Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          ASdBjoEIrPHzIXzcsWsxMn4qtSyHShX3EqtJdsuMyAs=
Subject key identifier:   57:62:75:A7:1F:04:F8:30:CC:81:C0:34:C5:1D:7D:46:A4:DA:96:9B
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       019CAAC657E361D40E3C4630C4C0159D864F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          0C56
Signing time:             Sun 01 Mar 2026 19:00:51 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:51 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:51 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: DfC5JGlcUiMwfXYiCRyPrCb46C1iiG9qkUAwL61Zpwo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:57:e3:61:d4:0e:3c:46:30:c4:c0:15:9d:86:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Mar  1 19:00:51 2026 GMT
            Not After : Mar  2 19:00:51 2026 GMT
        Subject: CN=576275a71f04f830cc81c034c51d7d46a4da969b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:32:7f:3f:5c:e5:82:f3:87:2f:5c:f5:4c:fe:
                    2c:50:b4:12:3f:68:30:d2:df:4f:e6:b2:3c:db:31:
                    c6:a1:05:ce:a5:67:90:b9:ad:f7:f4:2e:94:b0:c4:
                    06:a2:a3:65:ef:36:b4:5b:a6:52:e2:67:86:9b:d6:
                    b7:25:65:30:e3:71:7d:57:c4:0c:19:61:6e:96:fb:
                    c0:b7:f7:3b:ed:9d:7b:7f:b7:b6:b3:60:a0:b5:2d:
                    78:54:63:b8:34:58:d0:ef:23:5b:f7:72:8a:32:c9:
                    5b:87:78:64:c1:cf:23:35:c8:d8:dc:f0:4b:56:0b:
                    35:3f:5d:67:ed:e2:51:0d:37:9f:4d:30:9d:81:7a:
                    66:00:06:d1:1c:75:6e:59:48:ec:d3:4b:59:21:66:
                    56:a3:8f:24:7d:39:18:a1:3f:08:7f:e2:42:73:27:
                    c2:28:e2:63:85:f5:6a:dd:e4:e6:06:5c:d4:f3:f7:
                    05:06:a7:b3:ef:54:62:87:72:9a:b1:7d:20:b7:fc:
                    9e:8b:7f:8b:2c:8a:5d:3b:5c:6d:ae:a3:98:c0:6d:
                    b6:2e:91:e6:c3:bc:dd:7d:4b:c8:73:86:05:22:90:
                    43:47:de:78:64:f6:37:ff:94:0a:49:07:b1:b0:64:
                    c6:e9:0e:47:60:0f:2c:ac:bf:f8:e4:9a:1c:d0:bd:
                    90:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:62:75:A7:1F:04:F8:30:CC:81:C0:34:C5:1D:7D:46:A4:DA:96:9B
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:31:4d:16:72:b2:3d:26:de:64:1c:29:51:d6:b8:c5:49:95:
         49:4a:9c:9f:cb:c4:06:ad:c6:63:8c:83:07:66:97:ee:40:2e:
         13:81:06:af:c5:66:69:8f:99:87:cb:b3:0e:de:d0:e7:77:3a:
         13:be:38:29:6d:03:b5:2a:ac:01:33:d9:2d:e5:dc:c9:77:51:
         3d:5f:3a:8d:eb:ee:33:9a:ee:03:1b:96:e5:2b:8a:d7:b2:a1:
         a9:80:e5:ab:da:ca:58:fa:68:4f:e6:94:a8:84:40:32:98:aa:
         6d:aa:26:02:ed:55:d5:52:d0:01:00:0f:10:54:f7:2a:5a:83:
         60:e1:ff:6f:c1:19:50:39:42:1e:b8:56:20:6a:24:0f:e4:78:
         6b:00:33:c0:8f:ff:c7:bc:9c:4d:e6:98:42:a8:00:db:73:94:
         ee:b5:41:46:4a:b9:22:43:98:21:d0:db:7f:7c:16:94:7c:16:
         72:f1:bd:e3:ea:54:3c:ca:3e:e0:f1:b7:88:53:ab:60:db:fd:
         c8:08:0d:98:dc:c4:97:2f:4f:b7:5b:1e:1f:58:d6:39:2b:e4:
         72:02:e7:f7:6c:74:7c:7d:b9:ef:6a:d5:98:ac:73:56:3f:27:
         f2:01:6e:c1:ab:7b:70:af:29:42:92:49:e6:b8:5d:96:f0:cf:
         ba:b2:5e:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxlfjYdQOPEYwxMAVnYZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjYwMzAxMTkwMDUxWhcNMjYwMzAyMTkwMDUxWjAzMTEwLwYDVQQD
Eyg1NzYyNzVhNzFmMDRmODMwY2M4MWMwMzRjNTFkN2Q0NmE0ZGE5NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDJ/P1zlgvOHL1z1TP4sULQSP2gw
0t9P5rI82zHGoQXOpWeQua339C6UsMQGoqNl7za0W6ZS4meGm9a3JWUw43F9V8QM
GWFulvvAt/c77Z17f7e2s2CgtS14VGO4NFjQ7yNb93KKMslbh3hkwc8jNcjY3PBL
Vgs1P11n7eJRDTefTTCdgXpmAAbRHHVuWUjs00tZIWZWo48kfTkYoT8If+JCcyfC
KOJjhfVq3eTmBlzU8/cFBqez71Rih3KasX0gt/yei3+LLIpdO1xtrqOYwG22LpHm
w7zdfUvIc4YFIpBDR954ZPY3/5QKSQexsGTG6Q5HYA8srL/45Joc0L2QdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdidacfBPgwzIHANMUdfUak2pabMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTFNFnKy
PSbeZBwpUda4xUmVSUqcn8vEBq3GY4yDB2aX7kAuE4EGr8VmaY+Zh8uzDt7Q53c6
E744KW0DtSqsATPZLeXcyXdRPV86jevuM5ruAxuW5SuK17KhqYDlq9rKWPpoT+aU
qIRAMpiqbaomAu1V1VLQAQAPEFT3KlqDYOH/b8EZUDlCHrhWIGokD+R4awAzwI//
x7ycTeaYQqgA23OU7rVBRkq5IkOYIdDbf3wWlHwWcvG94+pUPMo+4PG3iFOrYNv9
yAgNmNzEly9Pt1seH1jWOSvkcgLn92x0fH2572rVmKxzVj8n8gFuwat7cK8pQpJJ
5rhdlvDPurJeXQ==
-----END CERTIFICATE-----