Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          WtQx9f3NNh7AU2MZOsPlqGFrggGfUovCEzLasWKiUvk=
Subject key identifier:   6C:96:8F:1F:C5:1E:AC:DE:39:69:B7:F9:E9:B2:56:C7:92:9D:E0:F1
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       019D9818C38B2DF3825F54A22E252AC379B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          06F3
Signing time:             Thu 16 Apr 2026 21:00:52 +0000
Manifest this update:     Thu 16 Apr 2026 21:00:52 +0000
Manifest next update:     Fri 17 Apr 2026 21:00:52 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: muo7vtgO4GmdLByF42Mu8fA/ssV5Dn2Ahs02gYzjTIw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 21:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:18:c3:8b:2d:f3:82:5f:54:a2:2e:25:2a:c3:79:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Apr 16 21:00:52 2026 GMT
            Not After : Apr 17 21:00:52 2026 GMT
        Subject: CN=6c968f1fc51eacde3969b7f9e9b256c7929de0f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e8:23:f1:33:9f:db:1d:99:f6:5c:39:84:2f:
                    1e:37:67:40:e7:d5:76:3a:26:bb:88:5f:08:77:88:
                    db:d4:e1:eb:91:bd:34:ab:30:57:d7:82:53:a9:81:
                    d3:b2:fb:55:7b:1e:60:9a:25:7d:c8:19:ac:65:77:
                    5b:b2:75:73:00:ce:be:db:22:03:13:40:f7:24:8e:
                    bc:2a:7e:47:34:d9:fc:da:7f:c9:ce:90:46:0a:1f:
                    28:4f:e2:a5:1c:4b:54:13:75:2d:45:45:f4:a0:7e:
                    da:20:5f:9d:9e:30:90:d1:b7:69:71:73:ed:f2:aa:
                    9b:e9:55:be:31:5b:10:58:1d:87:0e:85:d5:54:df:
                    25:1e:7a:40:1f:c7:90:95:cf:af:ba:ad:74:9a:5c:
                    c5:ee:86:0f:2f:e2:f9:ec:98:ca:5b:d7:1c:99:16:
                    16:c5:d5:59:ce:35:55:f0:b5:28:d3:92:59:65:5e:
                    60:f6:af:2b:db:8b:4c:03:d3:be:18:f4:8b:57:16:
                    1b:f2:c9:95:eb:26:a3:c3:53:76:93:35:c9:39:54:
                    0a:92:cf:60:cf:98:42:02:31:5c:9b:de:2e:14:eb:
                    b6:e1:e5:33:84:78:33:6a:e1:47:fe:1b:92:49:5c:
                    53:e7:64:bf:85:e4:b9:33:52:28:0c:c3:da:3f:ce:
                    39:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:96:8F:1F:C5:1E:AC:DE:39:69:B7:F9:E9:B2:56:C7:92:9D:E0:F1
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:92:22:d5:13:23:48:a1:89:6e:66:af:2b:3f:10:80:80:ac:
         c6:94:6d:a0:79:02:4b:9b:0c:a7:91:3f:8b:d3:65:91:7d:f2:
         37:73:e4:35:84:c5:a3:94:08:21:6f:c3:b0:c2:8d:9d:5c:dc:
         6a:58:22:c1:72:79:a1:8b:36:8c:bc:b1:aa:7b:24:53:aa:05:
         4b:9a:79:09:c8:78:cf:6f:5b:81:73:b1:09:d7:a6:00:fe:41:
         cf:00:ec:76:37:17:42:52:0e:ad:e5:96:03:85:93:b7:1e:cb:
         26:b9:1b:ea:4f:15:01:09:93:43:98:d8:fb:83:e2:0b:ab:1e:
         03:53:c9:52:4f:32:d8:d6:56:1a:26:5c:bc:f8:ba:1b:7c:6a:
         e0:da:02:a0:71:16:3d:fd:90:27:93:8d:e7:4c:92:50:1e:0e:
         3a:b6:13:4f:c9:08:f8:bf:af:1d:44:e2:5f:0c:22:aa:6f:5f:
         08:39:d3:3a:cb:03:7d:80:f0:bd:fb:60:a4:93:85:ce:e8:06:
         02:aa:a4:2d:96:3d:2b:7d:49:c5:19:92:68:65:48:e2:27:75:
         e8:7f:8b:03:b0:6d:64:02:41:0c:4e:74:24:57:8a:54:f9:8f:
         89:ea:c4:2b:62:37:aa:9f:59:eb:70:1c:62:ac:73:07:f2:05:
         0c:28:fc:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YGMOLLfOCX1SiLiUqw3m1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjYwNDE2MjEwMDUyWhcNMjYwNDE3MjEwMDUyWjAzMTEwLwYDVQQD
Eyg2Yzk2OGYxZmM1MWVhY2RlMzk2OWI3ZjllOWIyNTZjNzkyOWRlMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOgj8TOf2x2Z9lw5hC8eN2dA59V2
Oia7iF8Id4jb1OHrkb00qzBX14JTqYHTsvtVex5gmiV9yBmsZXdbsnVzAM6+2yID
E0D3JI68Kn5HNNn82n/JzpBGCh8oT+KlHEtUE3UtRUX0oH7aIF+dnjCQ0bdpcXPt
8qqb6VW+MVsQWB2HDoXVVN8lHnpAH8eQlc+vuq10mlzF7oYPL+L57JjKW9ccmRYW
xdVZzjVV8LUo05JZZV5g9q8r24tMA9O+GPSLVxYb8smV6yajw1N2kzXJOVQKks9g
z5hCAjFcm94uFOu24eUzhHgzauFH/huSSVxT52S/heS5M1IoDMPaP845wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyWjx/FHqzeOWm3+emyVseSneDxMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpIi1RMj
SKGJbmavKz8QgICsxpRtoHkCS5sMp5E/i9NlkX3yN3PkNYTFo5QIIW/DsMKNnVzc
algiwXJ5oYs2jLyxqnskU6oFS5p5Cch4z29bgXOxCdemAP5BzwDsdjcXQlIOreWW
A4WTtx7LJrkb6k8VAQmTQ5jY+4PiC6seA1PJUk8y2NZWGiZcvPi6G3xq4NoCoHEW
Pf2QJ5ON50ySUB4OOrYTT8kI+L+vHUTiXwwiqm9fCDnTOssDfYDwvftgpJOFzugG
AqqkLZY9K31JxRmSaGVI4id16H+LA7BtZAJBDE50JFeKVPmPierEK2I3qp9Z63Ac
YqxzB/IFDCj8jw==
-----END CERTIFICATE-----