Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
File:                     0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft (raw, json)
Hash identifier:          Te1gVgb9m8cTbqkMZsZMC7KJ/GVsPEYavVYwv8GQXcI=
Subject key identifier:   FD:A9:DC:ED:82:29:EB:22:86:FF:93:F3:56:BE:01:54:1D:DD:9F:4C
Authority key identifier: D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED
Certificate issuer:       /CN=d2897b335382f8224f5d890e31b386321c6bb3ed
Certificate serial:       019E2F9690AE154120E9B358B4E2178A8699
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
Manifest number:          0D1B
Signing time:             Sat 16 May 2026 07:00:57 +0000
Manifest this update:     Sat 16 May 2026 07:00:57 +0000
Manifest next update:     Sun 17 May 2026 07:00:57 +0000
Files and hashes:         1: 0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl (hash: FaqLJBTV+gabMda91Yg3lcFwrsytUw5lwry6bMj1bQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:96:90:ae:15:41:20:e9:b3:58:b4:e2:17:8a:86:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2897b335382f8224f5d890e31b386321c6bb3ed
        Validity
            Not Before: May 16 07:00:57 2026 GMT
            Not After : May 17 07:00:57 2026 GMT
        Subject: CN=fda9dced8229eb2286ff93f356be01541ddd9f4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ee:66:cd:2c:13:cf:d8:6b:17:6f:d9:76:e4:
                    72:de:a1:d6:bd:b1:e7:ce:19:da:79:8c:c9:4c:1b:
                    0b:dd:cd:97:8d:3d:58:18:26:73:73:25:c9:95:bb:
                    6a:3d:f6:f3:75:6d:af:51:e1:8f:d0:4b:08:a9:fa:
                    de:23:a7:78:98:ae:d4:0e:77:a7:54:15:c8:97:91:
                    a8:22:92:a0:23:e0:90:1a:b8:57:54:77:bd:0c:a4:
                    9b:c0:7f:11:e0:fb:46:1f:0b:8e:87:bf:c0:3f:35:
                    cf:5e:d6:30:dd:de:7a:cc:eb:9c:13:5d:14:f1:f9:
                    f0:e4:db:33:b2:bd:70:38:66:3c:d3:bf:6c:18:26:
                    5e:c9:57:5e:3d:08:e2:23:9c:62:76:cd:66:74:81:
                    8a:06:90:d3:4b:f7:a8:d9:cf:da:a4:7d:da:7c:05:
                    d5:cf:e8:27:52:9f:83:ec:e3:2d:d7:61:7d:3f:87:
                    3b:56:33:42:e5:72:44:e1:30:55:69:94:c5:f6:20:
                    06:b9:6d:d7:d6:3e:bc:56:b0:d7:24:91:79:33:11:
                    bc:a5:2c:48:a3:1f:fe:5f:cb:bd:91:12:8e:4d:51:
                    7e:1c:e2:6d:60:57:bf:53:c3:7c:29:e0:91:48:0d:
                    69:44:99:90:74:d9:51:8f:5a:7f:60:b2:d1:ec:3a:
                    cf:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:A9:DC:ED:82:29:EB:22:86:FF:93:F3:56:BE:01:54:1D:DD:9F:4C
            X509v3 Authority Key Identifier:
                keyid:D2:89:7B:33:53:82:F8:22:4F:5D:89:0E:31:B3:86:32:1C:6B:B3:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ol7M1OC-CJPXYkOMbOGMhxrs-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4de805-d5dc-46f7-b397-5b5332af1851/1/0ol7M1OC-CJPXYkOMbOGMhxrs-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:b2:31:ca:44:cc:75:a0:91:d6:ec:ef:73:8a:cc:0a:b7:b4:
         d7:c7:67:67:ed:e2:a4:3a:8f:27:3c:d9:fa:29:83:39:4d:3c:
         64:67:5a:22:10:6c:ab:29:43:8c:b3:26:96:37:26:db:61:4c:
         c5:48:b5:56:e6:7b:20:96:86:ec:e6:65:3f:f9:a4:51:44:7b:
         1d:3a:1f:a8:99:2c:a6:e5:12:5d:6b:fd:58:ea:11:0f:54:90:
         26:6d:f2:68:f1:a8:fc:fe:c4:df:90:b1:89:9b:57:1b:e1:4d:
         e5:43:04:a0:b0:80:00:50:a9:dd:e1:48:47:4e:82:8f:65:d9:
         37:88:3b:bb:99:79:d0:a4:a7:6e:56:ae:72:ee:c3:9a:2b:9c:
         8a:95:6e:87:71:2a:67:4d:91:ba:93:08:2f:d9:44:44:b9:91:
         36:fb:8c:dc:2b:7d:20:b7:e4:c9:9b:7f:78:eb:d8:65:01:21:
         f7:aa:3d:68:41:6f:94:47:4e:b3:42:1c:cb:20:4f:d8:4a:ee:
         3c:ff:d3:b2:27:cc:2f:31:87:33:96:48:33:14:ea:b5:28:93:
         18:f6:59:7e:f6:23:c2:cb:f9:fe:b2:57:3b:32:39:bd:71:bc:
         18:ee:30:f5:3a:11:fc:0c:11:ad:76:84:af:f4:03:e7:ab:70:
         0e:89:d2:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlpCuFUEg6bNYtOIXioaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODk3YjMzNTM4MmY4MjI0ZjVkODkwZTMxYjM4NjMyMWM2
YmIzZWQwHhcNMjYwNTE2MDcwMDU3WhcNMjYwNTE3MDcwMDU3WjAzMTEwLwYDVQQD
EyhmZGE5ZGNlZDgyMjllYjIyODZmZjkzZjM1NmJlMDE1NDFkZGQ5ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO5mzSwTz9hrF2/ZduRy3qHWvbHn
zhnaeYzJTBsL3c2XjT1YGCZzcyXJlbtqPfbzdW2vUeGP0EsIqfreI6d4mK7UDnen
VBXIl5GoIpKgI+CQGrhXVHe9DKSbwH8R4PtGHwuOh7/APzXPXtYw3d56zOucE10U
8fnw5Nszsr1wOGY8079sGCZeyVdePQjiI5xids1mdIGKBpDTS/eo2c/apH3afAXV
z+gnUp+D7OMt12F9P4c7VjNC5XJE4TBVaZTF9iAGuW3X1j68VrDXJJF5MxG8pSxI
ox/+X8u9kRKOTVF+HOJtYFe/U8N8KeCRSA1pRJmQdNlRj1p/YLLR7DrPGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2p3O2CKesihv+T81a+AVQd3Z9MMB8GA1UdIwQY
MBaAFNKJezNTgvgiT12JDjGzhjIca7PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTct
NWI1MzMyYWYxODUxLzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZGU4MDUtZDVkYy00NmY3LWIzOTctNWI1MzMyYWYxODUx
LzEvMG9sN00xT0MtQ0pQWFlrT01iT0dNaHhycy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuLIxykTM
daCR1uzvc4rMCre018dnZ+3ipDqPJzzZ+imDOU08ZGdaIhBsqylDjLMmljcm22FM
xUi1VuZ7IJaG7OZlP/mkUUR7HTofqJkspuUSXWv9WOoRD1SQJm3yaPGo/P7E35Cx
iZtXG+FN5UMEoLCAAFCp3eFIR06Cj2XZN4g7u5l50KSnblaucu7DmiucipVuh3Eq
Z02RupMIL9lERLmRNvuM3Ct9ILfkyZt/eOvYZQEh96o9aEFvlEdOs0IcyyBP2Eru
PP/TsifMLzGHM5ZIMxTqtSiTGPZZfvYjwsv5/rJXOzI5vXG8GO4w9ToR/AwRrXaE
r/QD56twDonSJw==
-----END CERTIFICATE-----