Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          IPb5lpkemQRkJ1qbJfElePrvL0mewvxEuM8UETcCRT0=
Subject key identifier:   A0:51:CE:7D:03:B3:F9:1A:26:5B:20:9C:92:F4:B1:22:B1:B0:0A:5C
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       019CAB6B90332CA230BAAE57849D88C0BB6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          153F
Signing time:             Sun 01 Mar 2026 22:01:18 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:18 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:18 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: nunWmCWf9DGcF2zkqk6TeS4Sey5HoFDisRaJxEGL+4I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:90:33:2c:a2:30:ba:ae:57:84:9d:88:c0:bb:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Mar  1 22:01:18 2026 GMT
            Not After : Mar  2 22:01:18 2026 GMT
        Subject: CN=a051ce7d03b3f91a265b209c92f4b122b1b00a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:e2:08:d7:7f:54:a5:3a:b9:ff:50:24:26:04:
                    58:3e:9e:e0:05:66:53:7c:18:94:3b:c8:fa:b8:cf:
                    1d:21:0b:a9:cf:3b:64:74:21:b3:76:d1:b3:35:a7:
                    7a:b8:4d:bc:07:ec:99:31:9b:ec:91:cf:9b:90:74:
                    e5:33:cb:72:45:3b:1a:71:ba:68:b4:b6:5b:24:1b:
                    0a:74:cd:39:91:b1:04:22:e2:7b:d3:f6:6a:80:c3:
                    10:91:7d:20:35:85:04:f9:5a:33:10:96:80:b3:39:
                    45:65:2a:2e:50:d8:db:df:9b:35:fd:02:56:e8:30:
                    d1:86:09:cd:ff:09:94:98:90:3e:ef:81:b8:61:a6:
                    b3:07:43:57:22:f9:72:cd:24:6c:53:5c:1e:43:0e:
                    54:2d:ae:07:53:80:e8:a0:35:7b:b9:f8:cf:b2:41:
                    d2:1d:4a:eb:39:af:f5:e8:b1:e2:08:e2:9a:22:1d:
                    81:5b:bc:f8:92:3f:42:b9:8c:b0:22:86:a5:e2:9b:
                    4a:45:e5:14:a7:a1:0d:23:27:5c:8f:53:cc:a5:81:
                    8c:b7:3b:a1:c1:36:5d:c7:2b:69:60:ba:6a:89:c1:
                    bb:aa:63:61:90:93:ad:83:af:b7:3b:f8:48:82:a5:
                    d3:45:f1:7b:16:97:e5:af:f9:4b:0b:c2:45:46:29:
                    9f:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:51:CE:7D:03:B3:F9:1A:26:5B:20:9C:92:F4:B1:22:B1:B0:0A:5C
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:80:1e:2e:27:de:1a:78:e6:61:ac:d8:22:7b:ed:6f:d3:65:
         c7:b5:6f:1c:07:ed:d7:cc:52:81:82:b2:6a:a6:20:ba:02:e5:
         67:71:fd:9d:6b:69:35:b9:55:3a:96:68:f8:85:40:54:9f:23:
         6d:f4:e7:6a:4a:07:41:87:28:5b:6a:e0:4b:84:22:02:27:98:
         2f:83:73:ad:b4:8f:7d:a3:4e:4f:71:f4:76:30:23:36:8e:b9:
         3d:30:f2:96:52:36:d2:b5:0b:f5:15:1d:52:44:3b:42:06:bc:
         72:13:83:48:1c:70:c5:44:2b:b5:bc:07:b2:95:e3:47:c7:e9:
         60:b2:da:1a:37:2a:28:99:75:82:0e:69:99:33:9d:4d:7f:32:
         7b:27:b8:9e:97:2b:e6:c1:43:f1:ff:d8:85:14:2d:99:69:a7:
         b2:0c:ed:7d:56:6f:18:0c:14:e9:15:99:84:1d:26:b4:ad:40:
         49:06:00:aa:ad:71:05:a1:4f:ff:07:84:15:84:8c:f6:78:f0:
         29:19:d2:43:8b:43:52:d2:1b:92:24:18:8b:aa:db:5c:20:bb:
         9f:57:47:b1:3c:db:de:25:6e:87:8e:de:5e:95:ca:d3:55:71:
         bc:c2:c3:d0:65:51:8d:d4:ac:6b:a8:10:0d:2c:08:0c:0a:53:
         f4:07:95:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5AzLKIwuq5XhJ2IwLtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjYwMzAxMjIwMTE4WhcNMjYwMzAyMjIwMTE4WjAzMTEwLwYDVQQD
EyhhMDUxY2U3ZDAzYjNmOTFhMjY1YjIwOWM5MmY0YjEyMmIxYjAwYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+uII139UpTq5/1AkJgRYPp7gBWZT
fBiUO8j6uM8dIQupzztkdCGzdtGzNad6uE28B+yZMZvskc+bkHTlM8tyRTsacbpo
tLZbJBsKdM05kbEEIuJ70/ZqgMMQkX0gNYUE+VozEJaAszlFZSouUNjb35s1/QJW
6DDRhgnN/wmUmJA+74G4YaazB0NXIvlyzSRsU1weQw5ULa4HU4DooDV7ufjPskHS
HUrrOa/16LHiCOKaIh2BW7z4kj9CuYywIoal4ptKReUUp6ENIydcj1PMpYGMtzuh
wTZdxytpYLpqicG7qmNhkJOtg6+3O/hIgqXTRfF7Fpflr/lLC8JFRimffwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKBRzn0Ds/kaJlsgnJL0sSKxsApcMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe4AeLife
GnjmYazYInvtb9Nlx7VvHAft18xSgYKyaqYgugLlZ3H9nWtpNblVOpZo+IVAVJ8j
bfTnakoHQYcoW2rgS4QiAieYL4NzrbSPfaNOT3H0djAjNo65PTDyllI20rUL9RUd
UkQ7Qga8chODSBxwxUQrtbwHspXjR8fpYLLaGjcqKJl1gg5pmTOdTX8yeye4npcr
5sFD8f/YhRQtmWmnsgztfVZvGAwU6RWZhB0mtK1ASQYAqq1xBaFP/weEFYSM9njw
KRnSQ4tDUtIbkiQYi6rbXCC7n1dHsTzb3iVuh47eXpXK01VxvMLD0GVRjdSsa6gQ
DSwIDApT9AeVlA==
-----END CERTIFICATE-----