Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          oEeS6/l23Q3kg/i+VSxNCOwXb76TePdIagr1zhB/g6g=
Subject key identifier:   EE:B5:6C:58:38:E6:0F:48:BD:3F:8B:FD:E7:87:EF:5E:F4:53:5C:7A
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       019D9A74A1F59703BB07894838D38E2F8F38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          049B
Signing time:             Fri 17 Apr 2026 08:00:27 +0000
Manifest this update:     Fri 17 Apr 2026 08:00:27 +0000
Manifest next update:     Sat 18 Apr 2026 08:00:27 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: gpqrj+JfpK/JLHHqYGkVqFRi2d5a5Bal4WJxs0KwQJc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:74:a1:f5:97:03:bb:07:89:48:38:d3:8e:2f:8f:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Apr 17 08:00:27 2026 GMT
            Not After : Apr 18 08:00:27 2026 GMT
        Subject: CN=eeb56c5838e60f48bd3f8bfde787ef5ef4535c7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ac:cd:fe:42:6e:16:1d:18:f6:98:f4:5c:51:
                    50:8d:cc:2a:92:fb:75:ee:77:f8:05:38:15:d4:5a:
                    bb:b9:e1:b3:3c:c0:51:84:6c:7e:8a:5b:2c:75:33:
                    6e:ff:7f:81:3b:82:06:3f:cc:52:32:91:c0:26:ba:
                    72:30:70:c2:2e:89:e7:0e:99:01:b7:78:7b:22:0f:
                    72:c4:6d:48:7e:45:c6:73:b1:c9:33:86:bb:2c:22:
                    1b:e1:20:e2:c8:ec:5a:0c:bf:46:0a:ee:e7:01:68:
                    eb:9d:cc:1f:10:ce:f8:f5:81:2c:10:40:c1:3f:07:
                    b3:8a:74:9e:60:55:18:22:bc:05:7a:0b:19:eb:be:
                    ef:13:98:e2:cc:fb:fa:fb:23:fa:3f:e6:7d:41:c4:
                    12:5b:4c:fb:b6:5f:78:69:4c:3a:62:2c:5a:7b:84:
                    39:f6:1f:6a:18:a4:9d:3e:71:66:09:77:da:71:17:
                    92:82:f9:de:52:73:70:a3:36:8a:ca:9d:86:c9:f2:
                    3a:b1:63:90:bb:25:05:f6:89:a4:28:27:30:9b:99:
                    1d:f3:86:8b:fd:69:5d:ef:c3:b9:db:ab:59:5c:ac:
                    09:70:c2:2f:ec:17:79:c9:7e:f6:1e:3f:8e:fe:c9:
                    0c:90:ea:00:ac:32:c7:18:c6:48:54:a6:0f:49:65:
                    70:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:B5:6C:58:38:E6:0F:48:BD:3F:8B:FD:E7:87:EF:5E:F4:53:5C:7A
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:e5:38:2a:29:11:66:28:e4:fc:df:d6:12:b0:72:58:44:17:
         c4:30:83:0d:46:9a:3a:c0:ab:f1:47:08:7e:59:6d:84:e6:4c:
         1f:8c:57:74:7a:b5:c2:d5:ee:dd:1c:3b:7d:4d:b0:b0:a6:d4:
         64:5e:81:ba:e3:c6:4d:5d:cb:19:8e:d7:fe:7e:3b:2d:62:83:
         ba:7d:83:0b:25:3f:7b:72:3e:03:42:1e:96:87:9d:ad:eb:80:
         76:51:45:47:5e:93:34:76:d6:da:81:b0:28:ef:e9:1b:0f:da:
         78:09:86:2d:62:ae:dd:67:94:87:67:45:13:8f:e9:c1:23:37:
         b7:3c:de:e9:46:e7:2a:8b:96:56:12:cb:f8:00:ba:3d:55:94:
         c6:23:43:7f:3b:c4:8b:f8:dc:06:0b:7d:fa:37:e8:3f:09:35:
         db:7f:1a:c7:4b:4f:ce:0c:7d:71:e2:72:b7:64:03:c0:60:1e:
         d2:aa:27:a9:71:a1:06:90:44:60:53:38:e9:a4:67:e0:88:76:
         31:f5:26:43:65:b5:d9:39:00:1a:f2:26:c2:73:b0:12:da:f9:
         02:fd:28:6d:b4:5c:03:61:a4:2b:91:ae:07:6e:d8:da:ee:32:
         f3:ef:66:f7:65:3c:b5:53:ad:f4:e5:69:a5:4d:23:f0:eb:ed:
         eb:0d:ec:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2adKH1lwO7B4lIONOOL484MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjYwNDE3MDgwMDI3WhcNMjYwNDE4MDgwMDI3WjAzMTEwLwYDVQQD
EyhlZWI1NmM1ODM4ZTYwZjQ4YmQzZjhiZmRlNzg3ZWY1ZWY0NTM1YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6zN/kJuFh0Y9pj0XFFQjcwqkvt1
7nf4BTgV1Fq7ueGzPMBRhGx+ilssdTNu/3+BO4IGP8xSMpHAJrpyMHDCLonnDpkB
t3h7Ig9yxG1IfkXGc7HJM4a7LCIb4SDiyOxaDL9GCu7nAWjrncwfEM749YEsEEDB
PwezinSeYFUYIrwFegsZ677vE5jizPv6+yP6P+Z9QcQSW0z7tl94aUw6Yixae4Q5
9h9qGKSdPnFmCXfacReSgvneUnNwozaKyp2GyfI6sWOQuyUF9omkKCcwm5kd84aL
/Wld78O526tZXKwJcMIv7Bd5yX72Hj+O/skMkOoArDLHGMZIVKYPSWVwnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO61bFg45g9IvT+L/eeH7170U1x6MB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZeU4KikR
Zijk/N/WErByWEQXxDCDDUaaOsCr8UcIfllthOZMH4xXdHq1wtXu3Rw7fU2wsKbU
ZF6BuuPGTV3LGY7X/n47LWKDun2DCyU/e3I+A0IeloedreuAdlFFR16TNHbW2oGw
KO/pGw/aeAmGLWKu3WeUh2dFE4/pwSM3tzze6UbnKouWVhLL+AC6PVWUxiNDfzvE
i/jcBgt9+jfoPwk1238ax0tPzgx9ceJyt2QDwGAe0qonqXGhBpBEYFM46aRn4Ih2
MfUmQ2W12TkAGvImwnOwEtr5Av0obbRcA2GkK5GuB27Y2u4y8+9m92U8tVOt9OVp
pU0j8Ovt6w3sKg==
-----END CERTIFICATE-----