Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
File:                     o3sePvrqidz80cjpfA6beAxhRl0.mft (raw, json)
Hash identifier:          FNgCbW/YK07d1fjLb91WUFp/gKtkqAFEq/6CcqYinog=
Subject key identifier:   55:86:D0:C9:9E:29:2D:5C:54:41:2C:C9:44:79:35:80:47:8C:32:13
Authority key identifier: A3:7B:1E:3E:FA:EA:89:DC:FC:D1:C8:E9:7C:0E:9B:78:0C:61:46:5D
Certificate issuer:       /CN=a37b1e3efaea89dcfcd1c8e97c0e9b780c61465d
Certificate serial:       019CAD599DC99EB00808B50FF5D918C7AE5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
Manifest number:          0ECE
Signing time:             Mon 02 Mar 2026 07:00:57 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:57 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:57 +0000
Files and hashes:         1: o3sePvrqidz80cjpfA6beAxhRl0.crl (hash: SnCw2kL6SyUYfTe/8663217apKFiNmafW48bC9cBemY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:9d:c9:9e:b0:08:08:b5:0f:f5:d9:18:c7:ae:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a37b1e3efaea89dcfcd1c8e97c0e9b780c61465d
        Validity
            Not Before: Mar  2 07:00:57 2026 GMT
            Not After : Mar  3 07:00:57 2026 GMT
        Subject: CN=5586d0c99e292d5c54412cc944793580478c3213
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:4e:d4:44:29:03:84:22:dd:4e:ef:a2:18:9f:
                    86:b6:b1:6d:7c:f1:55:0a:b6:e7:28:e2:da:08:63:
                    b8:dc:d5:2a:a7:99:63:c7:b1:dd:61:11:2a:71:31:
                    b6:d9:71:4e:5e:73:52:dd:65:00:a8:cf:71:6f:77:
                    8d:46:7b:8e:dc:85:d1:40:e4:2c:16:38:28:e6:c4:
                    b1:4b:3b:d2:fd:c9:6e:48:aa:bf:de:93:8c:22:f8:
                    22:6d:ab:98:32:16:09:53:76:f8:f3:cd:28:51:7e:
                    c9:c0:d0:39:62:d0:63:b6:43:39:83:ba:79:33:eb:
                    80:ba:b7:9d:93:51:77:57:eb:73:0f:3a:3c:48:3f:
                    5a:25:dc:9d:75:20:66:5c:d6:a6:22:70:e1:bf:d9:
                    c4:4c:fe:c6:f6:2c:13:a4:9f:2e:8f:69:5a:3d:c1:
                    90:22:7b:97:70:48:7c:06:b3:c5:f8:0e:45:90:29:
                    20:ee:c7:88:ec:26:8c:23:18:fc:01:b4:be:62:3c:
                    da:91:d7:9c:96:de:a6:47:33:7d:c0:9c:f1:d1:f1:
                    ec:98:2e:76:b4:c2:b5:4a:80:34:0f:d8:3f:7e:db:
                    3e:93:18:eb:8f:39:43:a0:ee:c6:fc:96:9c:a5:c7:
                    5f:0a:b7:b3:f4:fd:33:f4:bf:b5:e0:ac:62:de:cd:
                    19:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:86:D0:C9:9E:29:2D:5C:54:41:2C:C9:44:79:35:80:47:8C:32:13
            X509v3 Authority Key Identifier:
                keyid:A3:7B:1E:3E:FA:EA:89:DC:FC:D1:C8:E9:7C:0E:9B:78:0C:61:46:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:88:67:f8:98:a9:8d:9b:4d:7b:35:03:45:75:ec:8f:dc:4c:
         81:b8:ce:14:d3:39:22:53:c1:06:f8:d3:99:9c:18:31:b6:9d:
         87:32:69:18:48:3e:8c:df:12:c8:72:97:42:89:9c:4e:a9:33:
         6f:d3:6c:8a:7f:3a:47:fa:7b:61:c7:c2:f5:e4:ec:5f:99:87:
         f7:ab:01:07:f8:7a:32:f4:0d:ef:d6:4e:68:e1:2e:24:73:38:
         39:e7:36:2c:a6:27:55:b7:be:18:07:80:86:5b:d2:f7:3d:00:
         72:04:4b:f5:4f:40:76:28:ab:7e:55:71:38:47:c5:87:c1:40:
         97:55:e2:90:30:ad:7f:75:86:3c:78:b0:06:f4:91:06:dd:7e:
         b0:5b:b6:97:6b:2b:69:60:59:39:a0:25:d3:f4:de:b9:96:d1:
         69:44:cc:bc:ec:84:f9:48:85:3d:bd:8e:e1:00:2d:4a:6a:34:
         99:da:26:8b:c2:31:86:3f:e1:f8:e5:82:18:01:69:4d:64:be:
         1f:f6:4c:58:75:36:a2:1e:35:28:81:a2:aa:15:00:b5:61:c0:
         cd:01:60:38:cd:f0:9a:78:e1:cc:63:c5:c8:60:b1:d4:de:98:
         c8:1f:10:b0:f8:83:28:7a:cc:b8:4e:12:73:f0:78:84:76:07:
         48:7d:ea:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZ3JnrAICLUP9dkYx65fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzN2IxZTNlZmFlYTg5ZGNmY2QxYzhlOTdjMGU5Yjc4MGM2
MTQ2NWQwHhcNMjYwMzAyMDcwMDU3WhcNMjYwMzAzMDcwMDU3WjAzMTEwLwYDVQQD
Eyg1NTg2ZDBjOTllMjkyZDVjNTQ0MTJjYzk0NDc5MzU4MDQ3OGMzMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk7URCkDhCLdTu+iGJ+GtrFtfPFV
CrbnKOLaCGO43NUqp5ljx7HdYREqcTG22XFOXnNS3WUAqM9xb3eNRnuO3IXRQOQs
Fjgo5sSxSzvS/cluSKq/3pOMIvgibauYMhYJU3b4880oUX7JwNA5YtBjtkM5g7p5
M+uAuredk1F3V+tzDzo8SD9aJdyddSBmXNamInDhv9nETP7G9iwTpJ8uj2laPcGQ
InuXcEh8BrPF+A5FkCkg7seI7CaMIxj8AbS+Yjzakdeclt6mRzN9wJzx0fHsmC52
tMK1SoA0D9g/fts+kxjrjzlDoO7G/JacpcdfCrez9P0z9L+14Kxi3s0ZbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWG0MmeKS1cVEEsyUR5NYBHjDITMB8GA1UdIwQY
MBaAFKN7Hj766onc/NHI6XwOm3gMYUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zNWJiMjEtMjIzOS00Zjc3LWE3ZmEt
NTVkZTY1YTJlYTNiLzEvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zNWJiMjEtMjIzOS00Zjc3LWE3ZmEtNTVkZTY1YTJlYTNi
LzEvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIhn+Jip
jZtNezUDRXXsj9xMgbjOFNM5IlPBBvjTmZwYMbadhzJpGEg+jN8SyHKXQomcTqkz
b9Nsin86R/p7YcfC9eTsX5mH96sBB/h6MvQN79ZOaOEuJHM4Oec2LKYnVbe+GAeA
hlvS9z0AcgRL9U9AdiirflVxOEfFh8FAl1XikDCtf3WGPHiwBvSRBt1+sFu2l2sr
aWBZOaAl0/TeuZbRaUTMvOyE+UiFPb2O4QAtSmo0mdomi8Ixhj/h+OWCGAFpTWS+
H/ZMWHU2oh41KIGiqhUAtWHAzQFgOM3wmnjhzGPFyGCx1N6YyB8QsPiDKHrMuE4S
c/B4hHYHSH3qqQ==
-----END CERTIFICATE-----