Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          BujZmqYv8HW2ZZ19w0jyun8kX+SZWEM2mSRsWc3CfNg=
Subject key identifier:   1D:63:56:0E:CA:A0:D3:7C:BE:7D:2D:A6:80:03:E5:D0:3B:81:AF:09
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       019CAA21A3BA4095A581339895CBB96A48B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 16:00:56 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:56 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:56 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: gCaAIpsDhfJKpVX807x9QQpd3PJHS5gET02+uZwgAEc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:a3:ba:40:95:a5:81:33:98:95:cb:b9:6a:48:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Mar  1 16:00:56 2026 GMT
            Not After : Mar  2 16:00:56 2026 GMT
        Subject: CN=1d63560ecaa0d37cbe7d2da68003e5d03b81af09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9b:ed:92:4b:26:60:84:b4:b8:96:32:66:f1:
                    5e:e3:af:fb:6c:ea:4c:9b:42:ef:14:09:db:78:ce:
                    30:28:93:10:48:66:0a:59:64:c7:8c:51:14:a4:45:
                    e4:27:7e:35:ba:41:8e:38:b7:df:00:5a:9d:02:5f:
                    c7:e4:ea:bc:f2:77:2f:0b:cc:81:e6:3c:37:8f:01:
                    b8:27:41:51:30:a2:f4:57:cf:a6:31:c3:5e:48:94:
                    e8:2a:2f:10:cc:01:cf:79:40:73:3f:10:cc:d1:51:
                    b4:62:a9:48:21:4f:af:23:b2:5e:8c:52:c8:4f:39:
                    8f:a0:51:fb:3d:6c:52:16:ff:51:69:3d:fc:d2:a4:
                    66:fe:6b:f8:87:18:7e:18:11:14:27:02:79:98:19:
                    eb:50:4d:98:d9:fc:6f:7a:61:ef:8d:cf:36:d9:25:
                    4d:99:b1:06:e8:5a:19:8b:ce:49:87:90:70:bb:9d:
                    b9:be:5a:f7:05:c2:34:4e:a9:c4:0a:ac:74:aa:6b:
                    53:9e:1a:9b:22:70:6f:c0:8b:0f:1c:e8:64:b6:60:
                    18:ee:be:6c:ad:d2:e2:ad:e6:0c:1a:71:e2:95:4f:
                    70:b9:6e:71:9e:0a:7f:4c:22:ba:76:96:43:af:29:
                    a0:0f:b1:de:45:7b:db:5c:84:14:da:32:c8:ce:e9:
                    36:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:63:56:0E:CA:A0:D3:7C:BE:7D:2D:A6:80:03:E5:D0:3B:81:AF:09
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:84:c7:3d:90:6b:18:bc:f0:e5:82:9c:47:75:e3:73:cc:8a:
         f6:e2:58:74:05:7e:6e:ac:2c:fa:2f:0f:f5:01:65:2d:75:aa:
         dc:62:60:eb:d1:79:4a:07:3e:1d:41:ef:42:fe:9a:7a:36:bf:
         54:75:a0:5b:8b:d9:11:e2:c5:5b:32:ea:9b:c9:89:c0:fd:28:
         72:2d:6f:98:62:3e:8a:cc:16:90:c8:7d:a7:c4:56:17:cd:1e:
         1f:ec:ab:fa:1b:2e:9e:8a:a8:9d:08:87:f9:b4:c6:d4:c7:3d:
         ea:d4:fd:b6:1c:c2:53:4e:40:9a:cf:76:a5:91:dc:8e:51:7a:
         ef:58:89:6b:9f:d2:b1:b4:7b:a4:46:79:ee:ee:d9:85:e6:b8:
         a1:39:1b:16:7c:c6:dc:6f:4f:a9:0a:7a:d0:60:23:05:ec:eb:
         db:8b:2c:c7:8f:31:06:f9:8d:b3:3a:0f:36:fe:b2:f6:cc:83:
         cd:4c:cd:e2:75:c7:82:92:b8:40:dd:62:ec:3d:6e:94:1b:a3:
         79:c5:a6:72:b8:44:8d:56:70:36:92:33:73:31:c7:cf:3f:94:
         96:a9:28:ab:5c:ef:e1:80:44:cf:e9:d4:88:7e:9f:cd:9f:99:
         e2:31:31:81:c7:99:b3:13:ea:5f:fd:b0:08:12:8e:a0:2d:f6:
         fd:56:16:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIaO6QJWlgTOYlcu5akiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjYwMzAxMTYwMDU2WhcNMjYwMzAyMTYwMDU2WjAzMTEwLwYDVQQD
EygxZDYzNTYwZWNhYTBkMzdjYmU3ZDJkYTY4MDAzZTVkMDNiODFhZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJvtkksmYIS0uJYyZvFe46/7bOpM
m0LvFAnbeM4wKJMQSGYKWWTHjFEUpEXkJ341ukGOOLffAFqdAl/H5Oq88ncvC8yB
5jw3jwG4J0FRMKL0V8+mMcNeSJToKi8QzAHPeUBzPxDM0VG0YqlIIU+vI7JejFLI
TzmPoFH7PWxSFv9RaT380qRm/mv4hxh+GBEUJwJ5mBnrUE2Y2fxvemHvjc822SVN
mbEG6FoZi85Jh5Bwu525vlr3BcI0TqnECqx0qmtTnhqbInBvwIsPHOhktmAY7r5s
rdLireYMGnHilU9wuW5xngp/TCK6dpZDrymgD7HeRXvbXIQU2jLIzuk2TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB1jVg7KoNN8vn0tpoAD5dA7ga8JMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdITHPZBr
GLzw5YKcR3Xjc8yK9uJYdAV+bqws+i8P9QFlLXWq3GJg69F5Sgc+HUHvQv6aeja/
VHWgW4vZEeLFWzLqm8mJwP0oci1vmGI+iswWkMh9p8RWF80eH+yr+hsunoqonQiH
+bTG1Mc96tT9thzCU05Ams92pZHcjlF671iJa5/SsbR7pEZ57u7Zhea4oTkbFnzG
3G9PqQp60GAjBezr24ssx48xBvmNszoPNv6y9syDzUzN4nXHgpK4QN1i7D1ulBuj
ecWmcrhEjVZwNpIzczHHzz+Ulqkoq1zv4YBEz+nUiH6fzZ+Z4jExgceZsxPqX/2w
CBKOoC32/VYWig==
-----END CERTIFICATE-----