Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          P9X+yu3KeGj04hjDmSj/n2UWTjSrV9tUKoWwBSAS5P4=
Subject key identifier:   18:53:FD:6F:E5:22:5E:9D:70:B0:11:F1:95:BE:E9:DC:D9:CC:D1:84
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019D3865E1507A1CE616C9923FD474701778
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          0C9B
Signing time:             Sun 29 Mar 2026 07:01:33 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:33 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:33 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: CbPJWLyCAvUL6+KHPVe206nz+fycduSC81DqL80tYqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:e1:50:7a:1c:e6:16:c9:92:3f:d4:74:70:17:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: Mar 29 07:01:33 2026 GMT
            Not After : Mar 30 07:01:33 2026 GMT
        Subject: CN=1853fd6fe5225e9d70b011f195bee9dcd9ccd184
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:00:a8:67:ee:59:27:1b:3d:34:1f:f0:f0:4e:
                    4b:39:d5:91:21:9e:91:d2:e4:ec:50:54:d1:61:88:
                    33:7b:d9:c5:cf:aa:c4:5c:77:df:b2:a4:dc:12:4a:
                    fd:03:99:58:7a:e1:cd:bc:73:9b:23:fb:85:62:c8:
                    86:1a:9d:5f:ff:9f:e7:78:51:fd:14:53:23:17:8f:
                    c6:09:dd:2c:19:2a:32:ca:88:b2:ba:38:ca:70:c2:
                    0d:a0:98:d8:66:50:21:66:8e:fb:32:85:80:2d:f5:
                    22:50:bd:10:42:77:36:48:2f:ae:3a:22:ce:77:2e:
                    91:dd:2a:40:20:f8:5e:10:a1:d1:ac:5f:47:df:89:
                    42:78:82:06:66:9d:f5:3e:cf:35:6a:f2:d8:17:24:
                    bb:7e:38:91:85:b0:0c:ef:bb:6a:6e:98:2a:3c:3a:
                    b1:8e:c7:8e:61:9a:c2:8c:f5:7d:44:91:7c:a7:e7:
                    49:fb:42:f3:b0:07:82:4d:09:a9:3e:ee:49:58:0e:
                    eb:8b:da:ab:8c:95:53:a0:fe:da:52:f3:ec:44:5c:
                    bd:72:b9:70:4c:47:13:5c:fe:d2:65:fa:b7:36:fa:
                    a4:73:2d:33:ca:b7:42:5b:b4:1e:50:28:1d:b3:e7:
                    90:8a:59:6d:2d:2a:88:1a:56:31:22:e8:c1:6d:1f:
                    1e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:53:FD:6F:E5:22:5E:9D:70:B0:11:F1:95:BE:E9:DC:D9:CC:D1:84
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:c6:37:4a:65:c7:02:b0:77:2f:23:05:e6:05:09:cc:69:32:
         55:1c:02:b7:56:1e:52:27:74:9b:8f:f4:b6:a3:41:cd:cb:13:
         3c:76:71:31:5f:7a:5e:5d:62:e4:3a:cb:a4:41:8d:89:04:bc:
         25:19:08:1a:ee:d1:a4:a1:bc:11:e2:06:92:7c:37:83:7f:55:
         db:b5:12:a8:83:29:e2:59:12:67:b9:de:32:f4:e9:6e:77:c2:
         31:13:7e:ff:b1:b4:45:7f:49:69:bc:dd:6e:4f:7f:6f:ef:28:
         7a:c9:38:eb:9b:a4:11:db:c8:e9:df:4b:5c:c1:8d:d5:da:bb:
         2f:be:00:1b:2b:8f:3d:b9:43:e8:f5:3b:b1:22:cc:66:57:bf:
         47:7f:fb:0a:5f:fa:de:37:f1:af:ee:fd:d8:c1:d7:a5:53:f9:
         84:31:d9:c1:ad:3e:d0:14:ef:ce:16:bb:14:54:07:2a:ad:9e:
         ab:46:20:3c:fd:94:0f:22:15:34:30:ec:7e:f0:b0:06:86:da:
         c1:54:99:e8:2f:87:bf:07:86:b9:6a:d6:2a:e8:ee:27:12:a9:
         a1:8b:0a:88:f0:98:f6:9b:46:e2:f5:ff:c2:09:11:78:7c:6d:
         3a:f9:6a:53:9f:42:a2:fc:1e:9a:d9:23:cc:77:ad:35:c0:2d:
         6e:bc:fe:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeFQehzmFsmSP9R0cBd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjYwMzI5MDcwMTMzWhcNMjYwMzMwMDcwMTMzWjAzMTEwLwYDVQQD
EygxODUzZmQ2ZmU1MjI1ZTlkNzBiMDExZjE5NWJlZTlkY2Q5Y2NkMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ACoZ+5ZJxs9NB/w8E5LOdWRIZ6R
0uTsUFTRYYgze9nFz6rEXHffsqTcEkr9A5lYeuHNvHObI/uFYsiGGp1f/5/neFH9
FFMjF4/GCd0sGSoyyoiyujjKcMINoJjYZlAhZo77MoWALfUiUL0QQnc2SC+uOiLO
dy6R3SpAIPheEKHRrF9H34lCeIIGZp31Ps81avLYFyS7fjiRhbAM77tqbpgqPDqx
jseOYZrCjPV9RJF8p+dJ+0LzsAeCTQmpPu5JWA7ri9qrjJVToP7aUvPsRFy9crlw
TEcTXP7SZfq3Nvqkcy0zyrdCW7QeUCgds+eQilltLSqIGlYxIujBbR8eAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhT/W/lIl6dcLAR8ZW+6dzZzNGEMB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZMY3SmXH
ArB3LyMF5gUJzGkyVRwCt1YeUid0m4/0tqNBzcsTPHZxMV96Xl1i5DrLpEGNiQS8
JRkIGu7RpKG8EeIGknw3g39V27USqIMp4lkSZ7neMvTpbnfCMRN+/7G0RX9Jabzd
bk9/b+8oesk465ukEdvI6d9LXMGN1dq7L74AGyuPPblD6PU7sSLMZle/R3/7Cl/6
3jfxr+792MHXpVP5hDHZwa0+0BTvzha7FFQHKq2eq0YgPP2UDyIVNDDsfvCwBoba
wVSZ6C+HvweGuWrWKujuJxKpoYsKiPCY9ptG4vX/wgkReHxtOvlqU59Covwemtkj
zHetNcAtbrz+fw==
-----END CERTIFICATE-----