Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          wQgOQGbB/ul2/T7tbkf9zD/52mMpO3Q2bYCEAGt3E8w=
Subject key identifier:   62:B3:5C:16:53:18:43:0F:F9:B5:7E:3A:2A:1C:C7:76:F1:8B:DF:B9
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       019CB05AF6FDEFCC402A7146666CC78E925B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          07CA
Signing time:             Mon 02 Mar 2026 21:01:17 +0000
Manifest this update:     Mon 02 Mar 2026 21:01:17 +0000
Manifest next update:     Tue 03 Mar 2026 21:01:17 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: N8Bv46si5MFzdTDvCK3NCkaJdbjkdguX3bSk18uAMms=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 21:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:b0:5a:f6:fd:ef:cc:40:2a:71:46:66:6c:c7:8e:92:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: Mar  2 21:01:17 2026 GMT
            Not After : Mar  3 21:01:17 2026 GMT
        Subject: CN=62b35c165318430ff9b57e3a2a1cc776f18bdfb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b0:9c:3b:e2:69:39:a4:23:63:62:2b:11:fa:
                    e8:9f:72:3a:d1:ef:21:d4:89:33:34:0b:6e:7e:43:
                    56:70:0e:5d:bc:70:ce:5c:1f:7b:16:6e:bf:4a:c0:
                    2b:b9:06:18:24:79:6e:06:1a:30:21:6c:d5:cf:03:
                    fd:d3:f3:75:36:61:fc:ed:50:88:22:16:db:0f:fa:
                    56:4a:53:38:a0:15:8a:b5:07:07:b4:ab:7e:fb:9b:
                    9e:bf:08:43:0b:a4:1d:b2:7e:af:ec:b4:b3:c6:6f:
                    82:fd:cd:79:c5:ba:ea:75:0b:ef:ba:1a:fc:79:81:
                    34:c2:c6:73:c5:94:61:76:5f:29:c9:34:a0:4a:4d:
                    f5:4b:a5:dd:21:45:94:cf:4b:3a:ff:bc:a7:96:ba:
                    63:89:2f:8f:34:69:f0:d5:77:91:e0:2f:69:5c:f9:
                    0e:b9:63:84:44:6a:d7:6c:6a:75:0d:d0:4b:16:3b:
                    f4:2f:37:09:f2:3c:08:2b:60:10:27:6d:71:d9:9f:
                    13:e3:1e:33:4c:5f:b0:a2:7e:f5:38:26:39:e3:c0:
                    4b:8d:fa:1f:c1:3d:09:00:26:92:2d:f9:7d:b3:31:
                    62:54:b8:da:19:6c:8c:17:bd:8b:56:32:2e:a6:4a:
                    d8:0f:c0:43:53:ef:96:56:9f:d1:f8:e4:ec:06:ad:
                    e3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B3:5C:16:53:18:43:0F:F9:B5:7E:3A:2A:1C:C7:76:F1:8B:DF:B9
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:02:20:aa:8f:a4:ee:b7:9f:07:3b:14:9e:27:31:04:fa:52:
         2d:3e:fc:61:aa:24:7a:b6:bd:53:b7:9f:51:72:c9:c6:ec:af:
         bd:b4:ac:81:ae:04:3e:96:99:c4:dd:13:3e:d6:a8:a3:04:fb:
         49:46:51:7d:5b:4d:f0:17:78:b8:17:db:e4:52:0d:d2:98:a8:
         84:0c:9b:bf:17:5f:33:6e:27:e7:78:cf:c8:6a:5b:c5:a3:3d:
         1b:60:d3:53:92:65:33:4e:91:1a:a0:05:21:a6:10:26:79:98:
         2a:78:59:b1:c3:4f:e3:86:c5:13:c5:ce:f2:67:9a:c2:ef:1d:
         e8:3f:a7:3d:d0:43:d2:fc:27:cb:88:bc:db:40:88:cf:cd:81:
         08:6e:19:7f:82:44:2f:f7:9a:b0:1d:85:b9:66:37:3e:cd:9a:
         e7:8f:3f:1a:3f:61:44:5b:9d:ac:2b:9f:15:3c:6a:6d:79:79:
         c1:b8:07:e5:e8:c8:86:3d:71:c6:d5:40:ff:ad:99:62:24:1b:
         4b:88:af:4c:a6:4b:61:c1:0e:cd:bb:dd:05:ee:4c:63:dc:de:
         28:e0:59:8a:d3:cc:b3:b2:3c:88:18:b1:8d:fb:c4:82:6f:05:
         40:0e:d5:51:77:ae:e0:a8:02:21:47:a9:8e:6d:9e:93:9f:90:
         68:7e:5c:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZywWvb978xAKnFGZmzHjpJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjYwMzAyMjEwMTE3WhcNMjYwMzAzMjEwMTE3WjAzMTEwLwYDVQQD
Eyg2MmIzNWMxNjUzMTg0MzBmZjliNTdlM2EyYTFjYzc3NmYxOGJkZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbCcO+JpOaQjY2IrEfron3I60e8h
1IkzNAtufkNWcA5dvHDOXB97Fm6/SsAruQYYJHluBhowIWzVzwP90/N1NmH87VCI
IhbbD/pWSlM4oBWKtQcHtKt++5uevwhDC6Qdsn6v7LSzxm+C/c15xbrqdQvvuhr8
eYE0wsZzxZRhdl8pyTSgSk31S6XdIUWUz0s6/7ynlrpjiS+PNGnw1XeR4C9pXPkO
uWOERGrXbGp1DdBLFjv0LzcJ8jwIK2AQJ21x2Z8T4x4zTF+won71OCY548BLjfof
wT0JACaSLfl9szFiVLjaGWyMF72LVjIupkrYD8BDU++WVp/R+OTsBq3jQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGKzXBZTGEMP+bV+Oiocx3bxi9+5MB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjQIgqo+k
7refBzsUnicxBPpSLT78Yaokera9U7efUXLJxuyvvbSsga4EPpaZxN0TPtaoowT7
SUZRfVtN8Bd4uBfb5FIN0piohAybvxdfM24n53jPyGpbxaM9G2DTU5JlM06RGqAF
IaYQJnmYKnhZscNP44bFE8XO8meawu8d6D+nPdBD0vwny4i820CIz82BCG4Zf4JE
L/easB2FuWY3Ps2a548/Gj9hRFudrCufFTxqbXl5wbgH5ejIhj1xxtVA/62ZYiQb
S4ivTKZLYcEOzbvdBe5MY9zeKOBZitPMs7I8iBixjfvEgm8FQA7VUXeu4KgCIUep
jm2ek5+QaH5coA==
-----END CERTIFICATE-----