Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          K9yOyBBOayqlMgLOztE5JAxRJwUtugmCTRXEOwOWEeM=
Subject key identifier:   A3:17:A9:77:E9:C0:71:92:1E:8D:E4:1D:6C:D2:2C:59:87:AC:80:42
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       019D98F5109E69F341F057EFF1224DBF52A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          1165
Signing time:             Fri 17 Apr 2026 01:01:30 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:30 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:30 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: Qf8KxHOJ5T1ZunJkDwEmQALhUD+qcdujWbcf6wdGvDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f5:10:9e:69:f3:41:f0:57:ef:f1:22:4d:bf:52:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Apr 17 01:01:30 2026 GMT
            Not After : Apr 18 01:01:30 2026 GMT
        Subject: CN=a317a977e9c071921e8de41d6cd22c5987ac8042
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:44:fc:78:79:11:4d:0b:4f:82:ab:d7:66:42:
                    4b:64:e7:a8:d7:bb:e8:1a:3e:b1:eb:8e:0e:06:ad:
                    4d:63:88:05:b2:91:c2:9a:47:55:61:76:c4:d2:40:
                    99:cb:e1:34:d3:6d:20:9e:84:51:5c:1a:ac:29:cc:
                    e2:e5:31:4a:af:30:13:2e:bf:f0:3f:a3:20:c5:7d:
                    73:5f:38:56:56:19:ba:4e:78:be:0c:e1:08:44:e2:
                    50:7c:78:d0:81:13:39:44:6f:4a:54:c7:8b:ea:df:
                    d0:66:e3:5e:40:c7:63:96:bd:6d:8f:d5:db:7c:e7:
                    13:eb:23:ab:72:06:a4:a7:b2:36:82:76:a4:da:ea:
                    32:46:79:50:44:16:f8:3f:83:56:bd:12:3e:ca:46:
                    84:fd:26:ba:13:e7:6c:7a:b5:2a:8a:c7:de:49:38:
                    4f:56:a7:90:56:98:c7:08:fa:84:4d:28:d1:8e:48:
                    fe:5c:f3:32:42:9e:72:2e:e2:d9:bb:5c:75:58:96:
                    f6:3a:51:31:df:59:8a:79:ba:4a:6a:6c:36:6d:86:
                    36:43:85:2f:13:13:12:12:72:22:5b:4e:78:a3:8d:
                    29:d7:54:02:b0:c3:f3:27:c2:7a:b8:b4:45:c7:40:
                    9d:90:27:95:b7:16:ca:fe:f5:fb:5d:31:5c:23:7c:
                    79:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:17:A9:77:E9:C0:71:92:1E:8D:E4:1D:6C:D2:2C:59:87:AC:80:42
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:9c:11:6e:54:27:88:e4:97:e8:be:93:64:ed:f0:07:f8:98:
         94:e7:fe:c0:36:6f:f6:d1:68:ca:4f:5f:51:ea:3b:87:01:e1:
         8a:11:58:42:ab:c4:30:3b:1a:42:9e:7f:f9:8d:f5:48:1a:2e:
         2a:45:f5:b4:42:de:c9:e7:2b:c0:a4:31:0a:27:27:f3:d0:44:
         f8:dc:33:52:b2:c8:14:3d:3a:19:ae:09:5f:42:bd:80:8a:7d:
         91:c0:d5:01:92:7c:83:d3:86:9c:2e:a2:0b:62:92:a0:05:04:
         53:3f:0a:d1:40:61:97:8b:a4:f4:f5:6c:51:64:c8:fd:7b:26:
         d7:f5:91:5e:21:7f:37:22:bb:9b:1d:95:6b:7d:06:49:97:0f:
         f8:31:53:c6:50:81:ae:ad:b7:9a:2c:ca:43:78:05:1f:ad:77:
         e8:e1:46:d9:76:5a:d8:50:49:0c:57:43:24:94:a3:41:f7:89:
         2e:8d:ed:77:9d:6c:c6:bd:5b:1e:49:6e:79:4c:46:8b:b9:4c:
         63:29:ef:6d:57:63:c7:48:50:20:a8:8d:3a:0b:e7:12:eb:e1:
         bd:37:c4:f1:77:9c:04:39:d0:df:e6:7f:7f:85:75:fb:8f:dd:
         d0:9d:7c:ea:01:d9:3d:1f:d6:5d:c8:db:2b:e0:ac:a4:34:6f:
         6f:00:34:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9RCeafNB8Ffv8SJNv1KmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjYwNDE3MDEwMTMwWhcNMjYwNDE4MDEwMTMwWjAzMTEwLwYDVQQD
EyhhMzE3YTk3N2U5YzA3MTkyMWU4ZGU0MWQ2Y2QyMmM1OTg3YWM4MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0T8eHkRTQtPgqvXZkJLZOeo17vo
Gj6x644OBq1NY4gFspHCmkdVYXbE0kCZy+E0020gnoRRXBqsKczi5TFKrzATLr/w
P6MgxX1zXzhWVhm6Tni+DOEIROJQfHjQgRM5RG9KVMeL6t/QZuNeQMdjlr1tj9Xb
fOcT6yOrcgakp7I2gnak2uoyRnlQRBb4P4NWvRI+ykaE/Sa6E+dserUqisfeSThP
VqeQVpjHCPqETSjRjkj+XPMyQp5yLuLZu1x1WJb2OlEx31mKebpKamw2bYY2Q4Uv
ExMSEnIiW054o40p11QCsMPzJ8J6uLRFx0CdkCeVtxbK/vX7XTFcI3x5awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMXqXfpwHGSHo3kHWzSLFmHrIBCMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGJwRblQn
iOSX6L6TZO3wB/iYlOf+wDZv9tFoyk9fUeo7hwHhihFYQqvEMDsaQp5/+Y31SBou
KkX1tELeyecrwKQxCicn89BE+NwzUrLIFD06Ga4JX0K9gIp9kcDVAZJ8g9OGnC6i
C2KSoAUEUz8K0UBhl4uk9PVsUWTI/Xsm1/WRXiF/NyK7mx2Va30GSZcP+DFTxlCB
rq23mizKQ3gFH6136OFG2XZa2FBJDFdDJJSjQfeJLo3td51sxr1bHklueUxGi7lM
YynvbVdjx0hQIKiNOgvnEuvhvTfE8XecBDnQ3+Z/f4V1+4/d0J186gHZPR/WXcjb
K+CspDRvbwA0ig==
-----END CERTIFICATE-----