Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File:                     OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier:          pHptoOTrFh/TWsroVmQWFc83QlP6BQJmBb2TZHmfV94=
Subject key identifier:   02:22:EF:80:4B:B5:F7:D1:0D:03:B6:71:B7:6E:57:4B:E9:E3:36:BF
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer:       /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial:       019CAC4689307FA87AF03F34FEE2DE4F146F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number:          0427
Signing time:             Mon 02 Mar 2026 02:00:29 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:29 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:29 +0000
Files and hashes:         1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: GESTGj303X48CsilRp+386mqTjkmzU3MLdkzp21mSE0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:89:30:7f:a8:7a:f0:3f:34:fe:e2:de:4f:14:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
        Validity
            Not Before: Mar  2 02:00:29 2026 GMT
            Not After : Mar  3 02:00:29 2026 GMT
        Subject: CN=0222ef804bb5f7d10d03b671b76e574be9e336bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f5:11:ac:7e:b2:40:a5:59:fc:b1:8e:ec:6e:
                    4e:f7:09:5a:a7:df:17:a9:45:62:1f:85:81:b1:48:
                    1e:60:10:af:f6:d6:16:3e:49:2f:9a:b8:90:79:20:
                    6a:42:b4:bc:68:4a:a1:f3:cb:e7:e3:98:c0:d2:4a:
                    49:22:95:f5:d9:60:af:6a:89:27:c9:f6:de:a7:52:
                    90:4a:84:e3:f2:5d:e5:f3:a8:21:f8:57:b5:93:35:
                    32:f7:fb:45:1f:06:ab:68:74:2d:b9:62:63:4a:cb:
                    19:4d:13:e8:04:9c:2a:1c:a4:e4:6e:68:73:37:ad:
                    f8:48:6e:74:33:3f:43:a5:db:d9:c3:50:c0:52:0b:
                    fb:ab:04:2f:0f:bd:57:9a:c8:2b:0b:80:c6:d8:01:
                    7d:25:51:d4:11:25:6a:62:0e:9c:28:fd:c5:b8:52:
                    5d:bd:d2:1b:b9:75:b4:09:9f:4a:f4:e9:63:55:29:
                    0e:c7:61:d3:3b:cf:e8:41:3b:e0:fa:a7:8f:3b:48:
                    65:c4:47:69:55:46:e6:07:24:6f:9c:55:d8:cd:fc:
                    23:25:44:cf:0f:01:be:a0:51:4e:79:fb:99:c1:67:
                    c3:1d:9d:1d:ba:09:45:89:bd:b0:fa:af:af:6a:cb:
                    cc:d4:42:40:95:16:c6:af:76:10:c3:27:2b:a9:8f:
                    d5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:22:EF:80:4B:B5:F7:D1:0D:03:B6:71:B7:6E:57:4B:E9:E3:36:BF
            X509v3 Authority Key Identifier:
                keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:6d:c9:d8:6b:2f:6b:32:88:2e:6d:c9:49:65:86:07:4b:b3:
         e7:43:bd:4a:3c:d5:05:64:08:81:b1:00:ea:23:77:f6:64:70:
         55:bd:fa:db:cd:2d:41:7e:71:9d:81:a5:8d:3d:67:16:a3:ae:
         ca:dd:db:8a:57:80:12:b4:71:6b:ef:cf:11:ae:46:48:da:29:
         4c:bb:bd:b6:be:a6:71:52:08:a5:c6:aa:d7:a5:02:12:65:89:
         ee:d4:da:6a:90:f7:be:99:f2:96:49:22:93:66:6c:b0:f6:3c:
         a0:52:cb:6f:f2:0c:42:5f:82:56:55:89:68:0a:ed:68:39:9f:
         52:ef:d8:1b:05:01:47:82:65:8a:5c:ef:ca:60:58:17:58:b7:
         1a:1a:28:aa:59:ca:9a:80:32:07:4b:8d:da:86:e7:33:5a:71:
         b5:f6:70:3b:dd:6b:6f:31:0b:98:ed:aa:7b:03:52:29:b3:77:
         98:b3:ae:81:82:72:bb:da:a2:6b:8c:cb:9d:dd:99:cf:82:6e:
         7a:de:cd:e5:9d:32:5b:4d:d2:39:1f:bc:18:f9:3f:22:5e:c5:
         77:8d:60:93:28:cf:a8:27:93:e4:55:85:f8:91:9d:0b:72:88:
         cd:53:17:9e:13:39:48:7a:9f:ef:fb:cd:8f:00:6d:9f:a0:8b:
         9b:a4:98:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRokwf6h68D80/uLeTxRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjYwMzAyMDIwMDI5WhcNMjYwMzAzMDIwMDI5WjAzMTEwLwYDVQQD
EygwMjIyZWY4MDRiYjVmN2QxMGQwM2I2NzFiNzZlNTc0YmU5ZTMzNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufURrH6yQKVZ/LGO7G5O9wlap98X
qUViH4WBsUgeYBCv9tYWPkkvmriQeSBqQrS8aEqh88vn45jA0kpJIpX12WCvaokn
yfbep1KQSoTj8l3l86gh+Fe1kzUy9/tFHwaraHQtuWJjSssZTRPoBJwqHKTkbmhz
N634SG50Mz9DpdvZw1DAUgv7qwQvD71XmsgrC4DG2AF9JVHUESVqYg6cKP3FuFJd
vdIbuXW0CZ9K9OljVSkOx2HTO8/oQTvg+qePO0hlxEdpVUbmByRvnFXYzfwjJUTP
DwG+oFFOefuZwWfDHZ0duglFib2w+q+vasvM1EJAlRbGr3YQwycrqY/VZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIi74BLtffRDQO2cbduV0vp4za/MB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFm3J2Gsv
azKILm3JSWWGB0uz50O9SjzVBWQIgbEA6iN39mRwVb36280tQX5xnYGljT1nFqOu
yt3bileAErRxa+/PEa5GSNopTLu9tr6mcVIIpcaq16UCEmWJ7tTaapD3vpnylkki
k2ZssPY8oFLLb/IMQl+CVlWJaArtaDmfUu/YGwUBR4JlilzvymBYF1i3GhooqlnK
moAyB0uN2obnM1pxtfZwO91rbzELmO2qewNSKbN3mLOugYJyu9qia4zLnd2Zz4Ju
et7N5Z0yW03SOR+8GPk/Il7Fd41gkyjPqCeT5FWF+JGdC3KIzVMXnhM5SHqf7/vN
jwBtn6CLm6SYkw==
-----END CERTIFICATE-----