Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft
File:                     OvseLvFesopYoCSKyvMnGPhpiGE.mft (raw, json)
Hash identifier:          6FAB2XA5tlwDnhlFhpMr+SrxhdKpvnliQi4by0GI1bU=
Subject key identifier:   DF:E6:60:BB:DB:76:4D:14:F3:17:27:B1:A0:FA:41:34:80:B0:7A:56
Authority key identifier: 3A:FB:1E:2E:F1:5E:B2:8A:58:A0:24:8A:CA:F3:27:18:F8:69:88:61
Certificate issuer:       /CN=3afb1e2ef15eb28a58a0248acaf32718f8698861
Certificate serial:       019D38D3D8A9E94EAF33F6C516DB0E2AD432
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OvseLvFesopYoCSKyvMnGPhpiGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft
Manifest number:          30
Signing time:             Sun 29 Mar 2026 09:01:40 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:40 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:40 +0000
Files and hashes:         1: OvseLvFesopYoCSKyvMnGPhpiGE.crl (hash: UfmMYR8EcDUgbTXJcPDhkZ5AB7sZ8g22LVwevMTPodg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OvseLvFesopYoCSKyvMnGPhpiGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:d8:a9:e9:4e:af:33:f6:c5:16:db:0e:2a:d4:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3afb1e2ef15eb28a58a0248acaf32718f8698861
        Validity
            Not Before: Mar 29 09:01:40 2026 GMT
            Not After : Mar 30 09:01:40 2026 GMT
        Subject: CN=dfe660bbdb764d14f31727b1a0fa413480b07a56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:4d:31:69:b3:04:43:40:55:f8:d2:6e:1f:2e:
                    c6:8b:9c:a4:09:03:7c:f4:7d:79:16:68:63:6f:91:
                    81:f1:0f:30:8c:4b:e6:26:cd:9a:54:02:9c:a7:69:
                    9f:c4:e7:4c:a9:d2:1e:ea:17:c3:94:85:cb:5d:ef:
                    1e:c6:15:e4:81:bb:b3:c9:49:84:7c:11:dc:d7:b3:
                    68:18:e2:74:7c:dd:b2:6a:05:48:44:c1:d0:de:34:
                    63:a4:4a:9d:d6:54:55:ab:68:e8:89:65:89:b6:a4:
                    b7:00:5a:1a:7c:75:2f:04:ee:99:0e:92:c6:30:0e:
                    0a:73:90:42:9f:f3:a6:58:15:7f:2d:1b:b6:cd:d9:
                    fa:39:13:56:cf:be:ae:d3:54:57:87:fe:6f:62:0a:
                    53:48:45:f0:9f:33:eb:2c:fb:50:b5:63:71:7f:d7:
                    f8:46:b6:15:d3:78:77:90:3e:92:ba:9c:f0:90:ff:
                    71:07:70:0f:30:68:7b:ad:e5:66:27:d5:20:ab:0c:
                    2d:31:66:ff:50:39:ec:c0:98:5d:26:78:42:5c:f0:
                    7d:7b:0f:d2:4a:a9:e1:21:37:8d:22:84:a0:fb:5d:
                    1e:a8:c8:11:b0:32:31:70:55:af:5b:d0:e4:05:61:
                    58:e8:47:cf:54:9d:d6:84:d5:ba:e3:d2:5b:7a:52:
                    88:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:E6:60:BB:DB:76:4D:14:F3:17:27:B1:A0:FA:41:34:80:B0:7A:56
            X509v3 Authority Key Identifier:
                keyid:3A:FB:1E:2E:F1:5E:B2:8A:58:A0:24:8A:CA:F3:27:18:F8:69:88:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvseLvFesopYoCSKyvMnGPhpiGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/73caa9-0d62-4972-8714-1ad3ce6d4538/1/OvseLvFesopYoCSKyvMnGPhpiGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:05:e6:04:af:c9:ef:35:52:1c:43:54:44:6e:a3:f4:9c:cb:
         49:fe:f9:1b:2e:80:48:e0:c9:45:0e:5c:e0:07:4e:92:0e:04:
         92:94:35:3d:f6:fb:a8:9a:ce:42:33:35:2d:03:49:0a:fe:36:
         fa:b2:6a:a9:d9:3a:db:05:d2:8d:d0:24:87:e4:8f:f1:ec:a3:
         e0:eb:66:e8:73:35:26:df:de:dc:c4:c0:dc:bf:45:8e:ae:b2:
         62:50:16:67:b6:5e:c6:10:4e:e8:b9:61:d0:39:90:ed:59:ab:
         ff:1d:b0:c8:97:00:40:12:e3:a4:ae:b8:81:e4:05:1a:99:eb:
         03:cf:a9:da:69:f2:e0:55:84:cc:53:16:23:23:ea:67:90:f5:
         7f:b9:5e:7b:bd:b5:23:8b:90:3f:5c:4d:ef:4d:82:55:0d:25:
         78:5a:02:2b:9b:61:b8:60:23:8f:58:13:7b:78:b0:ea:31:9a:
         f2:d8:35:a4:a8:22:4d:82:13:84:e3:dd:dd:cf:d8:6a:32:e4:
         3b:e8:6e:a8:1d:5e:8e:83:7a:ed:5b:20:29:9e:9f:28:c1:28:
         14:89:a7:5c:9e:b4:6c:84:82:0a:d8:ce:2b:d6:3e:36:73:eb:
         69:26:97:f9:d2:8d:c4:1e:ae:04:12:a0:eb:be:83:52:8e:12:
         45:95:70:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0409ip6U6vM/bFFtsOKtQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZmIxZTJlZjE1ZWIyOGE1OGEwMjQ4YWNhZjMyNzE4Zjg2
OTg4NjEwHhcNMjYwMzI5MDkwMTQwWhcNMjYwMzMwMDkwMTQwWjAzMTEwLwYDVQQD
EyhkZmU2NjBiYmRiNzY0ZDE0ZjMxNzI3YjFhMGZhNDEzNDgwYjA3YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9k0xabMEQ0BV+NJuHy7Gi5ykCQN8
9H15Fmhjb5GB8Q8wjEvmJs2aVAKcp2mfxOdMqdIe6hfDlIXLXe8exhXkgbuzyUmE
fBHc17NoGOJ0fN2yagVIRMHQ3jRjpEqd1lRVq2joiWWJtqS3AFoafHUvBO6ZDpLG
MA4Kc5BCn/OmWBV/LRu2zdn6ORNWz76u01RXh/5vYgpTSEXwnzPrLPtQtWNxf9f4
RrYV03h3kD6SupzwkP9xB3APMGh7reVmJ9UgqwwtMWb/UDnswJhdJnhCXPB9ew/S
SqnhITeNIoSg+10eqMgRsDIxcFWvW9DkBWFY6EfPVJ3WhNW649JbelKI+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/mYLvbdk0U8xcnsaD6QTSAsHpWMB8GA1UdIwQY
MBaAFDr7Hi7xXrKKWKAkisrzJxj4aYhhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZzZUx2RmVzb3BZb0NTS3l2TW5HUGhwaUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83M2NhYTktMGQ2Mi00OTcyLTg3MTQt
MWFkM2NlNmQ0NTM4LzEvT3ZzZUx2RmVzb3BZb0NTS3l2TW5HUGhwaUdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83M2NhYTktMGQ2Mi00OTcyLTg3MTQtMWFkM2NlNmQ0NTM4
LzEvT3ZzZUx2RmVzb3BZb0NTS3l2TW5HUGhwaUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQXmBK/J
7zVSHENURG6j9JzLSf75Gy6ASODJRQ5c4AdOkg4EkpQ1Pfb7qJrOQjM1LQNJCv42
+rJqqdk62wXSjdAkh+SP8eyj4Otm6HM1Jt/e3MTA3L9Fjq6yYlAWZ7ZexhBO6Llh
0DmQ7Vmr/x2wyJcAQBLjpK64geQFGpnrA8+p2mny4FWEzFMWIyPqZ5D1f7lee721
I4uQP1xN702CVQ0leFoCK5thuGAjj1gTe3iw6jGa8tg1pKgiTYIThOPd3c/YajLk
O+huqB1ejoN67VsgKZ6fKMEoFImnXJ60bISCCtjOK9Y+NnPraSaX+dKNxB6uBBKg
676DUo4SRZVwFA==
-----END CERTIFICATE-----