Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
File:                     oCUv6bQqZD9HflhGYZquiGkX7_s.mft (raw, json)
Hash identifier:          punTO9mLKjbSVuvQyKGmxxE+CuNj0MwWvU8BPyOlYbA=
Subject key identifier:   A8:53:D0:EC:AB:F8:FC:72:C5:4D:D4:74:2D:3D:9A:65:58:EB:BB:B0
Authority key identifier: A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB
Certificate issuer:       /CN=a0252fe9b42a643f477e5846619aae886917effb
Certificate serial:       019D9BBEA97F5D6840FA8A44A5CAA9CB0495
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
Manifest number:          16AB
Signing time:             Fri 17 Apr 2026 14:00:56 +0000
Manifest this update:     Fri 17 Apr 2026 14:00:56 +0000
Manifest next update:     Sat 18 Apr 2026 14:00:56 +0000
Files and hashes:         1: oCUv6bQqZD9HflhGYZquiGkX7_s.crl (hash: Q5cYCv3NAZGxazCA3lZnlpIFpq6dICAGeYtB+N/Giic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9b:be:a9:7f:5d:68:40:fa:8a:44:a5:ca:a9:cb:04:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0252fe9b42a643f477e5846619aae886917effb
        Validity
            Not Before: Apr 17 14:00:56 2026 GMT
            Not After : Apr 18 14:00:56 2026 GMT
        Subject: CN=a853d0ecabf8fc72c54dd4742d3d9a6558ebbbb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e1:1c:60:1c:c3:f0:d8:76:d4:08:e7:04:46:
                    a2:f6:6a:ed:cb:a5:1c:31:93:60:7c:33:48:7f:86:
                    0e:6f:56:79:cb:9b:f6:86:4d:ab:a2:e2:dc:4a:ad:
                    fd:b1:bd:81:15:2d:45:80:8c:8a:d4:54:af:b0:31:
                    52:f4:f8:4c:73:87:8d:e5:2f:70:69:88:33:5f:9e:
                    57:61:3b:37:61:ee:4b:91:74:ca:07:e9:9c:22:6d:
                    7c:62:a9:5f:e9:b6:5c:80:87:fa:bd:61:1d:8c:44:
                    30:17:f5:da:fe:72:de:52:f6:75:f8:58:4d:1a:10:
                    0a:3e:8f:b6:b4:51:d6:da:ef:98:b1:d3:4a:9a:6b:
                    ca:0b:e1:c2:60:50:47:f4:7e:e7:11:44:6f:a9:28:
                    74:ac:89:1f:23:ed:c3:ba:53:4c:f4:1a:7f:00:f1:
                    5a:43:5c:0f:1e:78:35:ab:66:bb:de:1c:2f:a9:cd:
                    ff:e7:44:29:7c:e4:2d:05:34:45:4b:92:de:ee:43:
                    86:f9:54:c5:ca:36:0f:0d:d1:ac:5e:57:fe:fa:e4:
                    94:f3:fd:51:15:9d:3b:48:5c:e0:c8:75:c1:78:e6:
                    6c:cb:cc:e1:d8:fa:3e:d3:62:ba:2c:a3:0a:c4:6a:
                    a5:60:2e:c6:f9:1a:92:3a:09:c2:7f:97:64:e9:47:
                    30:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:53:D0:EC:AB:F8:FC:72:C5:4D:D4:74:2D:3D:9A:65:58:EB:BB:B0
            X509v3 Authority Key Identifier:
                keyid:A0:25:2F:E9:B4:2A:64:3F:47:7E:58:46:61:9A:AE:88:69:17:EF:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUv6bQqZD9HflhGYZquiGkX7_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/c9ca65-9253-4fc4-9bbf-01dc944c4477/1/oCUv6bQqZD9HflhGYZquiGkX7_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:54:d6:da:7b:1f:26:f3:f1:7b:34:94:54:92:af:ae:02:e6:
         75:fd:34:e1:1d:fa:7a:5c:a7:36:4d:f4:dd:52:ee:05:f5:6e:
         ec:a1:13:6f:ae:cb:ce:f2:7d:a2:f0:34:24:12:20:1c:41:30:
         df:ac:09:74:e2:5a:fc:5b:63:32:8d:5c:bf:76:3b:11:18:94:
         95:de:02:37:98:44:51:a2:ce:c2:99:7a:1d:f1:5f:10:20:ee:
         0a:54:cd:3c:e8:48:dc:c8:86:bf:20:27:d7:3e:4f:67:54:2c:
         c2:69:d3:dc:62:45:73:bf:6f:1c:82:bc:a3:31:86:11:0d:bf:
         03:fb:18:3c:a5:32:4a:3c:81:01:a6:09:00:d3:10:98:c2:91:
         55:ae:d9:42:63:00:23:17:a3:5f:5e:15:a5:81:e9:f1:a6:47:
         71:05:45:f7:3a:68:8c:e1:75:b4:b7:37:f7:2d:2f:8e:af:93:
         6d:10:98:bb:a3:48:8e:19:1a:83:6d:1f:a5:80:c8:68:73:61:
         6a:66:9a:41:ab:b1:67:32:d3:f5:b5:8c:bf:26:3d:a3:71:e3:
         59:d8:ac:0d:05:bd:ba:92:1b:c7:9f:06:4e:ab:78:bb:3a:41:
         6f:49:5a:f5:5b:83:13:cb:d7:41:5e:f0:24:d1:6f:63:76:b1:
         4d:3f:1a:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bvql/XWhA+opEpcqpywSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMjUyZmU5YjQyYTY0M2Y0NzdlNTg0NjYxOWFhZTg4Njkx
N2VmZmIwHhcNMjYwNDE3MTQwMDU2WhcNMjYwNDE4MTQwMDU2WjAzMTEwLwYDVQQD
EyhhODUzZDBlY2FiZjhmYzcyYzU0ZGQ0NzQyZDNkOWE2NTU4ZWJiYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseEcYBzD8Nh21AjnBEai9mrty6Uc
MZNgfDNIf4YOb1Z5y5v2hk2rouLcSq39sb2BFS1FgIyK1FSvsDFS9PhMc4eN5S9w
aYgzX55XYTs3Ye5LkXTKB+mcIm18Yqlf6bZcgIf6vWEdjEQwF/Xa/nLeUvZ1+FhN
GhAKPo+2tFHW2u+YsdNKmmvKC+HCYFBH9H7nEURvqSh0rIkfI+3DulNM9Bp/APFa
Q1wPHng1q2a73hwvqc3/50QpfOQtBTRFS5Le7kOG+VTFyjYPDdGsXlf++uSU8/1R
FZ07SFzgyHXBeOZsy8zh2Po+02K6LKMKxGqlYC7G+RqSOgnCf5dk6UcwzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhT0Oyr+PxyxU3UdC09mmVY67uwMB8GA1UdIwQY
MBaAFKAlL+m0KmQ/R35YRmGarohpF+/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYt
MDFkYzk0NGM0NDc3LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jOWNhNjUtOTI1My00ZmM0LTliYmYtMDFkYzk0NGM0NDc3
LzEvb0NVdjZiUXFaRDlIZmxoR1lacXVpR2tYN19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB1TW2nsf
JvPxezSUVJKvrgLmdf004R36elynNk303VLuBfVu7KETb67LzvJ9ovA0JBIgHEEw
36wJdOJa/FtjMo1cv3Y7ERiUld4CN5hEUaLOwpl6HfFfECDuClTNPOhI3MiGvyAn
1z5PZ1QswmnT3GJFc79vHIK8ozGGEQ2/A/sYPKUySjyBAaYJANMQmMKRVa7ZQmMA
IxejX14VpYHp8aZHcQVF9zpojOF1tLc39y0vjq+TbRCYu6NIjhkag20fpYDIaHNh
amaaQauxZzLT9bWMvyY9o3HjWdisDQW9upIbx58GTqt4uzpBb0la9VuDE8vXQV7w
JNFvY3axTT8a2g==
-----END CERTIFICATE-----