Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          TYdFWyKOnaw3/GjuoVZ/TGuC9pPiHJuOr9aA3uCoT94=
Subject key identifier:   47:7B:15:90:22:D9:5A:F2:FA:38:7C:7E:D8:99:5C:6E:F4:62:71:67
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019D9A06DDF4E152698927C947C56324E525
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          0843
Signing time:             Fri 17 Apr 2026 06:00:34 +0000
Manifest this update:     Fri 17 Apr 2026 06:00:34 +0000
Manifest next update:     Sat 18 Apr 2026 06:00:34 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: f33i6B9je/aZH9bngwElV3c3hZMvDehEDf1fSkkR9GA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 06:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:06:dd:f4:e1:52:69:89:27:c9:47:c5:63:24:e5:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Apr 17 06:00:34 2026 GMT
            Not After : Apr 18 06:00:34 2026 GMT
        Subject: CN=477b159022d95af2fa387c7ed8995c6ef4627167
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:31:cb:28:0a:a0:d6:8c:a2:91:05:26:54:9c:
                    28:59:0d:d3:d7:35:3d:91:e4:aa:98:fa:66:be:28:
                    40:fd:43:c6:cf:00:80:30:9f:a3:41:f4:e5:5c:31:
                    28:30:af:83:51:f5:82:a1:61:53:a3:88:a9:f2:11:
                    93:5d:c0:9c:5c:09:4a:a9:bf:71:57:f1:c2:22:08:
                    ef:e6:c9:70:fd:7b:49:f2:b6:e2:10:18:f8:3f:44:
                    c2:60:bd:d3:89:f2:45:ca:b3:98:05:31:98:49:3c:
                    d9:7b:3d:47:06:76:76:1c:df:c6:d4:6a:3d:6f:e8:
                    8b:c5:b2:90:76:9a:78:cb:50:bd:ee:33:d4:c4:c5:
                    1a:4d:ce:6f:46:a0:5a:99:c6:3f:af:14:c2:e0:0c:
                    59:1b:4c:f1:8e:c1:c7:31:24:5d:3f:19:75:1e:dd:
                    19:c4:28:a8:8f:bd:62:a0:e6:ab:d4:5b:0f:1d:0d:
                    39:77:7f:d0:c0:de:d3:6b:54:5e:bc:9d:53:54:aa:
                    07:f5:e7:79:c4:1c:1c:47:a0:ee:6b:1a:23:45:78:
                    47:18:cc:21:e9:6b:54:75:38:ab:26:15:16:cd:bf:
                    43:ec:9e:0d:3d:5d:72:ad:e5:43:eb:43:b3:ac:55:
                    22:5d:73:a8:8f:d1:1a:38:66:2f:c5:82:32:ec:9a:
                    0a:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:7B:15:90:22:D9:5A:F2:FA:38:7C:7E:D8:99:5C:6E:F4:62:71:67
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:34:4d:d8:fa:48:2a:ac:a0:ed:38:6b:c7:ba:2b:12:13:ff:
         bd:af:46:95:4e:4e:05:be:12:84:18:c2:24:01:f7:d7:b8:d8:
         8c:72:28:99:cc:15:27:30:19:72:f1:73:6d:f1:ce:7f:f9:9c:
         b7:ff:bb:0d:96:e0:d7:13:b2:7f:95:fa:b9:d3:c4:30:e1:49:
         4b:62:0f:fa:f1:44:e0:49:45:48:3d:8f:5f:0b:03:3f:2a:cd:
         8b:cb:0e:96:14:09:3b:5e:43:da:85:8d:24:83:e7:eb:49:e4:
         94:c7:fd:d7:bc:57:92:02:6c:38:db:91:ad:83:52:c5:b6:ed:
         ee:f6:24:db:52:61:9f:f1:c4:27:4c:cf:c6:95:51:d1:32:c8:
         a6:72:c2:31:70:ad:5f:a6:f1:44:8d:71:87:f1:98:e5:fa:30:
         6c:ca:b7:ac:7a:d5:37:92:14:a7:82:45:48:36:17:0e:66:4f:
         26:d4:71:80:53:ab:de:f3:6f:fa:aa:a5:69:93:e0:67:1f:58:
         22:d7:10:ef:b1:17:17:65:b8:34:bf:f6:7b:70:de:53:37:09:
         e0:18:a6:e3:f5:e7:10:c6:9f:8d:1f:85:1a:7d:73:90:6e:a1:
         d3:9f:a5:d5:76:3b:f0:a4:73:8e:c5:f0:ab:74:92:11:5f:d1:
         de:cf:91:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aBt304VJpiSfJR8VjJOUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjYwNDE3MDYwMDM0WhcNMjYwNDE4MDYwMDM0WjAzMTEwLwYDVQQD
Eyg0NzdiMTU5MDIyZDk1YWYyZmEzODdjN2VkODk5NWM2ZWY0NjI3MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jHLKAqg1oyikQUmVJwoWQ3T1zU9
keSqmPpmvihA/UPGzwCAMJ+jQfTlXDEoMK+DUfWCoWFTo4ip8hGTXcCcXAlKqb9x
V/HCIgjv5slw/XtJ8rbiEBj4P0TCYL3TifJFyrOYBTGYSTzZez1HBnZ2HN/G1Go9
b+iLxbKQdpp4y1C97jPUxMUaTc5vRqBamcY/rxTC4AxZG0zxjsHHMSRdPxl1Ht0Z
xCioj71ioOar1FsPHQ05d3/QwN7Ta1RevJ1TVKoH9ed5xBwcR6DuaxojRXhHGMwh
6WtUdTirJhUWzb9D7J4NPV1yreVD60OzrFUiXXOoj9EaOGYvxYIy7JoKpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEd7FZAi2Vry+jh8ftiZXG70YnFnMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTRN2PpI
Kqyg7Thrx7orEhP/va9GlU5OBb4ShBjCJAH317jYjHIomcwVJzAZcvFzbfHOf/mc
t/+7DZbg1xOyf5X6udPEMOFJS2IP+vFE4ElFSD2PXwsDPyrNi8sOlhQJO15D2oWN
JIPn60nklMf917xXkgJsONuRrYNSxbbt7vYk21Jhn/HEJ0zPxpVR0TLIpnLCMXCt
X6bxRI1xh/GY5fowbMq3rHrVN5IUp4JFSDYXDmZPJtRxgFOr3vNv+qqlaZPgZx9Y
ItcQ77EXF2W4NL/2e3DeUzcJ4Bim4/XnEMafjR+FGn1zkG6h05+l1XY78KRzjsXw
q3SSEV/R3s+RHw==
-----END CERTIFICATE-----