Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
File:                     OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json)
Hash identifier:          Jjg7Hyp8RYwC+odZEhslCZ7ZbICxVuQfPOHwbozWopI=
Subject key identifier:   E4:06:8D:8F:98:89:47:21:69:F3:C0:1F:2E:70:A3:60:BF:54:90:29
Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D
Certificate issuer:       /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
Certificate serial:       019D9999309EE62E109461C3508F00505877
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 04:00:46 +0000
Manifest this update:     Fri 17 Apr 2026 04:00:46 +0000
Manifest next update:     Sat 18 Apr 2026 04:00:46 +0000
Files and hashes:         1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: Pf8DjwoCd9eX8haN72jMPNmBq8zb+G+E16P5cXF4wqc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:99:30:9e:e6:2e:10:94:61:c3:50:8f:00:50:58:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
        Validity
            Not Before: Apr 17 04:00:46 2026 GMT
            Not After : Apr 18 04:00:46 2026 GMT
        Subject: CN=e4068d8f9889472169f3c01f2e70a360bf549029
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:16:ed:cb:47:eb:5c:44:7d:5a:40:19:61:c0:
                    d0:b9:cf:3c:31:bf:b7:51:18:88:83:0d:94:94:84:
                    0c:a6:b3:e7:23:34:5e:18:66:54:36:4f:5d:20:6c:
                    42:0e:57:fd:32:a4:5d:7b:73:26:fc:00:26:be:f5:
                    34:91:19:8e:d1:e6:95:b5:67:49:0c:f5:28:3a:97:
                    1f:5d:19:8d:c3:3a:c4:28:0d:67:cb:d2:19:09:87:
                    53:dd:ac:b9:05:40:e4:f7:33:2a:bb:c7:78:eb:15:
                    f6:a0:93:75:6e:df:c9:b8:42:f0:38:29:80:df:f5:
                    81:08:76:00:a5:3a:36:93:d8:b8:08:d5:09:3f:fa:
                    49:6b:c4:0b:83:ab:ae:14:b8:13:5b:23:83:c8:95:
                    a0:a3:bf:59:ce:49:68:08:9c:ab:c1:0d:b8:52:11:
                    96:30:cc:34:b1:c8:6a:30:22:01:50:81:74:02:a0:
                    50:b5:1d:88:d7:a8:2e:c9:80:3a:07:84:4a:9b:31:
                    2d:2b:97:03:0f:8c:03:18:71:7a:ff:13:53:49:10:
                    db:5e:f3:b3:8a:21:80:c9:33:5c:a2:86:c5:fc:fe:
                    0d:2f:6d:9b:33:5b:4d:93:52:7c:35:c8:1e:a2:63:
                    e1:f6:c1:32:6f:39:8c:7b:43:18:d7:f1:0e:02:80:
                    e1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:06:8D:8F:98:89:47:21:69:F3:C0:1F:2E:70:A3:60:BF:54:90:29
            X509v3 Authority Key Identifier:
                keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:4c:40:38:fa:3d:d0:3e:43:16:a2:b0:31:33:d5:d5:d4:e1:
         53:9f:a2:0a:eb:7d:9e:17:c0:7c:90:c2:2a:94:fb:14:40:51:
         5d:90:5d:4e:63:40:41:8f:b8:54:2c:52:d2:2f:1c:8d:96:08:
         e0:11:5c:3e:bb:49:dd:8f:20:b6:23:91:1b:60:65:ce:63:9c:
         24:ce:bf:5f:d4:ec:82:95:a9:4a:c0:e1:d9:42:e7:0b:92:7c:
         bb:93:64:6f:19:86:3c:4b:99:8a:53:f3:c5:a6:35:e8:b5:bc:
         27:67:ac:77:05:cf:09:d7:76:a1:82:72:4a:3c:55:4d:77:9e:
         f4:87:1a:cd:0e:e6:f3:62:5f:47:ed:1d:96:85:ab:b7:3b:bc:
         db:02:58:f9:d3:d5:f4:62:2e:24:ed:81:9a:fe:08:bc:4c:b1:
         ee:6e:81:ad:3e:da:a0:ad:99:90:1f:c6:8e:5f:45:e7:c2:0a:
         48:38:43:27:72:3f:7e:2b:87:97:5e:a4:91:4e:29:ab:39:4f:
         03:8c:71:85:56:d8:8d:ee:0e:b7:40:7b:0a:cf:a6:c0:1e:ba:
         c2:8e:fd:8c:8f:81:18:81:b8:dd:c2:bb:29:9a:67:e3:e0:37:
         03:a6:3b:4b:71:3e:5b:ea:bb:e6:30:81:e1:52:e4:86:8d:27:
         00:81:11:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZmTCe5i4QlGHDUI8AUFh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4
OWJmOWQwHhcNMjYwNDE3MDQwMDQ2WhcNMjYwNDE4MDQwMDQ2WjAzMTEwLwYDVQQD
EyhlNDA2OGQ4Zjk4ODk0NzIxNjlmM2MwMWYyZTcwYTM2MGJmNTQ5MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRbty0frXER9WkAZYcDQuc88Mb+3
URiIgw2UlIQMprPnIzReGGZUNk9dIGxCDlf9MqRde3Mm/AAmvvU0kRmO0eaVtWdJ
DPUoOpcfXRmNwzrEKA1ny9IZCYdT3ay5BUDk9zMqu8d46xX2oJN1bt/JuELwOCmA
3/WBCHYApTo2k9i4CNUJP/pJa8QLg6uuFLgTWyODyJWgo79ZzkloCJyrwQ24UhGW
MMw0schqMCIBUIF0AqBQtR2I16guyYA6B4RKmzEtK5cDD4wDGHF6/xNTSRDbXvOz
iiGAyTNcoobF/P4NL22bM1tNk1J8NcgeomPh9sEybzmMe0MY1/EOAoDhUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQGjY+YiUchafPAHy5wo2C/VJApMB8GA1UdIwQY
MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt
NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh
LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkxAOPo9
0D5DFqKwMTPV1dThU5+iCut9nhfAfJDCKpT7FEBRXZBdTmNAQY+4VCxS0i8cjZYI
4BFcPrtJ3Y8gtiORG2BlzmOcJM6/X9TsgpWpSsDh2ULnC5J8u5NkbxmGPEuZilPz
xaY16LW8J2esdwXPCdd2oYJySjxVTXee9IcazQ7m82JfR+0dloWrtzu82wJY+dPV
9GIuJO2Bmv4IvEyx7m6BrT7aoK2ZkB/Gjl9F58IKSDhDJ3I/fiuHl16kkU4pqzlP
A4xxhVbYje4Ot0B7Cs+mwB66wo79jI+BGIG43cK7KZpn4+A3A6Y7S3E+W+q75jCB
4VLkho0nAIERzg==
-----END CERTIFICATE-----