Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          KGhvB8zlW+2fRQbumq2VgzD/LMsVBmaSlbvhJu/CNZA=
Subject key identifier:   97:48:E9:FB:BA:22:74:6C:22:FD:41:C9:E7:A2:7B:CA:32:26:37:27
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       019CAA8F8B30D079A10783DA7FBAFB7DBBB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          0678
Signing time:             Sun 01 Mar 2026 18:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 18:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 18:00:59 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: xihPFmCnQblZLvYbweHktNR7oXHu2/Jid/rE5xhonJo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:8f:8b:30:d0:79:a1:07:83:da:7f:ba:fb:7d:bb:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Mar  1 18:00:59 2026 GMT
            Not After : Mar  2 18:00:59 2026 GMT
        Subject: CN=9748e9fbba22746c22fd41c9e7a27bca32263727
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bf:d3:a8:b3:3f:d1:94:47:40:ae:c1:1a:9a:
                    13:b6:54:ae:ce:72:9f:52:eb:33:a6:f9:98:ef:ca:
                    57:36:ab:57:d9:53:3b:4e:76:b4:87:11:6f:b5:08:
                    22:94:a8:33:85:d8:17:de:7b:08:b2:2b:84:79:d7:
                    ab:78:8d:84:ee:4f:ab:a4:e4:75:1e:df:2f:eb:73:
                    76:20:b1:14:5a:42:67:6a:f6:bc:49:d0:2a:9c:a8:
                    e4:97:f6:bf:01:55:75:c8:4f:ae:7e:4d:8a:67:7f:
                    e6:f4:a6:1c:0c:50:e9:02:d2:c0:1e:2d:62:dc:0c:
                    7d:66:9a:a0:5f:9f:88:9e:23:12:12:1a:5b:a8:f0:
                    b7:6f:3e:a9:75:43:83:c0:d0:4f:24:4f:5f:32:bb:
                    9c:60:5c:e5:78:84:42:c9:2f:ed:d8:43:22:02:00:
                    70:54:17:05:16:d0:6f:f8:df:dc:93:c3:07:db:85:
                    28:05:b6:c7:77:c7:51:b2:b6:4c:6b:61:ab:1a:26:
                    54:21:c3:24:78:05:74:06:56:a5:a3:53:8d:3b:e3:
                    ed:af:52:f3:e3:f2:82:27:1d:2d:f4:33:31:9f:d2:
                    47:8f:d1:6f:b9:1a:d2:ed:99:de:93:ae:e0:e4:30:
                    bd:ab:58:bf:96:1b:96:71:22:d9:76:2a:ab:f8:8f:
                    cc:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:48:E9:FB:BA:22:74:6C:22:FD:41:C9:E7:A2:7B:CA:32:26:37:27
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:79:76:30:e1:1c:4c:eb:b7:05:d8:14:7b:07:e6:19:b9:3a:
         cd:5f:67:b1:c2:35:8b:ad:ca:c1:ca:4c:fb:4f:ff:3b:fe:5b:
         13:48:fd:52:6e:d0:9b:59:f8:de:b0:60:67:50:bb:42:aa:04:
         cd:43:01:cb:53:f9:8d:b9:86:d8:32:9c:db:ec:22:a1:69:7b:
         b7:67:52:cd:18:54:10:e8:b7:55:e0:1f:b1:19:3e:ca:63:ac:
         b4:9e:38:c9:f2:4b:97:8f:4d:40:6f:d6:52:27:7a:28:df:4c:
         09:9d:e1:d9:39:14:3b:c1:14:5a:7a:5b:7e:a3:8b:7a:3f:5f:
         0a:aa:c6:94:31:38:ee:10:ec:03:69:ad:1a:a3:f4:ae:04:b0:
         19:02:e6:19:fe:e3:34:df:15:8f:bb:28:2f:e7:34:d3:54:af:
         d7:42:80:23:39:68:b4:8d:18:fc:3c:a9:17:79:6e:34:ff:6a:
         8f:91:11:4d:94:92:a7:fc:db:3a:6d:42:be:c9:57:c4:d5:f3:
         af:7d:b7:d2:60:49:c7:93:d0:ac:7f:df:5f:97:76:94:e9:c5:
         ac:27:1c:a3:f3:90:1d:9d:bc:80:8c:83:3f:7f:72:a2:31:0e:
         70:f4:42:64:97:bd:fb:ba:a1:b4:3c:84:37:fb:1d:83:40:82:
         c5:d5:93:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj4sw0HmhB4Paf7r7fbuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjYwMzAxMTgwMDU5WhcNMjYwMzAyMTgwMDU5WjAzMTEwLwYDVQQD
Eyg5NzQ4ZTlmYmJhMjI3NDZjMjJmZDQxYzllN2EyN2JjYTMyMjYzNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb/TqLM/0ZRHQK7BGpoTtlSuznKf
UuszpvmY78pXNqtX2VM7Tna0hxFvtQgilKgzhdgX3nsIsiuEedereI2E7k+rpOR1
Ht8v63N2ILEUWkJnava8SdAqnKjkl/a/AVV1yE+ufk2KZ3/m9KYcDFDpAtLAHi1i
3Ax9ZpqgX5+IniMSEhpbqPC3bz6pdUODwNBPJE9fMrucYFzleIRCyS/t2EMiAgBw
VBcFFtBv+N/ck8MH24UoBbbHd8dRsrZMa2GrGiZUIcMkeAV0Blalo1ONO+Ptr1Lz
4/KCJx0t9DMxn9JHj9FvuRrS7Znek67g5DC9q1i/lhuWcSLZdiqr+I/MdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdI6fu6InRsIv1Byeeie8oyJjcnMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWXl2MOEc
TOu3BdgUewfmGbk6zV9nscI1i63KwcpM+0//O/5bE0j9Um7Qm1n43rBgZ1C7QqoE
zUMBy1P5jbmG2DKc2+wioWl7t2dSzRhUEOi3VeAfsRk+ymOstJ44yfJLl49NQG/W
Uid6KN9MCZ3h2TkUO8EUWnpbfqOLej9fCqrGlDE47hDsA2mtGqP0rgSwGQLmGf7j
NN8Vj7soL+c001Sv10KAIzlotI0Y/DypF3luNP9qj5ERTZSSp/zbOm1CvslXxNXz
r3230mBJx5PQrH/fX5d2lOnFrCcco/OQHZ28gIyDP39yojEOcPRCZJe9+7qhtDyE
N/sdg0CCxdWTQg==
-----END CERTIFICATE-----