI5MTEwMDU0WhcNMjYwMzMwMTEwMDU0WjAzMTEwLwYDVQQD
Eyg4NzczZjFjMGJjMWVjYWRlZWI3OGU2NGJmYzM5YmIwYjc1NzEzNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eSg2MmC1r4aqQNNMxwDDOBYefh1
B4kIqR48JJ+EryHXWW9RX9ntynjyEV4Yt1lIuY0vhXMhzD21N/fmxLJmz0xz4I3x
qikq0MVV/y77k7nTdXmrdQmjQNy3bCWvKJyfxhv7NOBNQT80z6aDQgykljdCY4BS
3QNTUv+tyEB9rf/uyQwQp27DYRRUCtdxwvxqeBibrGo0ITRJ1uANxcQ9CIFljMcU
8whBCP5RtxhRzeppddt7T49NcQvL1JLwm+PVJioVzHwmlYBV5CSiFuX2PriDMlSd
5d1xl6Ks4O5WddIhaNbaCcW9uOzJDnWEBPFrrPUjxNyRfB1nYjuTssqMdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIdz8cC8Hsre63jmS/w5uwt1cTTEMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACgALIzjg
1y8e5EVTd/S7Ncu/W+LCfyoVyxlQhMElMZypSR7VP1A4JUTGIJQqJC8a8fEUr9si
+cJFtcy4kwTmDdWH4VNb1DdCU2Gm+qvS0NhOd11bKjheKmjWgxqeKq5AJzMEf6kP
PsreTnqiQf5wJoovRax0iY+2VKv8pgyLnqq4U79GAeQ6U7OrD7sEhjHl5ppo9dvx
m549jj0e/dC20e+J1hn1kzodFga523AnwviYjTptTuZSYmJePM7080KvsUVTNHTT
5w++53YZIK+ZBfHh021g0/znIjCxBoTHV+toeeYFXoR9No2P2m0W71PIGKMX1lsA
LkolaaaOLj81TQ==
-----END CERTIFICATE-----