Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          ntw4Hp2Ua0aW9TtTAocLJLrte/B/DNIj4wVM04s53FI=
Subject key identifier:   71:1D:11:D6:5D:6F:05:A4:28:0D:D5:0C:C4:BE:4F:9F:5A:5B:2A:98
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019D98F4D7C253A9FAD11AB8AA2F732F6E5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          18BE
Signing time:             Fri 17 Apr 2026 01:01:15 +0000
Manifest this update:     Fri 17 Apr 2026 01:01:15 +0000
Manifest next update:     Sat 18 Apr 2026 01:01:15 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: alle1pjjugdkN5bxg2bGtntDaaYasYtJHuyu2R5RUFc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:d7:c2:53:a9:fa:d1:1a:b8:aa:2f:73:2f:6e:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Apr 17 01:01:15 2026 GMT
            Not After : Apr 18 01:01:15 2026 GMT
        Subject: CN=711d11d65d6f05a4280dd50cc4be4f9f5a5b2a98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:db:b2:8e:b5:16:8a:ab:2c:de:ac:62:5e:95:
                    ac:55:e8:11:13:64:e7:24:29:77:b9:5d:70:99:0b:
                    fc:f4:bd:55:60:a1:67:7f:6b:c6:37:7e:1e:94:80:
                    78:66:f6:d8:dd:65:75:b3:e6:f4:11:64:cd:da:e6:
                    84:c7:30:c0:97:96:8e:84:dc:f2:31:52:ed:f6:12:
                    c1:85:2d:e3:61:59:19:55:2e:56:ae:a2:7f:ea:13:
                    98:79:5d:ba:5d:62:62:ed:5f:3e:32:e2:2c:4c:4e:
                    d8:5a:65:b6:8f:bb:b1:0f:64:ee:6f:6a:74:09:f0:
                    cd:89:c8:fa:13:60:3c:71:76:ab:ec:27:50:06:b5:
                    ff:0a:65:a8:f0:49:ad:15:5a:52:57:c7:f0:b9:6e:
                    f1:29:d8:37:c0:cb:e5:1f:8c:c0:7f:fe:c9:69:a5:
                    71:7b:3c:81:ff:f5:72:b4:d6:bb:c4:a8:37:4b:ba:
                    b1:4d:47:21:41:4b:57:e3:09:ac:9e:79:16:b0:36:
                    d6:0b:05:cc:a2:56:78:91:f1:c7:8e:60:05:0c:4b:
                    d4:88:57:29:3a:f6:10:5e:a9:a1:a2:04:59:3f:01:
                    04:72:06:aa:bc:dd:c3:59:6f:56:f7:41:7a:29:ed:
                    2a:b5:db:f9:87:55:58:8c:19:69:b7:80:0e:ad:30:
                    2e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:1D:11:D6:5D:6F:05:A4:28:0D:D5:0C:C4:BE:4F:9F:5A:5B:2A:98
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:a8:67:a0:3d:60:60:1b:6a:a0:75:51:14:1d:a2:f1:8d:01:
         9c:7f:79:29:9b:3f:1c:a2:76:67:be:1c:8e:f2:fb:fa:93:0f:
         60:75:93:4e:6a:e1:36:2b:10:5e:49:40:b5:a8:b6:a7:bf:68:
         77:e1:d2:65:3d:1e:65:49:d5:df:35:b3:ee:7b:5a:e9:c1:59:
         5f:6e:bf:2b:db:b0:a7:c4:8e:f9:9d:d7:0c:ec:5d:3b:9c:b5:
         88:73:a2:99:c2:fe:d5:3f:e4:b6:e6:7c:11:b8:57:ab:ac:52:
         1b:65:b5:8a:63:20:0e:8d:14:a4:61:59:39:8a:f7:25:2f:4d:
         de:34:2b:f0:d4:7d:c3:d2:33:54:ba:d0:f4:f4:9a:e3:86:72:
         01:20:16:d7:d9:d0:9d:9c:87:95:41:da:a1:e2:ef:54:7d:27:
         f9:54:f4:76:98:04:d9:e7:80:0b:33:dd:36:12:80:ff:9b:bd:
         26:9f:a9:6a:c1:9d:6c:e0:3f:0f:23:24:1f:fc:29:de:b9:2d:
         ae:10:82:bc:8e:53:cf:ee:98:a8:2e:f3:65:ec:5d:8f:8e:c1:
         85:0a:ae:7e:60:c6:eb:4a:90:13:a7:f0:7f:54:a0:ff:64:1a:
         58:0c:8c:72:09:8c:22:27:1f:a7:bb:80:ab:82:ed:ad:0f:8a:
         93:14:94:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9NfCU6n60Rq4qi9zL25dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjYwNDE3MDEwMTE1WhcNMjYwNDE4MDEwMTE1WjAzMTEwLwYDVQQD
Eyg3MTFkMTFkNjVkNmYwNWE0MjgwZGQ1MGNjNGJlNGY5ZjVhNWIyYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtuyjrUWiqss3qxiXpWsVegRE2Tn
JCl3uV1wmQv89L1VYKFnf2vGN34elIB4ZvbY3WV1s+b0EWTN2uaExzDAl5aOhNzy
MVLt9hLBhS3jYVkZVS5WrqJ/6hOYeV26XWJi7V8+MuIsTE7YWmW2j7uxD2Tub2p0
CfDNicj6E2A8cXar7CdQBrX/CmWo8EmtFVpSV8fwuW7xKdg3wMvlH4zAf/7JaaVx
ezyB//VytNa7xKg3S7qxTUchQUtX4wmsnnkWsDbWCwXMolZ4kfHHjmAFDEvUiFcp
OvYQXqmhogRZPwEEcgaqvN3DWW9W90F6Ke0qtdv5h1VYjBlpt4AOrTAuFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEdEdZdbwWkKA3VDMS+T59aWyqYMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKhnoD1g
YBtqoHVRFB2i8Y0BnH95KZs/HKJ2Z74cjvL7+pMPYHWTTmrhNisQXklAtai2p79o
d+HSZT0eZUnV3zWz7nta6cFZX26/K9uwp8SO+Z3XDOxdO5y1iHOimcL+1T/ktuZ8
EbhXq6xSG2W1imMgDo0UpGFZOYr3JS9N3jQr8NR9w9IzVLrQ9PSa44ZyASAW19nQ
nZyHlUHaoeLvVH0n+VT0dpgE2eeACzPdNhKA/5u9Jp+pasGdbOA/DyMkH/wp3rkt
rhCCvI5Tz+6YqC7zZexdj47BhQqufmDG60qQE6fwf1Sg/2QaWAyMcgmMIicfp7uA
q4LtrQ+KkxSUvA==
-----END CERTIFICATE-----