Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          oQgzBsMTbBkmOtD0HHJucuLySskJVs4lPKxd9rfjWB0=
Subject key identifier:   81:6E:C3:59:36:D0:D2:6D:36:D2:63:1A:96:CE:BE:DE:D2:86:D5:00
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019D97E16DCE6A5F683172CD755D3929251D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          07BD
Signing time:             Thu 16 Apr 2026 20:00:26 +0000
Manifest this update:     Thu 16 Apr 2026 20:00:26 +0000
Manifest next update:     Fri 17 Apr 2026 20:00:26 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: hfUh3Id0lj6N65IebYa4R62ZdMBwnP2IRvB2OMJj6p0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 20:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:e1:6d:ce:6a:5f:68:31:72:cd:75:5d:39:29:25:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Apr 16 20:00:26 2026 GMT
            Not After : Apr 17 20:00:26 2026 GMT
        Subject: CN=816ec35936d0d26d36d2631a96cebeded286d500
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:f5:d2:5a:af:1d:78:27:df:f4:38:50:5b:b8:
                    ae:df:a1:6a:a4:dc:53:cc:9b:39:c1:b1:c7:53:df:
                    c9:47:96:7e:cd:c1:34:8c:4a:b5:68:8d:d2:e4:aa:
                    5f:ec:16:3a:cd:ff:c4:d1:a4:48:38:4d:f8:da:a2:
                    0a:4e:42:74:c8:a2:d1:7b:d2:75:a5:1a:b2:82:8f:
                    28:70:c0:35:ba:41:bd:44:a6:2e:dd:13:87:df:c2:
                    c7:78:56:65:41:06:b7:64:d5:fa:4a:1b:4e:63:eb:
                    0e:86:e7:dc:51:4c:78:12:86:5a:89:e2:c0:d7:0b:
                    d6:21:c0:36:33:78:79:c1:ab:34:48:32:2e:4c:d1:
                    1f:ec:58:fc:1d:95:31:f0:cb:38:97:e5:8a:fd:12:
                    45:df:8a:92:d9:ab:e7:5e:4e:2f:99:d6:44:8f:f6:
                    fc:87:d4:08:ca:ac:6a:fe:5b:fc:4e:fe:6d:9c:e1:
                    35:38:ff:64:6a:38:96:fb:8e:82:47:f3:24:54:ad:
                    76:e6:3e:54:29:72:df:72:0e:49:fa:55:48:15:22:
                    27:dc:38:b8:89:92:f7:18:12:ce:11:70:bc:83:44:
                    c0:da:1c:68:d4:3a:0d:5d:73:23:9c:12:17:61:e9:
                    b2:d8:1d:ba:24:94:22:b7:15:63:02:0d:f7:1d:40:
                    cc:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:6E:C3:59:36:D0:D2:6D:36:D2:63:1A:96:CE:BE:DE:D2:86:D5:00
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:c2:59:15:57:6b:5e:79:31:a8:de:25:3b:ad:84:08:2e:41:
         5e:36:2f:13:91:13:2d:ba:06:a3:ea:e4:d7:83:34:18:57:d1:
         3d:13:f2:e9:0f:65:de:ff:fe:47:34:0a:7a:f7:d6:9f:38:f4:
         48:0f:ed:7f:2d:58:e6:e4:fa:77:c1:79:c7:20:ba:ee:d2:e7:
         a0:92:da:36:54:7c:80:d7:fa:0b:2f:65:2d:90:6c:3b:44:ab:
         28:25:11:cf:f2:e0:ea:70:37:42:a0:67:2b:ae:66:0d:2c:03:
         f7:87:5c:c7:e1:c0:e2:11:c1:94:15:16:7a:20:c1:1a:fe:eb:
         6b:23:5a:75:40:4f:2c:96:8a:ec:43:c8:99:d6:54:7f:c4:42:
         27:b0:4f:56:22:ec:28:47:ff:11:3f:90:3e:7a:9b:c4:3a:b7:
         34:9b:5a:52:4e:9a:fa:3d:08:e7:0e:a8:33:b8:38:7b:f9:8d:
         87:ce:55:5c:28:cb:65:c7:10:4a:d8:12:06:05:2c:c8:80:b2:
         04:fd:a3:eb:f7:ab:6f:20:aa:42:7b:7c:52:b8:72:c4:c9:2d:
         c5:f7:43:12:83:dd:2e:2d:b0:3f:ea:fb:98:31:62:82:ea:7e:
         d9:a5:d2:3c:e9:f8:f5:e5:08:45:5e:26:da:81:4b:ec:15:af:
         d8:53:19:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4W3Oal9oMXLNdV05KSUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjYwNDE2MjAwMDI2WhcNMjYwNDE3MjAwMDI2WjAzMTEwLwYDVQQD
Eyg4MTZlYzM1OTM2ZDBkMjZkMzZkMjYzMWE5NmNlYmVkZWQyODZkNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivXSWq8deCff9DhQW7iu36FqpNxT
zJs5wbHHU9/JR5Z+zcE0jEq1aI3S5Kpf7BY6zf/E0aRIOE342qIKTkJ0yKLRe9J1
pRqygo8ocMA1ukG9RKYu3ROH38LHeFZlQQa3ZNX6ShtOY+sOhufcUUx4EoZaieLA
1wvWIcA2M3h5was0SDIuTNEf7Fj8HZUx8Ms4l+WK/RJF34qS2avnXk4vmdZEj/b8
h9QIyqxq/lv8Tv5tnOE1OP9kajiW+46CR/MkVK125j5UKXLfcg5J+lVIFSIn3Di4
iZL3GBLOEXC8g0TA2hxo1DoNXXMjnBIXYemy2B26JJQitxVjAg33HUDMlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFuw1k20NJtNtJjGpbOvt7ShtUAMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi8JZFVdr
XnkxqN4lO62ECC5BXjYvE5ETLboGo+rk14M0GFfRPRPy6Q9l3v/+RzQKevfWnzj0
SA/tfy1Y5uT6d8F5xyC67tLnoJLaNlR8gNf6Cy9lLZBsO0SrKCURz/Lg6nA3QqBn
K65mDSwD94dcx+HA4hHBlBUWeiDBGv7rayNadUBPLJaK7EPImdZUf8RCJ7BPViLs
KEf/ET+QPnqbxDq3NJtaUk6a+j0I5w6oM7g4e/mNh85VXCjLZccQStgSBgUsyICy
BP2j6/erbyCqQnt8UrhyxMktxfdDEoPdLi2wP+r7mDFigup+2aXSPOn49eUIRV4m
2oFL7BWv2FMZ6A==
-----END CERTIFICATE-----