Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
File:                     Os5p2XnZoNxneVEGweVayhVHCH8.mft (raw, json)
Hash identifier:          TcrZOc0wREsZAMW4x5DecXF8x27O7q0/yO+2aC7XXss=
Subject key identifier:   27:83:EA:F3:8E:AD:19:04:0B:B2:DC:A6:20:0B:43:93:C5:9F:41:50
Authority key identifier: 3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F
Certificate issuer:       /CN=3ace69d979d9a0dc67795106c1e55aca1547087f
Certificate serial:       019D99995363CAFDE8CA6C7BF94348860C92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
Manifest number:          18BB
Signing time:             Fri 17 Apr 2026 04:00:55 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:55 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:55 +0000
Files and hashes:         1: Os5p2XnZoNxneVEGweVayhVHCH8.crl (hash: Wz69/SF1oWi0IAuSleDDW3aIwFlGzHVv5oRS0hc01oQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 04:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:53:63:ca:fd:e8:ca:6c:7b:f9:43:48:86:0c:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ace69d979d9a0dc67795106c1e55aca1547087f
        Validity
            Not Before: Apr 17 04:00:55 2026 GMT
            Not After : Apr 18 04:00:55 2026 GMT
        Subject: CN=2783eaf38ead19040bb2dca6200b4393c59f4150
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:d6:9b:b5:c3:aa:93:66:ac:ac:67:21:d8:90:
                    24:42:49:d9:73:30:3f:48:eb:90:07:af:99:a6:5d:
                    0a:a1:e3:1b:61:a2:9d:7c:79:94:cf:d5:d1:35:82:
                    f2:73:23:92:dc:b2:2e:5b:6c:23:57:3c:f0:88:c3:
                    d7:47:80:d9:71:53:1f:a5:50:e7:03:fc:85:bb:00:
                    81:21:c0:47:38:8e:0b:d8:e9:23:d2:f2:28:5c:7a:
                    8a:40:cb:57:14:7a:d2:0e:12:cb:fe:a5:69:b0:75:
                    7c:b8:22:bc:a7:23:9e:cd:ef:d1:5c:3c:cb:78:a1:
                    67:80:d7:99:77:cd:ae:32:09:84:4d:d6:07:72:d0:
                    4c:e0:35:7b:46:fa:55:80:22:7c:9c:a6:d2:db:09:
                    a2:7d:42:e6:33:bc:77:f0:95:70:b0:02:fd:5c:bc:
                    df:5d:cd:e7:48:08:9a:7a:55:64:c9:6a:ca:ef:a9:
                    41:ea:48:cb:cf:37:85:0e:5c:25:ea:a8:87:83:1b:
                    d9:f4:b1:36:d7:ad:79:5a:1d:ca:22:78:2b:05:ff:
                    55:3d:b9:d3:19:9a:f7:db:93:55:2a:34:8d:ee:69:
                    2b:52:8d:7b:9e:62:da:1b:b1:26:20:f4:fb:83:05:
                    2f:c2:2f:4d:cf:85:7d:fe:14:08:6a:0a:16:48:c7:
                    33:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:83:EA:F3:8E:AD:19:04:0B:B2:DC:A6:20:0B:43:93:C5:9F:41:50
            X509v3 Authority Key Identifier:
                keyid:3A:CE:69:D9:79:D9:A0:DC:67:79:51:06:C1:E5:5A:CA:15:47:08:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Os5p2XnZoNxneVEGweVayhVHCH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/afd99f-df55-4e97-886a-a9775aa8d812/1/Os5p2XnZoNxneVEGweVayhVHCH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:17:52:1a:d1:45:f2:8f:15:78:b3:d2:53:bd:7a:dd:3c:79:
         30:a8:d3:08:8f:de:36:31:8e:11:02:9a:51:b8:e3:46:7c:aa:
         19:b5:c1:ed:95:90:85:c0:69:c3:69:30:33:45:87:09:43:b9:
         83:49:c6:ac:e4:5a:e0:99:71:b5:65:77:a9:7e:03:65:d6:cf:
         18:16:5d:9e:58:58:2f:58:e5:3e:0e:f2:7c:88:12:59:40:6a:
         37:be:39:ef:68:33:37:d4:80:7b:0a:05:5e:6c:34:b3:97:e7:
         f7:84:9e:8d:d7:90:4f:4c:75:e5:10:88:be:f5:11:cd:03:3b:
         50:ed:e4:eb:cf:d9:f8:18:b7:32:ec:d7:ab:5f:98:60:99:b1:
         57:97:34:27:3c:79:d3:47:22:4b:82:d6:f3:2c:7f:fa:75:f2:
         1b:a7:bf:b8:b7:72:40:1e:83:a4:0b:b3:b4:c9:86:f0:3f:ec:
         9d:80:4c:7d:5e:12:05:d6:72:dc:4d:39:c1:30:47:fe:5b:5f:
         0c:40:8a:55:04:17:6f:b7:01:de:9d:6c:5d:41:de:58:25:6f:
         3b:c1:13:37:90:29:1e:b0:94:e9:00:20:1e:97:68:45:da:ac:
         74:a6:04:6b:b8:bd:91:df:ce:e6:ba:05:9e:2c:0a:a9:2d:45:
         ec:2d:a0:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmVNjyv3oymx7+UNIhgySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2U2OWQ5NzlkOWEwZGM2Nzc5NTEwNmMxZTU1YWNhMTU0
NzA4N2YwHhcNMjYwNDE3MDQwMDU1WhcNMjYwNDE4MDQwMDU1WjAzMTEwLwYDVQQD
EygyNzgzZWFmMzhlYWQxOTA0MGJiMmRjYTYyMDBiNDM5M2M1OWY0MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtabtcOqk2asrGch2JAkQknZczA/
SOuQB6+Zpl0KoeMbYaKdfHmUz9XRNYLycyOS3LIuW2wjVzzwiMPXR4DZcVMfpVDn
A/yFuwCBIcBHOI4L2Okj0vIoXHqKQMtXFHrSDhLL/qVpsHV8uCK8pyOeze/RXDzL
eKFngNeZd82uMgmETdYHctBM4DV7RvpVgCJ8nKbS2wmifULmM7x38JVwsAL9XLzf
Xc3nSAiaelVkyWrK76lB6kjLzzeFDlwl6qiHgxvZ9LE21615Wh3KIngrBf9VPbnT
GZr325NVKjSN7mkrUo17nmLaG7EmIPT7gwUvwi9Nz4V9/hQIagoWSMczyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeD6vOOrRkEC7LcpiALQ5PFn0FQMB8GA1UdIwQY
MBaAFDrOadl52aDcZ3lRBsHlWsoVRwh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEt
YTk3NzVhYThkODEyLzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hZmQ5OWYtZGY1NS00ZTk3LTg4NmEtYTk3NzVhYThkODEy
LzEvT3M1cDJYblpvTnhuZVZFR3dlVmF5aFZIQ0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRdSGtFF
8o8VeLPSU7163Tx5MKjTCI/eNjGOEQKaUbjjRnyqGbXB7ZWQhcBpw2kwM0WHCUO5
g0nGrORa4JlxtWV3qX4DZdbPGBZdnlhYL1jlPg7yfIgSWUBqN74572gzN9SAewoF
Xmw0s5fn94SejdeQT0x15RCIvvURzQM7UO3k68/Z+Bi3MuzXq1+YYJmxV5c0Jzx5
00ciS4LW8yx/+nXyG6e/uLdyQB6DpAuztMmG8D/snYBMfV4SBdZy3E05wTBH/ltf
DECKVQQXb7cB3p1sXUHeWCVvO8ETN5ApHrCU6QAgHpdoRdqsdKYEa7i9kd/O5roF
niwKqS1F7C2giQ==
-----END CERTIFICATE-----