Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
File:                     OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json)
Hash identifier:          LvQFQWnUhnSpcnIUe1/IkUhWnKQQjsLO+4Cb/7b1iDs=
Subject key identifier:   58:13:2A:31:F2:F2:3D:5D:10:51:2F:26:06:DE:4A:4A:1F:07:9E:CB
Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D
Certificate issuer:       /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
Certificate serial:       019CAA212DFF006B31E608CAACEC80972DF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
Manifest number:          1842
Signing time:             Sun 01 Mar 2026 16:00:26 +0000
Manifest this update:     Sun 01 Mar 2026 16:00:26 +0000
Manifest next update:     Mon 02 Mar 2026 16:00:26 +0000
Files and hashes:         1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: wilA4+VY9lD9rIw4Cw3saa6SZQxvSUUOPAH5pD2YrQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 16:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:21:2d:ff:00:6b:31:e6:08:ca:ac:ec:80:97:2d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
        Validity
            Not Before: Mar  1 16:00:26 2026 GMT
            Not After : Mar  2 16:00:26 2026 GMT
        Subject: CN=58132a31f2f23d5d10512f2606de4a4a1f079ecb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:cf:db:77:f7:d9:b9:74:cc:2e:21:90:3e:f5:
                    21:70:d1:91:8b:2a:97:64:07:76:4a:2b:c0:3f:74:
                    3d:f1:07:8b:da:03:cc:d1:61:6f:95:7b:99:82:1e:
                    17:93:0c:72:13:f1:47:f5:36:9b:bb:b0:56:ee:1d:
                    44:c8:53:ff:95:09:1e:82:30:73:08:b8:f8:98:00:
                    74:ba:36:32:67:79:34:db:86:7e:8c:ef:73:d2:20:
                    f0:c1:9f:98:af:72:7e:46:8e:ae:d4:77:f0:1b:24:
                    0c:c1:60:dc:0e:14:52:41:7a:bb:79:9a:f5:9a:85:
                    f1:86:59:41:7e:4a:0f:09:2a:3a:61:d4:a9:5b:fc:
                    7f:79:38:54:ac:de:bf:7c:ae:6a:6b:17:b0:5a:7d:
                    6f:fd:aa:93:01:39:ca:d6:b6:28:18:35:e2:6f:8b:
                    20:9d:3d:5d:34:14:c0:3c:9d:bf:47:e7:ee:40:37:
                    0a:35:91:62:24:b7:50:4c:66:44:70:6c:d5:82:f3:
                    b8:49:4c:c1:46:5e:6c:f6:70:76:0f:85:84:d2:cb:
                    31:64:25:78:a0:95:52:57:c7:17:bf:f3:58:f8:75:
                    2b:5e:92:9a:e6:14:53:a8:7a:f2:63:6b:20:6c:52:
                    e2:69:7b:ee:17:20:16:fc:e5:af:94:e9:4d:a4:65:
                    42:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:13:2A:31:F2:F2:3D:5D:10:51:2F:26:06:DE:4A:4A:1F:07:9E:CB
            X509v3 Authority Key Identifier:
                keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:cf:af:8f:2e:65:d8:d5:8b:37:03:58:1a:f8:19:2b:ee:91:
         bd:df:05:86:5d:1f:37:1d:1d:32:97:01:54:c9:c7:07:67:70:
         7e:57:50:82:d0:d5:bf:06:c3:5d:28:77:04:27:de:fa:15:b7:
         54:48:e0:07:37:70:6b:6c:a2:68:58:1a:ba:97:70:f7:e6:dc:
         12:58:bc:6b:10:77:ea:dc:4b:86:e5:1e:5a:a4:de:b6:16:16:
         a0:7a:7f:14:47:f0:e2:ab:78:7f:81:6c:fe:39:ff:9a:12:a4:
         16:a2:c3:8f:ba:00:fb:34:2c:21:a5:f1:0a:22:9a:2b:66:90:
         46:be:18:0b:d3:49:d5:30:ad:8e:f8:27:98:7d:dc:c1:84:80:
         e1:98:4f:4a:b6:c3:7d:a1:d5:7d:40:7b:7d:ec:cd:79:2e:2b:
         66:60:6b:87:6a:45:e6:17:66:2b:47:7c:0a:a7:34:1b:e0:00:
         2f:45:9a:f6:d5:06:c1:19:c1:49:2d:87:b1:9e:b0:d7:1d:4b:
         45:21:81:01:0f:a6:e9:6a:22:7c:1b:26:04:d2:de:4a:e1:5f:
         bf:42:48:86:94:76:43:25:73:3a:34:f6:5f:49:a3:be:87:41:
         25:62:45:86:96:12:50:a0:42:18:52:1c:7e:bc:99:91:21:43:
         cb:8f:df:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIS3/AGsx5gjKrOyAly3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4
OWJmOWQwHhcNMjYwMzAxMTYwMDI2WhcNMjYwMzAyMTYwMDI2WjAzMTEwLwYDVQQD
Eyg1ODEzMmEzMWYyZjIzZDVkMTA1MTJmMjYwNmRlNGE0YTFmMDc5ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0c/bd/fZuXTMLiGQPvUhcNGRiyqX
ZAd2SivAP3Q98QeL2gPM0WFvlXuZgh4XkwxyE/FH9Tabu7BW7h1EyFP/lQkegjBz
CLj4mAB0ujYyZ3k024Z+jO9z0iDwwZ+Yr3J+Ro6u1HfwGyQMwWDcDhRSQXq7eZr1
moXxhllBfkoPCSo6YdSpW/x/eThUrN6/fK5qaxewWn1v/aqTATnK1rYoGDXib4sg
nT1dNBTAPJ2/R+fuQDcKNZFiJLdQTGZEcGzVgvO4SUzBRl5s9nB2D4WE0ssxZCV4
oJVSV8cXv/NY+HUrXpKa5hRTqHryY2sgbFLiaXvuFyAW/OWvlOlNpGVCgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFgTKjHy8j1dEFEvJgbeSkofB57LMB8GA1UdIwQY
MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt
NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh
LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQs+vjy5l
2NWLNwNYGvgZK+6Rvd8Fhl0fNx0dMpcBVMnHB2dwfldQgtDVvwbDXSh3BCfe+hW3
VEjgBzdwa2yiaFgaupdw9+bcEli8axB36txLhuUeWqTethYWoHp/FEfw4qt4f4Fs
/jn/mhKkFqLDj7oA+zQsIaXxCiKaK2aQRr4YC9NJ1TCtjvgnmH3cwYSA4ZhPSrbD
faHVfUB7fezNeS4rZmBrh2pF5hdmK0d8Cqc0G+AAL0Wa9tUGwRnBSS2HsZ6w1x1L
RSGBAQ+m6WoifBsmBNLeSuFfv0JIhpR2QyVzOjT2X0mjvodBJWJFhpYSUKBCGFIc
fryZkSFDy4/fxQ==
-----END CERTIFICATE-----