Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
File:                     OZ17KbLru-43WSMgfh2FZU8LV7o.mft (raw, json)
Hash identifier:          nh7eqqoJ7M8mGEnF7YqECyS1v87xQw2LRG3IHLBnFGA=
Subject key identifier:   8F:C0:FB:7E:D2:2B:1D:DB:13:F3:66:7C:18:2A:31:77:0C:1B:2C:85
Authority key identifier: 39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA
Certificate issuer:       /CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
Certificate serial:       019D9998FB2CFB271975D6C35E0586F44EBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
Manifest number:          050B
Signing time:             Fri 17 Apr 2026 04:00:32 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:32 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:32 +0000
Files and hashes:         1: OZ17KbLru-43WSMgfh2FZU8LV7o.crl (hash: weCqGP3oPXW9PnrwApYAYEgP31VslxWcxcNmQTCl0X8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:98:fb:2c:fb:27:19:75:d6:c3:5e:05:86:f4:4e:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=399d7b29b2ebbbee375923207e1d85654f0b57ba
        Validity
            Not Before: Apr 17 04:00:32 2026 GMT
            Not After : Apr 18 04:00:32 2026 GMT
        Subject: CN=8fc0fb7ed22b1ddb13f3667c182a31770c1b2c85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:91:fb:99:71:7f:a6:f3:25:d3:b6:24:4b:a6:
                    22:dd:96:1d:95:52:a1:bc:32:04:1e:67:d0:d1:44:
                    fa:d0:c8:62:c9:1f:ee:a9:79:4c:4e:61:1f:0c:05:
                    34:c5:5a:ef:a2:08:77:fc:30:da:f0:4b:05:51:17:
                    b4:e8:77:08:e6:5b:09:74:70:73:36:7c:0e:64:1c:
                    0b:44:72:dd:6c:50:6c:bc:e8:bf:45:8a:fa:30:9b:
                    a5:14:0a:67:c9:15:71:78:11:ea:8a:86:2c:85:31:
                    45:e2:d9:a6:43:23:ad:00:c4:ca:6e:21:88:94:aa:
                    05:e4:60:53:07:b8:02:ad:a2:c4:8f:7d:d2:b3:37:
                    9f:a2:a4:5a:4e:61:fa:70:d6:ff:bc:ce:36:38:73:
                    7c:cc:2a:3b:8e:be:69:8e:9b:62:a9:15:8f:e6:9f:
                    47:3b:2a:f3:6f:87:bc:a4:8f:b9:b0:91:fc:bc:a4:
                    c0:24:71:25:80:85:66:57:08:d6:8c:32:70:a2:f1:
                    ff:a2:c8:0c:ab:ba:a1:d4:a0:b6:e5:bd:82:86:2c:
                    b4:99:6b:26:34:f4:b2:97:56:c3:d7:b3:ec:ac:b1:
                    ea:78:1d:73:79:ea:6b:5b:44:42:be:37:0a:d3:78:
                    d0:2e:eb:a7:57:79:bd:df:8f:a2:d8:90:b1:db:eb:
                    b2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:C0:FB:7E:D2:2B:1D:DB:13:F3:66:7C:18:2A:31:77:0C:1B:2C:85
            X509v3 Authority Key Identifier:
                keyid:39:9D:7B:29:B2:EB:BB:EE:37:59:23:20:7E:1D:85:65:4F:0B:57:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZ17KbLru-43WSMgfh2FZU8LV7o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/391c8d-6ac6-4c06-9a40-a6b5a8be1113/1/OZ17KbLru-43WSMgfh2FZU8LV7o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:51:9c:43:ca:6d:b6:99:22:5d:be:33:7e:98:31:ed:5b:82:
         7d:2a:7b:5c:34:46:38:39:c3:56:68:0b:27:58:cd:cf:f8:3f:
         51:ec:10:83:ff:ee:ca:0e:7b:5c:38:04:7b:0a:2b:2c:68:7e:
         5e:1f:b2:33:1d:02:35:e3:1e:a8:6b:64:be:1c:e0:99:47:c5:
         68:dd:d4:46:af:a5:46:ab:c1:1b:b6:36:88:8e:fb:99:9a:07:
         6f:64:05:a0:3b:89:1c:72:ab:aa:7c:64:6a:c6:15:0a:5d:cb:
         fb:96:00:11:55:fa:9d:ea:cb:80:95:f0:97:ee:3e:68:9e:0a:
         e8:1f:85:c9:90:eb:d0:60:35:29:ef:ce:12:e6:6c:30:7a:1d:
         9e:e5:be:95:bf:db:1e:1d:37:09:09:23:92:16:34:9d:17:97:
         d3:d0:27:0e:51:a7:72:68:24:fc:16:b1:b5:4b:9d:44:76:b4:
         b3:0a:49:ea:92:dc:02:1f:59:9a:41:8a:78:07:ac:97:40:84:
         85:b1:a4:2d:5c:db:37:d3:8c:11:24:36:b8:61:3a:63:10:05:
         33:96:5e:72:8c:8a:c1:71:c3:8d:de:e6:ec:5e:b2:75:80:ac:
         cc:b8:df:90:a0:55:af:66:12:d2:cd:5e:c0:0e:72:b6:94:9f:
         38:69:4e:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmPss+ycZddbDXgWG9E68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5OWQ3YjI5YjJlYmJiZWUzNzU5MjMyMDdlMWQ4NTY1NGYw
YjU3YmEwHhcNMjYwNDE3MDQwMDMyWhcNMjYwNDE4MDQwMDMyWjAzMTEwLwYDVQQD
Eyg4ZmMwZmI3ZWQyMmIxZGRiMTNmMzY2N2MxODJhMzE3NzBjMWIyYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pH7mXF/pvMl07YkS6Yi3ZYdlVKh
vDIEHmfQ0UT60MhiyR/uqXlMTmEfDAU0xVrvogh3/DDa8EsFURe06HcI5lsJdHBz
NnwOZBwLRHLdbFBsvOi/RYr6MJulFApnyRVxeBHqioYshTFF4tmmQyOtAMTKbiGI
lKoF5GBTB7gCraLEj33SszefoqRaTmH6cNb/vM42OHN8zCo7jr5pjptiqRWP5p9H
Oyrzb4e8pI+5sJH8vKTAJHElgIVmVwjWjDJwovH/osgMq7qh1KC25b2Chiy0mWsm
NPSyl1bD17PsrLHqeB1zeeprW0RCvjcK03jQLuunV3m934+i2JCx2+uyawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI/A+37SKx3bE/NmfBgqMXcMGyyFMB8GA1UdIwQY
MBaAFDmdeymy67vuN1kjIH4dhWVPC1e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAt
YTZiNWE4YmUxMTEzLzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zOTFjOGQtNmFjNi00YzA2LTlhNDAtYTZiNWE4YmUxMTEz
LzEvT1oxN0tiTHJ1LTQzV1NNZ2ZoMkZaVThMVjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb1GcQ8pt
tpkiXb4zfpgx7VuCfSp7XDRGODnDVmgLJ1jNz/g/UewQg//uyg57XDgEeworLGh+
Xh+yMx0CNeMeqGtkvhzgmUfFaN3URq+lRqvBG7Y2iI77mZoHb2QFoDuJHHKrqnxk
asYVCl3L+5YAEVX6nerLgJXwl+4+aJ4K6B+FyZDr0GA1Ke/OEuZsMHodnuW+lb/b
Hh03CQkjkhY0nReX09AnDlGncmgk/BaxtUudRHa0swpJ6pLcAh9ZmkGKeAesl0CE
hbGkLVzbN9OMESQ2uGE6YxAFM5ZecoyKwXHDjd7m7F6ydYCszLjfkKBVr2YS0s1e
wA5ytpSfOGlOyQ==
-----END CERTIFICATE-----