Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          L7Ple/fq8aIxD4GHLd9Yowxxc7QvyJG0WnTGeKX47w8=
Subject key identifier:   3A:71:C5:EE:C2:B8:E1:E0:C0:BA:05:9B:3E:CD:30:6C:D6:A4:A0:5A
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       019CAAFD49D904037069AAE4A114FB99A026
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          041F
Signing time:             Sun 01 Mar 2026 20:00:51 +0000
Manifest this update:     Sun 01 Mar 2026 20:00:51 +0000
Manifest next update:     Mon 02 Mar 2026 20:00:51 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: KuSYyZEbLnD2TI2apTqrCr7sR3i1HY5X6RGX1kT+Hks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:fd:49:d9:04:03:70:69:aa:e4:a1:14:fb:99:a0:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Mar  1 20:00:51 2026 GMT
            Not After : Mar  2 20:00:51 2026 GMT
        Subject: CN=3a71c5eec2b8e1e0c0ba059b3ecd306cd6a4a05a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:31:7a:09:f6:fd:b5:e9:ba:ec:bc:6b:9b:4a:
                    fe:ef:a7:ec:88:29:44:2c:93:71:2f:58:2f:c4:79:
                    18:9b:fd:e5:71:06:83:c6:4d:9a:17:53:f5:92:83:
                    a2:6a:73:76:91:52:ea:c2:73:70:12:3e:7f:1a:e3:
                    42:39:52:55:4c:1f:47:21:0c:67:4c:85:4f:63:f7:
                    b6:57:98:46:76:4e:da:e9:87:f4:d2:9d:4c:a7:08:
                    ac:77:6f:a6:a2:b9:11:1a:e3:c1:a4:f8:dd:86:ed:
                    45:f9:a7:90:32:4d:39:0e:45:02:db:41:8a:26:cc:
                    39:f8:50:53:7f:5c:06:b1:73:57:9e:9b:94:71:6d:
                    b4:d2:03:99:6f:b4:a7:9d:52:ba:b8:cc:6b:5f:0a:
                    cb:bc:c0:03:91:a6:40:7c:58:83:e1:fa:3b:68:43:
                    bc:13:de:4a:09:cd:1f:b8:41:75:ff:9f:15:61:6f:
                    19:05:36:7a:39:a0:d2:6d:4a:fa:ed:42:eb:7a:93:
                    e6:51:a9:6e:c0:49:41:13:ee:01:75:dd:c4:bc:74:
                    5b:4d:8a:9f:e4:57:5e:05:7e:3b:f1:3c:06:c4:f4:
                    e4:e1:9d:1b:1b:da:c6:8d:f3:cd:af:83:b3:31:06:
                    0d:b2:48:3f:bb:41:35:4e:e4:17:ee:82:58:4c:61:
                    83:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:71:C5:EE:C2:B8:E1:E0:C0:BA:05:9B:3E:CD:30:6C:D6:A4:A0:5A
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ad:c8:b5:b6:5f:a9:d6:13:fa:13:86:fb:b6:0d:db:77:7d:
         ed:2f:83:c7:b5:d5:0c:ca:4b:73:ff:38:fe:0d:57:e0:de:bd:
         70:54:a2:b4:a8:32:e0:62:49:87:6f:ac:10:e1:b2:d7:a5:8e:
         39:d1:ac:12:83:f7:91:77:b7:1b:cf:4b:d0:1e:b2:84:e8:79:
         44:35:d3:46:d2:74:b8:4c:45:6c:bc:ad:7a:00:e9:e6:4a:7e:
         1c:52:5f:b4:5e:7d:8c:b6:96:d8:05:a9:2a:c5:97:12:8b:21:
         07:8a:40:b1:84:4e:fd:c5:e5:cb:42:3b:5e:f2:0f:d2:1b:6f:
         f3:08:9a:b5:00:fb:c4:02:4a:d1:45:0f:01:70:1c:42:4d:f7:
         16:22:c9:1d:60:61:17:8d:2b:78:80:6b:e7:a5:0c:85:61:a6:
         88:78:06:79:98:94:bf:7d:85:a9:2d:df:14:46:d3:da:bd:ce:
         2b:cf:3d:8f:57:22:c0:e3:94:51:82:c5:b9:48:3e:be:f6:02:
         18:b7:b5:27:f8:b1:31:7e:5a:fb:94:a7:4e:dc:14:78:ca:60:
         57:64:9e:f3:dc:b9:4c:c0:9d:a2:32:c2:0b:1a:38:7a:d8:bf:
         ac:b7:fb:60:8d:a1:fb:d0:63:1d:23:50:b5:ed:bf:e5:8f:95:
         ef:7e:f2:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyq/UnZBANwaarkoRT7maAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjYwMzAxMjAwMDUxWhcNMjYwMzAyMjAwMDUxWjAzMTEwLwYDVQQD
EygzYTcxYzVlZWMyYjhlMWUwYzBiYTA1OWIzZWNkMzA2Y2Q2YTRhMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTF6Cfb9tem67Lxrm0r+76fsiClE
LJNxL1gvxHkYm/3lcQaDxk2aF1P1koOianN2kVLqwnNwEj5/GuNCOVJVTB9HIQxn
TIVPY/e2V5hGdk7a6Yf00p1Mpwisd2+morkRGuPBpPjdhu1F+aeQMk05DkUC20GK
Jsw5+FBTf1wGsXNXnpuUcW200gOZb7SnnVK6uMxrXwrLvMADkaZAfFiD4fo7aEO8
E95KCc0fuEF1/58VYW8ZBTZ6OaDSbUr67ULrepPmUaluwElBE+4Bdd3EvHRbTYqf
5FdeBX478TwGxPTk4Z0bG9rGjfPNr4OzMQYNskg/u0E1TuQX7oJYTGGDzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpxxe7CuOHgwLoFmz7NMGzWpKBaMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG63ItbZf
qdYT+hOG+7YN23d97S+Dx7XVDMpLc/84/g1X4N69cFSitKgy4GJJh2+sEOGy16WO
OdGsEoP3kXe3G89L0B6yhOh5RDXTRtJ0uExFbLytegDp5kp+HFJftF59jLaW2AWp
KsWXEoshB4pAsYRO/cXly0I7XvIP0htv8wiatQD7xAJK0UUPAXAcQk33FiLJHWBh
F40reIBr56UMhWGmiHgGeZiUv32FqS3fFEbT2r3OK889j1ciwOOUUYLFuUg+vvYC
GLe1J/ixMX5a+5SnTtwUeMpgV2Se89y5TMCdojLCCxo4eti/rLf7YI2h+9BjHSNQ
te2/5Y+V737y4A==
-----END CERTIFICATE-----