Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
File:                     oYhrwvjZOpz8WoN-LydS7knyJHQ.mft (raw, json)
Hash identifier:          L3QkboZqJWKZhJogugdY9U/46Doz5nwyoxNBCOhtEBo=
Subject key identifier:   4A:5D:62:02:D1:D0:BF:E8:EC:92:33:D8:71:12:55:46:14:55:ED:2E
Authority key identifier: A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74
Certificate issuer:       /CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
Certificate serial:       019CADC809E5248838C1CB9263DFC5F9C1FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 09:01:33 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:33 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:33 +0000
Files and hashes:         1: oYhrwvjZOpz8WoN-LydS7knyJHQ.crl (hash: 7+8hP0k4J8teeT5V/aMzC4n8vT44mBOh9nNAwEmqYLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c8:09:e5:24:88:38:c1:cb:92:63:df:c5:f9:c1:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1886bc2f8d93a9cfc5a837e2f2752ee49f22474
        Validity
            Not Before: Mar  2 09:01:33 2026 GMT
            Not After : Mar  3 09:01:33 2026 GMT
        Subject: CN=4a5d6202d1d0bfe8ec9233d8711255461455ed2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ef:48:8e:5d:e8:89:b6:21:24:b5:3a:2c:ca:
                    b1:6a:da:40:0b:ae:00:e9:5e:82:ac:4a:0c:9a:d8:
                    7e:57:60:c2:d5:be:74:bf:46:3d:62:7d:98:d8:99:
                    91:b6:5b:0b:e0:98:fd:e1:82:44:1b:b9:ae:5c:f6:
                    19:00:bb:ab:50:14:f5:d5:8e:1c:24:0e:b2:24:59:
                    d0:6a:00:a5:72:db:8d:a5:0d:a6:bf:fe:7e:af:5e:
                    06:f1:63:bb:9d:4e:1e:03:8e:c6:19:a3:22:ef:fe:
                    57:76:36:fe:e4:e9:68:48:02:a6:c0:66:21:a3:83:
                    6b:9a:07:2b:75:99:35:9b:a1:cd:10:ff:db:a9:c6:
                    98:fa:e9:7c:1b:83:ec:5e:49:34:46:6e:cd:1b:f7:
                    78:86:38:76:61:cc:fb:79:9a:fb:48:14:60:42:1c:
                    22:37:b1:1c:aa:5a:73:16:8d:67:be:5e:32:4b:62:
                    63:c0:43:67:c2:8d:38:42:53:41:e7:5d:bc:e8:3e:
                    af:15:a2:30:c0:33:18:8b:c5:bd:ba:25:52:ae:fb:
                    1c:ac:5c:5c:ca:48:72:46:7a:66:c3:46:34:f1:4e:
                    f9:0a:67:e9:04:60:d5:cf:e6:73:dc:92:87:37:9a:
                    b6:e2:69:ab:eb:d7:6b:66:00:93:e2:8b:5f:fe:8c:
                    2e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:5D:62:02:D1:D0:BF:E8:EC:92:33:D8:71:12:55:46:14:55:ED:2E
            X509v3 Authority Key Identifier:
                keyid:A1:88:6B:C2:F8:D9:3A:9C:FC:5A:83:7E:2F:27:52:EE:49:F2:24:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYhrwvjZOpz8WoN-LydS7knyJHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/7cb76e-957b-4311-89c9-995d11a86015/1/oYhrwvjZOpz8WoN-LydS7knyJHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:48:9c:42:20:74:ab:4b:1e:c8:5a:1b:62:3f:71:d5:93:d6:
         6d:15:fd:ed:39:b8:45:a6:d8:59:a1:1b:f7:80:56:70:ff:67:
         14:43:b2:99:97:08:ee:2d:84:eb:69:aa:f6:bb:9d:2f:2a:e1:
         b2:0e:c9:3f:a0:0d:13:25:45:82:0d:4d:87:e4:7e:8f:6d:de:
         2b:b2:87:45:c3:bb:fc:89:1d:06:b8:ac:eb:3e:b8:92:ed:d7:
         e5:92:b6:77:62:88:49:cb:79:21:82:9b:cc:11:9c:ea:39:8d:
         bd:49:06:50:b2:b3:1c:56:bc:07:4e:bf:78:2f:87:e5:ce:2c:
         98:26:50:e7:bd:bb:8a:2b:ee:18:af:ab:0e:a1:7c:7b:bd:ed:
         eb:5a:4b:60:7d:92:10:60:e7:6c:4b:9f:90:fc:38:7b:64:5c:
         65:6b:84:69:88:59:a7:00:4b:fe:94:29:85:4b:c2:e5:d7:f7:
         21:16:33:17:42:63:26:cf:70:34:2c:40:0f:78:ed:4b:4b:54:
         a9:8a:6b:ee:d0:d8:8b:f1:18:78:f2:ec:70:c1:52:d5:4a:a3:
         ff:6b:2a:52:2d:2f:fb:39:b9:d1:eb:62:86:90:db:9a:d2:36:
         7d:10:f0:3d:a2:fa:f2:d3:ec:f9:46:a9:ed:91:4c:d0:6d:7c:
         ec:5e:ff:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyAnlJIg4wcuSY9/F+cH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODg2YmMyZjhkOTNhOWNmYzVhODM3ZTJmMjc1MmVlNDlm
MjI0NzQwHhcNMjYwMzAyMDkwMTMzWhcNMjYwMzAzMDkwMTMzWjAzMTEwLwYDVQQD
Eyg0YTVkNjIwMmQxZDBiZmU4ZWM5MjMzZDg3MTEyNTU0NjE0NTVlZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu9Ijl3oibYhJLU6LMqxatpAC64A
6V6CrEoMmth+V2DC1b50v0Y9Yn2Y2JmRtlsL4Jj94YJEG7muXPYZALurUBT11Y4c
JA6yJFnQagClctuNpQ2mv/5+r14G8WO7nU4eA47GGaMi7/5Xdjb+5OloSAKmwGYh
o4NrmgcrdZk1m6HNEP/bqcaY+ul8G4PsXkk0Rm7NG/d4hjh2Ycz7eZr7SBRgQhwi
N7EcqlpzFo1nvl4yS2JjwENnwo04QlNB51286D6vFaIwwDMYi8W9uiVSrvscrFxc
ykhyRnpmw0Y08U75CmfpBGDVz+Zz3JKHN5q24mmr69drZgCT4otf/owuoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpdYgLR0L/o7JIz2HESVUYUVe0uMB8GA1UdIwQY
MBaAFKGIa8L42Tqc/FqDfi8nUu5J8iR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5Yzkt
OTk1ZDExYTg2MDE1LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi83Y2I3NmUtOTU3Yi00MzExLTg5YzktOTk1ZDExYTg2MDE1
LzEvb1locnd2alpPcHo4V29OLUx5ZFM3a255SkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXEicQiB0
q0seyFobYj9x1ZPWbRX97Tm4RabYWaEb94BWcP9nFEOymZcI7i2E62mq9rudLyrh
sg7JP6ANEyVFgg1Nh+R+j23eK7KHRcO7/IkdBris6z64ku3X5ZK2d2KISct5IYKb
zBGc6jmNvUkGULKzHFa8B06/eC+H5c4smCZQ5727iivuGK+rDqF8e73t61pLYH2S
EGDnbEufkPw4e2RcZWuEaYhZpwBL/pQphUvC5df3IRYzF0JjJs9wNCxAD3jtS0tU
qYpr7tDYi/EYePLscMFS1Uqj/2sqUi0v+zm50etihpDbmtI2fRDwPaL68tPs+Uap
7ZFM0G187F7/SA==
-----END CERTIFICATE-----