Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          zTsmvFUxS50wmlKbGKMemsXNrXsnChLwPrgCZXWHIWU=
Subject key identifier:   A6:0E:8E:7A:81:3B:F7:46:DD:DC:AD:4C:0D:77:A1:11:BC:22:7F:8A
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       019D3A537C7BA283F61AD544D89816FBD106
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 16:00:42 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:42 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:42 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: 7ZLxuo5YKuBWVPASPEJWfepMgFwehriLCeKPo7UrTOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:7c:7b:a2:83:f6:1a:d5:44:d8:98:16:fb:d1:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Mar 29 16:00:42 2026 GMT
            Not After : Mar 30 16:00:42 2026 GMT
        Subject: CN=a60e8e7a813bf746dddcad4c0d77a111bc227f8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:66:31:82:86:84:be:f3:5d:30:64:3e:7e:ca:
                    08:1b:d7:d4:3f:c8:3b:91:7a:01:0f:1a:c3:a2:ba:
                    e4:e6:bc:00:6b:85:f0:76:40:d0:71:fc:f4:7e:2e:
                    8e:6f:d5:fd:7d:60:93:97:f3:95:59:8e:90:a1:5e:
                    01:88:87:b7:45:b1:4b:d4:46:82:66:c4:aa:ae:c5:
                    2d:8c:b6:cd:12:6d:6a:a8:69:26:5b:33:d1:18:eb:
                    f7:83:89:83:80:cb:82:8b:bc:9d:71:b0:93:d1:fb:
                    e0:62:d1:b8:8f:be:d8:db:e9:5e:35:c4:0f:55:75:
                    a2:95:08:e8:fb:fa:19:e2:6a:85:5d:f2:d2:76:82:
                    32:47:eb:95:98:ed:65:c1:63:00:4e:7e:0f:9c:11:
                    99:ac:22:eb:48:e5:ac:54:5a:40:9b:6d:dd:72:8d:
                    c4:df:44:93:7c:06:0c:88:8b:ef:f4:c4:c5:e0:b5:
                    30:7f:2c:4d:71:42:fb:9c:9b:8c:a4:67:7c:40:6c:
                    75:75:03:1c:d8:f0:d5:bb:8e:e0:16:6f:5e:1e:71:
                    5e:0c:c4:02:7c:11:95:54:b7:2a:6f:da:c1:cc:83:
                    f5:b2:1d:45:35:a5:53:c5:31:2e:b8:cb:05:22:a2:
                    9b:6c:e9:a0:c1:bc:28:14:db:c2:dd:c6:4b:4c:30:
                    7f:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:0E:8E:7A:81:3B:F7:46:DD:DC:AD:4C:0D:77:A1:11:BC:22:7F:8A
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:49:f5:86:f0:34:6f:6a:a7:42:b3:ea:1c:0a:e7:68:1b:24:
         b1:f5:00:26:6e:0f:0a:e7:73:28:85:07:8e:a6:1e:b4:26:4c:
         f7:c5:e4:cf:f8:9a:ce:39:e3:d9:14:2b:99:5f:72:e5:b3:5a:
         46:b2:75:08:e3:31:24:4d:a0:ce:b2:59:59:3e:7e:be:b5:7a:
         73:97:05:4d:27:19:9e:f2:3e:78:0e:0a:28:1b:15:cd:0a:57:
         f8:fe:9e:20:94:df:07:75:72:a8:85:53:a1:17:b5:5a:71:c0:
         f1:d5:6f:82:1c:38:dc:99:b1:65:e2:70:ba:02:a6:86:b7:cd:
         58:56:c0:09:a2:78:1f:ea:58:64:41:da:21:56:ee:7e:db:89:
         2f:7a:59:b3:67:24:51:c3:0d:24:a6:40:27:01:e0:05:08:bb:
         21:71:06:46:89:07:e9:73:9e:5c:8d:44:53:3a:7c:eb:e5:a4:
         77:d4:4d:da:73:29:04:62:08:8a:58:c3:cf:ae:90:c4:49:c6:
         22:be:8d:21:6e:bc:ef:56:a2:b4:b6:9b:75:d3:1a:92:df:87:
         2d:53:10:e6:1b:d8:4c:67:e3:2e:a1:8c:f5:8f:96:ac:d6:3b:
         a6:30:04:31:17:4c:a1:b1:ea:11:7e:5f:10:a2:d8:5a:3f:37:
         87:dd:64:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U3x7ooP2GtVE2JgW+9EGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjYwMzI5MTYwMDQyWhcNMjYwMzMwMTYwMDQyWjAzMTEwLwYDVQQD
EyhhNjBlOGU3YTgxM2JmNzQ2ZGRkY2FkNGMwZDc3YTExMWJjMjI3ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmYxgoaEvvNdMGQ+fsoIG9fUP8g7
kXoBDxrDorrk5rwAa4XwdkDQcfz0fi6Ob9X9fWCTl/OVWY6QoV4BiIe3RbFL1EaC
ZsSqrsUtjLbNEm1qqGkmWzPRGOv3g4mDgMuCi7ydcbCT0fvgYtG4j77Y2+leNcQP
VXWilQjo+/oZ4mqFXfLSdoIyR+uVmO1lwWMATn4PnBGZrCLrSOWsVFpAm23dco3E
30STfAYMiIvv9MTF4LUwfyxNcUL7nJuMpGd8QGx1dQMc2PDVu47gFm9eHnFeDMQC
fBGVVLcqb9rBzIP1sh1FNaVTxTEuuMsFIqKbbOmgwbwoFNvC3cZLTDB/rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYOjnqBO/dG3dytTA13oRG8In+KMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfEn1hvA0
b2qnQrPqHArnaBsksfUAJm4PCudzKIUHjqYetCZM98Xkz/iazjnj2RQrmV9y5bNa
RrJ1COMxJE2gzrJZWT5+vrV6c5cFTScZnvI+eA4KKBsVzQpX+P6eIJTfB3VyqIVT
oRe1WnHA8dVvghw43JmxZeJwugKmhrfNWFbACaJ4H+pYZEHaIVbuftuJL3pZs2ck
UcMNJKZAJwHgBQi7IXEGRokH6XOeXI1EUzp86+Wkd9RN2nMpBGIIiljDz66QxEnG
Ir6NIW6871aitLabddMakt+HLVMQ5hvYTGfjLqGM9Y+WrNY7pjAEMRdMobHqEX5f
EKLYWj83h91k1A==
-----END CERTIFICATE-----