Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
File:                     x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft (raw, json)
Hash identifier:          QWZ8AIR/YuhEj1YKt/dcknFdnRl/QBg351y0vqd77SU=
Subject key identifier:   35:6B:F2:F6:85:17:FD:18:2C:97:DA:D3:15:92:6F:D9:85:07:42:1A
Authority key identifier: C7:71:FB:42:49:FC:51:88:A9:8B:62:B0:D4:0B:BA:9B:F7:E3:39:23
Certificate issuer:       /CN=c771fb4249fc5188a98b62b0d40bba9bf7e33923
Certificate serial:       019CAC4779428BE78B78BB5015A06DA30D4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
Manifest number:          059D
Signing time:             Mon 02 Mar 2026 02:01:31 +0000
Manifest this update:     Mon 02 Mar 2026 02:01:31 +0000
Manifest next update:     Tue 03 Mar 2026 02:01:31 +0000
Files and hashes:         1: x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl (hash: dujQ8JqgxxtAHRTaR/xOhuEFaJM5nISEUepQ2+i6GBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:47:79:42:8b:e7:8b:78:bb:50:15:a0:6d:a3:0d:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c771fb4249fc5188a98b62b0d40bba9bf7e33923
        Validity
            Not Before: Mar  2 02:01:31 2026 GMT
            Not After : Mar  3 02:01:31 2026 GMT
        Subject: CN=356bf2f68517fd182c97dad315926fd98507421a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:a8:b1:81:86:a4:cb:ea:58:cb:80:3b:37:98:
                    bf:da:e2:31:bd:dd:58:13:cb:c9:4e:25:7d:04:c2:
                    9c:b8:95:52:51:22:ca:03:c7:c0:88:0d:99:06:f4:
                    6e:5a:5d:5f:36:09:2c:ef:36:ae:bb:ca:1a:ed:f2:
                    c4:8b:ce:6b:ce:e6:1b:92:d0:aa:2f:5c:1b:ca:68:
                    1d:73:13:cf:1f:99:99:be:98:8b:c8:37:d1:df:b5:
                    50:73:b0:7d:6d:ad:be:53:44:ff:68:f7:16:98:66:
                    69:76:0b:4c:82:dc:55:2c:55:6b:1d:c1:c6:86:59:
                    01:89:49:9f:ec:e4:d7:ed:26:cc:bc:1f:8c:a3:54:
                    f6:af:98:31:b4:e1:d1:1c:29:19:c1:b8:1f:5e:61:
                    75:8d:7b:15:ea:c5:1b:e4:ed:06:28:69:96:97:1d:
                    17:cd:64:92:05:82:0a:f3:ba:d9:d7:b4:00:ac:a5:
                    0e:76:89:26:fa:a1:d4:11:11:60:61:2a:c1:9f:7d:
                    71:5a:11:29:2e:71:e6:77:9a:0c:c6:f8:ba:0f:2b:
                    04:ab:91:fe:a1:5c:5c:d6:27:82:ce:06:39:0c:48:
                    18:43:f6:77:68:df:06:43:f8:39:ba:72:5e:01:43:
                    af:23:3e:74:f1:9f:2c:e3:e0:04:1c:4d:f9:dc:6a:
                    75:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:6B:F2:F6:85:17:FD:18:2C:97:DA:D3:15:92:6F:D9:85:07:42:1A
            X509v3 Authority Key Identifier:
                keyid:C7:71:FB:42:49:FC:51:88:A9:8B:62:B0:D4:0B:BA:9B:F7:E3:39:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a878ae-e977-45b0-923c-c90fa345c66e/1/x3H7Qkn8UYipi2Kw1Au6m_fjOSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:15:b5:94:f2:43:8b:b9:3f:6e:c4:5b:b7:bf:1e:39:8b:1e:
         db:81:4a:82:5c:07:c0:ea:18:41:93:88:85:21:34:1f:3f:34:
         3e:81:d2:81:08:a6:8c:78:02:9b:05:65:10:f9:31:b4:00:9c:
         52:b4:74:74:e3:d8:5f:bb:00:84:c3:8f:c6:a2:f2:90:01:b1:
         cd:b2:36:27:fb:2e:68:31:3c:1d:a0:3f:02:aa:81:65:36:a3:
         4f:15:31:0d:7a:b3:6c:34:06:fb:be:27:33:d9:17:dd:09:d2:
         5f:d7:4d:01:74:1e:12:c9:0a:fc:52:ac:10:68:9f:66:b8:de:
         4e:4f:c4:13:7a:55:2e:65:17:35:a5:fc:f8:64:96:58:94:b3:
         30:2b:ba:ad:d9:cb:63:72:fd:d8:cc:3d:2e:7e:de:76:56:61:
         e1:1b:d9:44:ef:68:f1:43:13:b1:28:28:7c:f8:51:9b:fd:2c:
         19:22:49:cc:46:57:8a:3b:fb:b5:51:dd:ad:98:28:10:52:ad:
         1c:d3:64:d4:0a:a6:ea:c3:ee:e2:85:77:2d:76:4a:34:2c:a2:
         58:e5:fd:28:33:19:48:cf:bf:b0:12:a0:17:f4:6f:f1:89:ab:
         5d:e7:be:2f:00:30:54:d9:37:0a:f4:54:c7:9e:cd:f1:02:58:
         bf:9e:97:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysR3lCi+eLeLtQFaBtow1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzFmYjQyNDlmYzUxODhhOThiNjJiMGQ0MGJiYTliZjdl
MzM5MjMwHhcNMjYwMzAyMDIwMTMxWhcNMjYwMzAzMDIwMTMxWjAzMTEwLwYDVQQD
EygzNTZiZjJmNjg1MTdmZDE4MmM5N2RhZDMxNTkyNmZkOTg1MDc0MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qixgYaky+pYy4A7N5i/2uIxvd1Y
E8vJTiV9BMKcuJVSUSLKA8fAiA2ZBvRuWl1fNgks7zauu8oa7fLEi85rzuYbktCq
L1wbymgdcxPPH5mZvpiLyDfR37VQc7B9ba2+U0T/aPcWmGZpdgtMgtxVLFVrHcHG
hlkBiUmf7OTX7SbMvB+Mo1T2r5gxtOHRHCkZwbgfXmF1jXsV6sUb5O0GKGmWlx0X
zWSSBYIK87rZ17QArKUOdokm+qHUERFgYSrBn31xWhEpLnHmd5oMxvi6DysEq5H+
oVxc1ieCzgY5DEgYQ/Z3aN8GQ/g5unJeAUOvIz508Z8s4+AEHE353Gp1gQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVr8vaFF/0YLJfa0xWSb9mFB0IaMB8GA1UdIwQY
MBaAFMdx+0JJ/FGIqYtisNQLupv34zkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODc4YWUtZTk3Ny00NWIwLTkyM2Mt
YzkwZmEzNDVjNjZlLzEveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODc4YWUtZTk3Ny00NWIwLTkyM2MtYzkwZmEzNDVjNjZl
LzEveDNIN1FrbjhVWWlwaTJLdzFBdTZtX2ZqT1NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVRW1lPJD
i7k/bsRbt78eOYse24FKglwHwOoYQZOIhSE0Hz80PoHSgQimjHgCmwVlEPkxtACc
UrR0dOPYX7sAhMOPxqLykAGxzbI2J/suaDE8HaA/AqqBZTajTxUxDXqzbDQG+74n
M9kX3QnSX9dNAXQeEskK/FKsEGifZrjeTk/EE3pVLmUXNaX8+GSWWJSzMCu6rdnL
Y3L92Mw9Ln7edlZh4RvZRO9o8UMTsSgofPhRm/0sGSJJzEZXijv7tVHdrZgoEFKt
HNNk1Aqm6sPu4oV3LXZKNCyiWOX9KDMZSM+/sBKgF/Rv8YmrXee+LwAwVNk3CvRU
x57N8QJYv56X1g==
-----END CERTIFICATE-----