Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
File:                     0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft (raw, json)
Hash identifier:          YGnPZdiKbG1zQsiyY3vOa6qZOo3tRMwD9iy1oyDfwKU=
Subject key identifier:   D8:82:04:65:5E:B0:03:03:1E:8E:CF:C6:A4:4E:F8:26:94:B2:E2:BC
Authority key identifier: D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0
Certificate issuer:       /CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0
Certificate serial:       019CAC46E775E01DB1368FFAB113ED00CF35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
Manifest number:          0DC9
Signing time:             Mon 02 Mar 2026 02:00:53 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:53 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:53 +0000
Files and hashes:         1: 0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl (hash: wqFSEtzIhT6ijxrHjp15fze7ruvcCqwFsCUHYtPuq08=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:e7:75:e0:1d:b1:36:8f:fa:b1:13:ed:00:cf:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3098e5e20d78f94e696c1372b5623ffa71d94d0
        Validity
            Not Before: Mar  2 02:00:53 2026 GMT
            Not After : Mar  3 02:00:53 2026 GMT
        Subject: CN=d88204655eb003031e8ecfc6a44ef82694b2e2bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c6:e1:50:94:27:1a:eb:e6:39:73:1f:4a:52:
                    ae:39:fa:73:b1:3a:a8:d4:0c:20:43:d8:59:7e:46:
                    4d:d0:92:95:4f:a3:a5:29:29:62:aa:c5:2c:d2:05:
                    68:ce:22:df:15:27:33:d6:b1:1f:a8:a7:04:16:1d:
                    37:0c:84:77:5c:f4:40:49:77:d8:9d:8b:03:61:80:
                    98:3e:fe:4a:62:0f:12:5a:13:8b:05:bb:a0:d5:0d:
                    b3:15:2f:7e:32:00:7c:f5:73:30:52:49:ab:d6:f3:
                    c1:65:ab:cf:00:20:29:ec:2b:b7:ef:19:e3:c8:00:
                    72:33:e5:1e:8e:e9:07:dc:e1:b1:d5:69:ad:a0:78:
                    38:9d:4d:2a:79:a5:ee:ef:9b:be:83:c4:b0:f0:4e:
                    4f:da:90:ac:3b:6e:ad:9b:ef:28:0c:1d:90:02:7f:
                    a8:60:94:22:85:e2:53:d5:c2:51:66:55:39:9e:14:
                    8d:b9:59:49:fa:b2:c7:18:25:e0:02:2d:13:47:bf:
                    1b:9d:60:29:15:16:46:0e:7e:fd:a9:07:c4:c6:0b:
                    53:9d:80:db:d9:27:39:a9:e5:25:45:73:44:99:5b:
                    0e:3d:cc:b8:04:f6:37:dc:d8:b5:f4:a1:9c:f4:73:
                    c1:a9:90:33:6b:e8:1c:73:52:d6:23:d1:60:38:d0:
                    2a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:82:04:65:5E:B0:03:03:1E:8E:CF:C6:A4:4E:F8:26:94:B2:E2:BC
            X509v3 Authority Key Identifier:
                keyid:D3:09:8E:5E:20:D7:8F:94:E6:96:C1:37:2B:56:23:FF:A7:1D:94:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5361cc-b04d-4465-938d-617a26327e98/1/0wmOXiDXj5TmlsE3K1Yj_6cdlNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:af:23:0c:f0:54:70:1b:e9:cc:3f:3c:dd:8f:9a:65:fb:1d:
         90:1c:82:6c:51:ae:85:cd:a6:42:9b:76:8b:2c:d6:5e:79:56:
         0f:29:49:f9:44:90:09:09:71:a5:70:a4:19:08:98:3e:fe:9a:
         09:0b:ab:68:c6:8e:17:34:2d:d1:e9:a0:1b:54:fd:0a:5e:9f:
         14:d1:51:d3:9e:9e:e0:2a:ad:57:c1:b5:09:99:b4:d6:82:7c:
         7f:68:84:df:07:dc:8d:5d:88:34:39:e9:20:f9:5d:57:52:9f:
         1d:9d:64:f6:10:ad:b7:ef:c9:83:37:d5:ab:93:e7:d0:a3:75:
         62:f8:55:43:62:ab:91:9d:b3:67:bc:fe:74:d2:ff:40:f9:50:
         b1:e1:09:9b:ca:d1:1b:a5:06:69:d5:31:66:04:b5:95:c3:19:
         24:bd:44:ad:45:c4:1f:74:d3:f4:a2:ca:3b:f6:0d:ce:d3:00:
         4b:42:ff:da:1a:59:44:62:a3:4f:e2:88:00:24:8b:01:98:f2:
         01:9a:a9:43:48:4e:13:8f:8f:ff:d2:88:d8:4c:78:33:88:35:
         7b:91:c8:af:00:8f:1e:6f:a7:92:2b:31:39:b3:95:db:1f:ef:
         98:2d:61:99:c2:ed:e2:0b:e0:0d:ad:01:31:92:f6:91:f9:5f:
         31:54:6e:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRud14B2xNo/6sRPtAM81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDk4ZTVlMjBkNzhmOTRlNjk2YzEzNzJiNTYyM2ZmYTcx
ZDk0ZDAwHhcNMjYwMzAyMDIwMDUzWhcNMjYwMzAzMDIwMDUzWjAzMTEwLwYDVQQD
EyhkODgyMDQ2NTVlYjAwMzAzMWU4ZWNmYzZhNDRlZjgyNjk0YjJlMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4MbhUJQnGuvmOXMfSlKuOfpzsTqo
1AwgQ9hZfkZN0JKVT6OlKSliqsUs0gVoziLfFScz1rEfqKcEFh03DIR3XPRASXfY
nYsDYYCYPv5KYg8SWhOLBbug1Q2zFS9+MgB89XMwUkmr1vPBZavPACAp7Cu37xnj
yAByM+UejukH3OGx1WmtoHg4nU0qeaXu75u+g8Sw8E5P2pCsO26tm+8oDB2QAn+o
YJQiheJT1cJRZlU5nhSNuVlJ+rLHGCXgAi0TR78bnWApFRZGDn79qQfExgtTnYDb
2Sc5qeUlRXNEmVsOPcy4BPY33Ni19KGc9HPBqZAza+gcc1LWI9FgONAqFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiCBGVesAMDHo7PxqRO+CaUsuK8MB8GA1UdIwQY
MBaAFNMJjl4g14+U5pbBNytWI/+nHZTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQt
NjE3YTI2MzI3ZTk4LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MzYxY2MtYjA0ZC00NDY1LTkzOGQtNjE3YTI2MzI3ZTk4
LzEvMHdtT1hpRFhqNVRtbHNFM0sxWWpfNmNkbE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn68jDPBU
cBvpzD883Y+aZfsdkByCbFGuhc2mQpt2iyzWXnlWDylJ+USQCQlxpXCkGQiYPv6a
CQuraMaOFzQt0emgG1T9Cl6fFNFR056e4CqtV8G1CZm01oJ8f2iE3wfcjV2INDnp
IPldV1KfHZ1k9hCtt+/JgzfVq5Pn0KN1YvhVQ2KrkZ2zZ7z+dNL/QPlQseEJm8rR
G6UGadUxZgS1lcMZJL1ErUXEH3TT9KLKO/YNztMAS0L/2hpZRGKjT+KIACSLAZjy
AZqpQ0hOE4+P/9KI2Ex4M4g1e5HIrwCPHm+nkisxObOV2x/vmC1hmcLt4gvgDa0B
MZL2kflfMVRuHw==
-----END CERTIFICATE-----