Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          yy2DekJBhIqeVzjMvK5hFju7hYGAtpcmSnAw+Gf/Q74=
Subject key identifier:   BB:FC:5D:8C:AE:01:14:3E:DC:C2:37:16:63:65:C3:51:12:4F:FC:FA
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019F17545B75E6287387EA000C8BB8E3537E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          0D93
Signing time:             Tue 30 Jun 2026 07:00:32 +0000
Manifest this update:     Tue 30 Jun 2026 07:00:32 +0000
Manifest next update:     Wed 01 Jul 2026 07:00:32 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: BXQceotLtPFVHq0jNonrp0u2mJwLgd/pYE+4XIcSSNg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 07:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9f:17:54:5b:75:e6:28:73:87:ea:00:0c:8b:b8:e3:53:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: Jun 30 07:00:32 2026 GMT
            Not After : Jul  1 07:00:32 2026 GMT
        Subject: CN=bbfc5d8cae01143edcc237166365c351124ffcfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:4b:64:d3:d7:f0:54:1e:de:69:a0:de:f0:ab:
                    64:80:e6:ed:14:22:4a:59:b6:e5:3a:1e:4b:7a:87:
                    49:ce:f3:73:90:7c:4a:02:15:82:7e:f5:ce:eb:87:
                    39:27:ae:0c:3f:82:d4:e8:57:00:c3:63:54:59:06:
                    9e:21:8b:74:15:4a:85:6d:45:b6:b9:8e:7f:3b:0f:
                    79:34:c3:a3:38:59:f5:86:9d:04:70:4a:2a:c1:bf:
                    32:d3:48:bd:df:de:9f:56:de:bd:c2:79:f9:77:cf:
                    2e:9e:e5:3b:81:91:eb:f8:71:92:b9:a6:77:44:04:
                    24:ff:09:82:74:24:ff:64:c9:43:f8:73:2c:28:70:
                    56:36:7c:2b:16:52:c7:6f:09:d2:5a:89:10:9c:f6:
                    98:b9:80:21:32:f3:34:ca:79:a1:4f:ff:bd:99:3c:
                    45:c2:17:d3:cb:ba:ef:44:70:09:64:61:7e:1a:88:
                    28:b2:c5:86:d2:f1:f0:fb:e8:d5:6c:1f:15:81:8d:
                    33:7c:aa:95:65:35:15:d2:68:a3:bc:93:dc:0b:a6:
                    9c:ef:74:40:91:dc:10:52:2e:d8:3f:92:e9:e7:e0:
                    7c:10:ee:8d:c9:f0:a6:31:a2:16:83:ae:c3:b5:5f:
                    7b:93:f8:d8:ab:bf:18:8e:14:f0:c6:72:85:0a:46:
                    9d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:FC:5D:8C:AE:01:14:3E:DC:C2:37:16:63:65:C3:51:12:4F:FC:FA
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:d0:ef:5d:53:d8:bb:24:7c:d7:fa:60:69:2a:08:f8:57:86:
         22:47:dd:56:29:2b:9f:e4:5b:ce:3d:02:91:1f:e1:30:51:cf:
         4b:74:3f:05:e9:39:64:62:46:bc:86:bc:df:85:60:7b:02:6c:
         c3:6c:4d:59:a6:b0:98:30:0c:2f:9c:2e:f1:90:77:03:47:4d:
         3e:6a:40:3b:05:84:2b:d3:3e:9d:9c:6c:23:c4:ea:1a:3a:e5:
         7b:98:aa:7f:cf:68:fe:ff:3d:f7:24:94:11:0c:30:92:c1:d7:
         9d:26:63:49:a2:b6:18:c5:4d:53:0b:ac:77:9c:af:64:16:ef:
         56:da:14:f1:a9:e9:f6:ad:b7:3c:45:36:81:55:b6:55:36:ed:
         33:3a:77:0f:ef:97:c6:be:d6:dc:a3:b2:1e:1e:7e:ff:ca:18:
         38:82:fa:14:d2:ec:2c:99:24:13:19:28:b4:40:f2:1a:a3:99:
         d0:bf:94:ce:fe:38:49:9a:74:87:05:9b:a1:84:ca:02:3f:1d:
         e4:5f:45:ac:50:9b:6b:5a:da:b2:de:ad:85:b2:c8:e8:69:0f:
         4a:05:e0:8b:cf:9c:c4:f9:06:12:83:d1:10:5a:c8:a7:61:ff:
         06:d6:d3:f4:a3:df:80:8a:ba:1d:1e:03:ef:7a:ca:0d:1d:26:
         18:ba:82:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8XVFt15ihzh+oADIu441N+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjYwNjMwMDcwMDMyWhcNMjYwNzAxMDcwMDMyWjAzMTEwLwYDVQQD
EyhiYmZjNWQ4Y2FlMDExNDNlZGNjMjM3MTY2MzY1YzM1MTEyNGZmY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEtk09fwVB7eaaDe8KtkgObtFCJK
WbblOh5LeodJzvNzkHxKAhWCfvXO64c5J64MP4LU6FcAw2NUWQaeIYt0FUqFbUW2
uY5/Ow95NMOjOFn1hp0EcEoqwb8y00i9396fVt69wnn5d88unuU7gZHr+HGSuaZ3
RAQk/wmCdCT/ZMlD+HMsKHBWNnwrFlLHbwnSWokQnPaYuYAhMvM0ynmhT/+9mTxF
whfTy7rvRHAJZGF+GogossWG0vHw++jVbB8VgY0zfKqVZTUV0mijvJPcC6ac73RA
kdwQUi7YP5Lp5+B8EO6NyfCmMaIWg67DtV97k/jYq78YjhTwxnKFCkadLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLv8XYyuARQ+3MI3FmNlw1EST/z6MB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABtDvXVPY
uyR81/pgaSoI+FeGIkfdVikrn+Rbzj0CkR/hMFHPS3Q/Bek5ZGJGvIa834VgewJs
w2xNWaawmDAML5wu8ZB3A0dNPmpAOwWEK9M+nZxsI8TqGjrle5iqf89o/v899ySU
EQwwksHXnSZjSaK2GMVNUwusd5yvZBbvVtoU8anp9q23PEU2gVW2VTbtMzp3D++X
xr7W3KOyHh5+/8oYOIL6FNLsLJkkExkotEDyGqOZ0L+Uzv44SZp0hwWboYTKAj8d
5F9FrFCba1rast6thbLI6GkPSgXgi8+cxPkGEoPREFrIp2H/BtbT9KPfgIq6HR4D
73rKDR0mGLqC3A==
-----END CERTIFICATE-----