Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          z5EOh3mq3AJXp97fqWai5CHeTlrGxdvxicSgLrBIryo=
Subject key identifier:   F9:7A:AF:93:A9:A1:13:0B:2D:A8:A4:03:F1:D1:FF:FD:96:3C:4C:C2
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019CAA8FD18C83086BDFF4D001D6E13668E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          0517
Signing time:             Sun 01 Mar 2026 18:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 18:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 18:01:17 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: +igSwEALg8y+WLN2q4GIvhivxmC+UDjPdxoKH5qe6rg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:d1:8c:83:08:6b:df:f4:d0:01:d6:e1:36:68:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Mar  1 18:01:17 2026 GMT
            Not After : Mar  2 18:01:17 2026 GMT
        Subject: CN=f97aaf93a9a1130b2da8a403f1d1fffd963c4cc2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:7c:e9:dc:7f:6b:86:fb:3e:0a:22:49:89:66:
                    ea:5c:96:59:71:b6:35:22:e9:2b:03:58:5f:a4:40:
                    64:5d:e4:8c:20:06:81:f8:fc:23:1d:a9:ee:96:f9:
                    06:5f:33:fb:54:73:fb:e0:53:00:ee:4b:0a:d0:2e:
                    ef:94:1e:74:75:de:35:e5:2a:06:bc:07:8d:a0:ed:
                    36:25:a7:8d:a8:24:85:54:06:29:e2:16:76:ca:e2:
                    8e:0d:fd:b0:56:01:f7:3d:90:2c:3a:2f:50:7a:a6:
                    74:88:a1:f2:09:96:e0:b9:c2:bc:ba:60:ae:65:cd:
                    c8:2c:2a:1e:92:21:53:96:04:e7:9d:17:92:1f:51:
                    31:35:e3:3c:6b:f4:65:95:41:bd:39:84:19:dd:eb:
                    2d:15:55:44:ca:e2:3c:be:3f:29:29:64:f7:a0:01:
                    ef:84:73:05:9a:03:da:1c:5f:18:e3:6f:77:0f:cd:
                    9d:18:36:e0:19:82:43:9f:6a:86:f4:8d:27:9d:3a:
                    23:0d:60:81:8c:74:ba:b9:01:a8:5c:8d:19:89:a5:
                    5b:67:0b:37:f9:05:88:ae:51:14:52:69:1b:47:db:
                    b3:c4:14:58:a3:64:bf:ce:2b:71:cd:72:93:6a:d9:
                    37:37:92:18:2e:10:12:97:bb:91:20:c7:5e:0b:83:
                    ac:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:7A:AF:93:A9:A1:13:0B:2D:A8:A4:03:F1:D1:FF:FD:96:3C:4C:C2
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:37:54:a2:9e:42:38:5e:ea:b9:87:aa:e9:c4:6d:8a:ab:3f:
         e1:6e:ad:5c:a4:d2:a7:82:67:62:a3:bb:9a:09:be:0f:4d:e1:
         15:47:c9:7d:a7:90:8c:44:02:da:da:09:88:fd:21:bb:93:19:
         d9:3d:fd:8f:6e:73:5f:56:e4:8a:56:d4:31:35:bc:f7:c9:92:
         43:1a:e1:9b:29:ad:61:83:11:8d:ee:3e:9e:f1:49:e3:d3:90:
         f5:f0:ac:14:43:9e:03:bd:21:a6:80:61:05:ef:2c:14:96:df:
         75:c4:bc:ce:9f:b3:7e:7a:0f:39:ad:2e:59:16:74:90:94:98:
         f6:a7:b0:d8:d7:48:7b:79:8a:3a:b3:88:ed:ed:32:06:65:2a:
         a2:39:b4:52:b4:e8:3a:53:68:32:66:52:19:89:2f:26:d8:d5:
         1c:93:59:db:11:ac:6e:63:2f:4c:de:7b:e6:57:33:ec:b5:d7:
         c6:cb:c6:d0:d4:2a:17:d0:9d:e5:f0:98:d5:70:25:9f:a9:5f:
         71:be:67:91:ca:8e:18:da:b5:a4:1c:23:eb:03:ff:48:bc:9d:
         1e:2e:13:35:67:8c:75:b4:96:a6:a8:21:0a:d9:73:45:52:c3:
         21:4e:f4:73:8f:da:f2:b7:8c:9f:5f:e7:47:07:d7:08:34:e7:
         60:7e:6e:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj9GMgwhr3/TQAdbhNmjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjYwMzAxMTgwMTE3WhcNMjYwMzAyMTgwMTE3WjAzMTEwLwYDVQQD
EyhmOTdhYWY5M2E5YTExMzBiMmRhOGE0MDNmMWQxZmZmZDk2M2M0Y2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Xzp3H9rhvs+CiJJiWbqXJZZcbY1
IukrA1hfpEBkXeSMIAaB+PwjHanulvkGXzP7VHP74FMA7ksK0C7vlB50dd415SoG
vAeNoO02JaeNqCSFVAYp4hZ2yuKODf2wVgH3PZAsOi9QeqZ0iKHyCZbgucK8umCu
Zc3ILCoekiFTlgTnnReSH1ExNeM8a/RllUG9OYQZ3estFVVEyuI8vj8pKWT3oAHv
hHMFmgPaHF8Y4293D82dGDbgGYJDn2qG9I0nnTojDWCBjHS6uQGoXI0ZiaVbZws3
+QWIrlEUUmkbR9uzxBRYo2S/zitxzXKTatk3N5IYLhASl7uRIMdeC4OsaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPl6r5OpoRMLLaikA/HR//2WPEzCMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOjdUop5C
OF7quYeq6cRtiqs/4W6tXKTSp4JnYqO7mgm+D03hFUfJfaeQjEQC2toJiP0hu5MZ
2T39j25zX1bkilbUMTW898mSQxrhmymtYYMRje4+nvFJ49OQ9fCsFEOeA70hpoBh
Be8sFJbfdcS8zp+zfnoPOa0uWRZ0kJSY9qew2NdIe3mKOrOI7e0yBmUqojm0UrTo
OlNoMmZSGYkvJtjVHJNZ2xGsbmMvTN575lcz7LXXxsvG0NQqF9Cd5fCY1XAln6lf
cb5nkcqOGNq1pBwj6wP/SLydHi4TNWeMdbSWpqghCtlzRVLDIU70c4/a8reMn1/n
RwfXCDTnYH5u9Q==
-----END CERTIFICATE-----