Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
File:                     oVJWhcluMm8grjcpwDD0T9FJmwU.mft (raw, json)
Hash identifier:          TrE+UWj2EGY2DljYHjNGBb44GeLWFhEs92p4XfRqvt0=
Subject key identifier:   EA:44:80:E6:BF:ED:5B:27:AC:8A:AA:9E:2A:CD:D9:9A:D6:58:52:68
Authority key identifier: A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05
Certificate issuer:       /CN=a1525685c96e326f20ae3729c030f44fd1499b05
Certificate serial:       019CAD907DDFC5215F15501C6298C029D432
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
Manifest number:          0A53
Signing time:             Mon 02 Mar 2026 08:00:53 +0000
Manifest this update:     Mon 02 Mar 2026 08:00:53 +0000
Manifest next update:     Tue 03 Mar 2026 08:00:53 +0000
Files and hashes:         1: oVJWhcluMm8grjcpwDD0T9FJmwU.crl (hash: 2FuZQRdqrAndHMvJ/Orf2KKWaGShPMaCivGRIRjmqxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 08:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:90:7d:df:c5:21:5f:15:50:1c:62:98:c0:29:d4:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1525685c96e326f20ae3729c030f44fd1499b05
        Validity
            Not Before: Mar  2 08:00:53 2026 GMT
            Not After : Mar  3 08:00:53 2026 GMT
        Subject: CN=ea4480e6bfed5b27ac8aaa9e2acdd99ad6585268
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:bd:bd:96:7c:1a:08:89:65:ff:74:b7:bf:8f:
                    6d:63:b4:2d:39:bc:5b:f3:67:59:b4:af:8d:89:5a:
                    bd:58:49:cd:e7:57:72:f2:79:54:91:c4:e9:c5:4b:
                    6c:34:de:28:9e:4f:63:33:b3:0e:18:3a:10:25:6f:
                    ec:d4:7b:e8:37:cc:10:e2:58:e3:9b:0e:96:cf:cd:
                    b3:0c:bf:c0:b9:52:43:56:26:73:a2:bb:0c:ac:78:
                    30:de:5f:b4:ed:5e:b2:18:da:98:82:e4:17:15:14:
                    57:5e:a1:2c:57:14:cb:4f:93:49:c9:38:ea:cc:b2:
                    c1:3f:93:57:ac:e5:cc:61:2c:5c:50:d7:62:51:95:
                    a6:96:e2:26:2d:83:c2:71:d9:11:bf:48:b3:9d:a5:
                    00:ff:27:94:26:11:5d:31:29:59:50:65:8b:96:80:
                    07:2c:60:ea:53:41:af:07:3b:c3:be:09:e5:fc:bf:
                    c9:7d:5a:fc:8f:f5:0e:1b:06:92:7a:8d:5b:5c:97:
                    85:34:3c:7c:d8:a1:a8:a0:12:72:65:8a:a4:e1:50:
                    c0:ce:9b:2f:11:d5:04:de:01:75:36:9c:09:70:48:
                    e5:bb:02:45:63:63:91:82:ad:f5:26:d8:3f:09:f9:
                    0b:84:f1:cd:73:d3:f4:b9:ec:1e:8f:72:e0:2a:ce:
                    e5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:44:80:E6:BF:ED:5B:27:AC:8A:AA:9E:2A:CD:D9:9A:D6:58:52:68
            X509v3 Authority Key Identifier:
                keyid:A1:52:56:85:C9:6E:32:6F:20:AE:37:29:C0:30:F4:4F:D1:49:9B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVJWhcluMm8grjcpwDD0T9FJmwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e2cc8b-8606-4f25-92d0-44371b1cc72f/1/oVJWhcluMm8grjcpwDD0T9FJmwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:c4:07:e6:60:f3:fd:63:f4:37:1e:dc:5e:bd:d4:86:39:63:
         af:4e:be:f0:44:ae:89:ce:41:f1:c0:56:f0:88:ef:e4:6a:e6:
         bd:50:ea:b9:cc:44:b7:e5:40:22:b7:a3:c4:87:e8:c9:89:77:
         dc:69:15:43:56:6f:71:7e:b0:53:2e:01:3c:e3:7f:ec:69:b5:
         4f:53:0f:62:1f:97:d4:27:74:38:1c:31:ec:ac:d6:98:f3:e8:
         9a:7a:4f:f7:0b:7c:c0:c7:23:25:6c:7b:dc:d5:21:5c:0b:cf:
         19:88:c7:cf:4e:fb:74:6e:41:85:49:80:e2:e3:83:df:2f:a4:
         6f:db:6c:c1:f2:99:c3:76:9f:22:d0:3b:45:25:d7:e6:ce:74:
         cc:7c:c6:1c:8c:ad:5b:d7:90:09:d9:cd:50:d5:27:a2:9e:87:
         67:83:96:37:77:94:fb:13:ac:38:06:b5:c7:95:e4:2a:f0:a0:
         96:0b:d4:a7:9e:53:96:88:86:f1:bb:79:c6:ca:dc:af:86:fc:
         ed:f9:fe:3f:e4:04:fe:ab:f5:80:e7:51:e0:e8:d9:23:06:7d:
         9e:64:5f:93:03:d2:a0:a4:ae:64:9f:ca:9c:d6:61:39:80:57:
         77:27:6f:11:65:4d:b0:12:23:57:cb:b8:d7:ea:8c:a0:02:b2:
         18:4d:5d:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkH3fxSFfFVAcYpjAKdQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTI1Njg1Yzk2ZTMyNmYyMGFlMzcyOWMwMzBmNDRmZDE0
OTliMDUwHhcNMjYwMzAyMDgwMDUzWhcNMjYwMzAzMDgwMDUzWjAzMTEwLwYDVQQD
EyhlYTQ0ODBlNmJmZWQ1YjI3YWM4YWFhOWUyYWNkZDk5YWQ2NTg1MjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL29lnwaCIll/3S3v49tY7QtObxb
82dZtK+NiVq9WEnN51dy8nlUkcTpxUtsNN4onk9jM7MOGDoQJW/s1HvoN8wQ4ljj
mw6Wz82zDL/AuVJDViZzorsMrHgw3l+07V6yGNqYguQXFRRXXqEsVxTLT5NJyTjq
zLLBP5NXrOXMYSxcUNdiUZWmluImLYPCcdkRv0iznaUA/yeUJhFdMSlZUGWLloAH
LGDqU0GvBzvDvgnl/L/JfVr8j/UOGwaSeo1bXJeFNDx82KGooBJyZYqk4VDAzpsv
EdUE3gF1NpwJcEjluwJFY2ORgq31Jtg/CfkLhPHNc9P0uewej3LgKs7lOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOpEgOa/7VsnrIqqnirN2ZrWWFJoMB8GA1UdIwQY
MBaAFKFSVoXJbjJvIK43KcAw9E/RSZsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAt
NDQzNzFiMWNjNzJmLzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9lMmNjOGItODYwNi00ZjI1LTkyZDAtNDQzNzFiMWNjNzJm
LzEvb1ZKV2hjbHVNbThncmpjcHdERDBUOUZKbXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXcQH5mDz
/WP0Nx7cXr3Uhjljr06+8ESuic5B8cBW8Ijv5GrmvVDqucxEt+VAIrejxIfoyYl3
3GkVQ1ZvcX6wUy4BPON/7Gm1T1MPYh+X1Cd0OBwx7KzWmPPomnpP9wt8wMcjJWx7
3NUhXAvPGYjHz077dG5BhUmA4uOD3y+kb9tswfKZw3afItA7RSXX5s50zHzGHIyt
W9eQCdnNUNUnop6HZ4OWN3eU+xOsOAa1x5XkKvCglgvUp55TloiG8bt5xsrcr4b8
7fn+P+QE/qv1gOdR4OjZIwZ9nmRfkwPSoKSuZJ/KnNZhOYBXdydvEWVNsBIjV8u4
1+qMoAKyGE1dxg==
-----END CERTIFICATE-----