Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
File:                     o3sePvrqidz80cjpfA6beAxhRl0.mft (raw, json)
Hash identifier:          vOFiLqY3/4JaeHBX9rSXJU8HwXvWuMqOlLCBgwd1mZ4=
Subject key identifier:   A5:34:B4:CC:16:46:7B:D1:2A:EF:8C:33:C7:64:16:25:F9:47:4A:7C
Authority key identifier: A3:7B:1E:3E:FA:EA:89:DC:FC:D1:C8:E9:7C:0E:9B:78:0C:61:46:5D
Certificate issuer:       /CN=a37b1e3efaea89dcfcd1c8e97c0e9b780c61465d
Certificate serial:       019DA48AD56578BA2CD1576578E20BE02BCB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
Manifest number:          0F4E
Signing time:             Sun 19 Apr 2026 07:00:55 +0000
Manifest this update:     Sun 19 Apr 2026 07:00:55 +0000
Manifest next update:     Mon 20 Apr 2026 07:00:55 +0000
Files and hashes:         1: o3sePvrqidz80cjpfA6beAxhRl0.crl (hash: 0dwfHs74TWBt1UBgg8UUAGKQHqBGxdiY3zIiDKJBfWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:8a:d5:65:78:ba:2c:d1:57:65:78:e2:0b:e0:2b:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a37b1e3efaea89dcfcd1c8e97c0e9b780c61465d
        Validity
            Not Before: Apr 19 07:00:55 2026 GMT
            Not After : Apr 20 07:00:55 2026 GMT
        Subject: CN=a534b4cc16467bd12aef8c33c7641625f9474a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ce:43:12:64:8b:4e:e2:2c:c4:d2:74:c7:df:
                    64:d3:d8:2d:fd:99:b0:3e:c0:bf:c2:f6:cf:c2:d1:
                    55:a2:55:d0:4e:92:c3:d9:bd:ad:bc:63:56:a1:81:
                    6f:ae:93:07:64:38:60:75:22:69:93:5a:12:7f:bd:
                    09:7d:98:a2:25:d5:90:d8:ff:5b:d4:2a:41:1b:be:
                    84:77:4c:ca:7c:04:98:50:d2:2c:55:e9:ea:e4:41:
                    1d:0f:b6:e0:4e:25:7f:4f:e9:09:8a:d5:47:da:f6:
                    0a:7f:67:5f:42:c1:30:50:e5:2a:40:30:a0:4b:23:
                    46:b2:3f:81:ec:0f:80:65:0b:a3:61:78:07:b8:fb:
                    71:27:df:fd:d9:78:9a:1c:9b:af:58:71:40:5a:5c:
                    5e:e5:ed:b5:71:32:82:8b:fb:a4:13:ca:c8:3a:25:
                    d0:35:0a:97:43:be:10:66:55:a3:2a:35:48:27:89:
                    1b:f3:59:28:77:61:bd:84:47:44:96:26:4b:32:6f:
                    02:c5:86:0b:b6:73:d9:d4:25:b6:6d:d4:f4:70:e5:
                    00:d5:d4:0a:09:a2:e0:b3:aa:ad:67:a0:5e:bd:1a:
                    9b:1c:2e:a4:b3:b9:d5:b0:22:2e:cf:6a:39:6d:c5:
                    dd:cd:ef:67:3a:e2:62:af:e0:e1:bb:87:aa:6e:42:
                    23:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:34:B4:CC:16:46:7B:D1:2A:EF:8C:33:C7:64:16:25:F9:47:4A:7C
            X509v3 Authority Key Identifier:
                keyid:A3:7B:1E:3E:FA:EA:89:DC:FC:D1:C8:E9:7C:0E:9B:78:0C:61:46:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3sePvrqidz80cjpfA6beAxhRl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/35bb21-2239-4f77-a7fa-55de65a2ea3b/1/o3sePvrqidz80cjpfA6beAxhRl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:70:7c:c8:f5:20:e9:af:95:6f:7b:42:f4:e6:14:0c:b8:75:
         d2:a7:ac:c9:e1:85:8e:e5:37:9c:68:bf:59:87:32:0f:65:b8:
         3d:1b:38:17:29:4d:fa:8f:01:c1:45:dd:67:3c:cb:9f:57:0d:
         12:68:05:56:7d:d1:ae:ff:5e:01:20:e5:05:bf:37:fd:22:04:
         b3:99:94:af:0d:67:0d:ed:27:2d:1a:c8:99:01:93:5c:a1:75:
         55:52:21:2c:0e:91:04:c4:ae:f4:f6:32:2b:ef:51:e8:74:fc:
         80:48:55:d0:d6:70:fd:8b:9a:cc:11:eb:61:00:37:8f:f7:74:
         81:99:d0:f0:c6:84:7a:c2:e1:20:0c:3a:a4:ef:36:10:ef:b2:
         c4:11:50:75:7e:17:c7:cb:77:40:c5:5c:5e:01:c4:0f:b6:cd:
         58:f1:00:d3:88:49:8f:1e:29:b0:3b:68:2c:2f:91:20:70:cf:
         d8:56:66:3a:fd:eb:a2:76:46:44:a5:d4:92:cc:08:f6:33:1e:
         be:ff:47:23:74:04:cb:bc:0d:2d:16:4a:f0:03:29:78:be:74:
         bc:c6:35:53:20:52:9a:af:a3:7f:f5:01:b9:91:46:cf:d9:5f:
         93:7a:c1:ac:07:74:b0:8e:a5:f0:ed:84:84:2b:38:74:50:8a:
         dc:24:94:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kitVleLos0VdleOIL4CvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzN2IxZTNlZmFlYTg5ZGNmY2QxYzhlOTdjMGU5Yjc4MGM2
MTQ2NWQwHhcNMjYwNDE5MDcwMDU1WhcNMjYwNDIwMDcwMDU1WjAzMTEwLwYDVQQD
EyhhNTM0YjRjYzE2NDY3YmQxMmFlZjhjMzNjNzY0MTYyNWY5NDc0YTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx85DEmSLTuIsxNJ0x99k09gt/Zmw
PsC/wvbPwtFVolXQTpLD2b2tvGNWoYFvrpMHZDhgdSJpk1oSf70JfZiiJdWQ2P9b
1CpBG76Ed0zKfASYUNIsVenq5EEdD7bgTiV/T+kJitVH2vYKf2dfQsEwUOUqQDCg
SyNGsj+B7A+AZQujYXgHuPtxJ9/92XiaHJuvWHFAWlxe5e21cTKCi/ukE8rIOiXQ
NQqXQ74QZlWjKjVIJ4kb81kod2G9hEdEliZLMm8CxYYLtnPZ1CW2bdT0cOUA1dQK
CaLgs6qtZ6BevRqbHC6ks7nVsCIuz2o5bcXdze9nOuJir+Dhu4eqbkIjlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKU0tMwWRnvRKu+MM8dkFiX5R0p8MB8GA1UdIwQY
MBaAFKN7Hj766onc/NHI6XwOm3gMYUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zNWJiMjEtMjIzOS00Zjc3LWE3ZmEt
NTVkZTY1YTJlYTNiLzEvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zNWJiMjEtMjIzOS00Zjc3LWE3ZmEtNTVkZTY1YTJlYTNi
LzEvbzNzZVB2cnFpZHo4MGNqcGZBNmJlQXhoUmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXB8yPUg
6a+Vb3tC9OYUDLh10qesyeGFjuU3nGi/WYcyD2W4PRs4FylN+o8BwUXdZzzLn1cN
EmgFVn3Rrv9eASDlBb83/SIEs5mUrw1nDe0nLRrImQGTXKF1VVIhLA6RBMSu9PYy
K+9R6HT8gEhV0NZw/YuazBHrYQA3j/d0gZnQ8MaEesLhIAw6pO82EO+yxBFQdX4X
x8t3QMVcXgHED7bNWPEA04hJjx4psDtoLC+RIHDP2FZmOv3ronZGRKXUkswI9jMe
vv9HI3QEy7wNLRZK8AMpeL50vMY1UyBSmq+jf/UBuZFGz9lfk3rBrAd0sI6l8O2E
hCs4dFCK3CSU9A==
-----END CERTIFICATE-----