Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          R+jia/nOfIla7N6A3d8Egy8qo6Gk3/SoofEW3qmeG4E=
Subject key identifier:   DD:58:5A:C1:80:36:74:D6:29:B4:1F:D9:1C:05:04:BC:0F:B9:4F:AB
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       019CAB6BCD4E467345A3B779A6F1B675A2C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 22:01:34 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:34 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:34 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: 3rJoyhp3KQwhaSL8nZJt/RC0ENCs7nZJGe6fJmgDwLU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:cd:4e:46:73:45:a3:b7:79:a6:f1:b6:75:a2:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Mar  1 22:01:34 2026 GMT
            Not After : Mar  2 22:01:34 2026 GMT
        Subject: CN=dd585ac1803674d629b41fd91c0504bc0fb94fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:c4:a9:8f:b5:2e:b5:26:9e:e1:90:9d:ff:27:
                    7e:6c:a2:d9:9d:12:96:dd:12:36:aa:93:05:9a:b8:
                    cf:5e:7e:a5:17:dc:33:a7:4d:96:a7:c7:90:5c:b5:
                    93:19:70:a8:51:10:06:6b:b5:60:33:b8:70:a4:ba:
                    be:91:b3:3c:ed:84:f5:f7:06:a0:59:50:aa:b8:5f:
                    20:84:3f:d9:5a:f9:7f:c7:b0:29:40:78:17:aa:42:
                    55:a0:f7:3f:21:e0:9c:2c:dd:81:ac:db:60:fe:28:
                    c4:78:65:8b:9a:04:cb:51:85:c9:93:70:65:19:37:
                    7f:65:c9:07:56:43:c8:c3:e9:aa:fa:a5:ca:a9:c3:
                    f1:6b:bb:86:ee:00:ad:6f:16:1c:2b:e4:e9:69:e0:
                    93:ac:b5:8f:ad:15:4a:24:51:4e:8f:1c:56:54:f3:
                    e0:68:f2:82:74:b3:92:b1:c9:37:79:4e:64:3c:86:
                    c3:0e:a3:bb:86:1b:eb:b1:ce:52:f6:7b:b4:f6:f8:
                    4a:ae:89:fe:df:95:4b:b9:4e:46:c8:f6:f5:1f:fa:
                    9a:a7:a3:e3:aa:f8:f5:d3:a4:8b:4c:33:52:8a:13:
                    1f:a8:53:00:c1:0d:83:13:3a:6d:0d:1f:08:19:6a:
                    ed:d2:94:ad:fb:7c:30:e1:59:cd:91:f2:9c:03:21:
                    e0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:58:5A:C1:80:36:74:D6:29:B4:1F:D9:1C:05:04:BC:0F:B9:4F:AB
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:18:4c:fb:5f:bb:6b:87:ec:90:39:47:4f:15:8c:2a:33:f2:
         24:a6:b8:e7:16:3e:e9:99:da:c4:25:e6:d4:b3:a3:20:9a:41:
         af:09:d7:8b:2a:55:44:8c:eb:db:e1:5c:39:5a:bd:d3:c8:e2:
         7c:96:eb:07:60:59:29:d2:0f:03:9b:6f:73:89:50:d9:8c:0d:
         8c:0a:5f:09:d9:a8:3a:e0:f5:be:1b:f4:0e:de:c1:83:3a:3d:
         78:a6:3a:e5:39:33:1c:91:76:da:ff:5a:e1:6a:b7:0e:09:95:
         cd:ef:5f:d6:4a:b8:c9:67:74:d5:64:26:40:28:c7:cc:90:d8:
         74:da:dc:78:e1:ab:13:2e:f5:c9:a0:ec:39:b7:d2:80:86:7e:
         3a:47:e3:1f:28:a4:b0:56:ba:b0:7d:8e:ee:2a:9b:66:b8:f6:
         76:d0:4a:07:34:44:47:17:23:5f:6d:17:69:f5:3c:23:0c:89:
         f2:99:af:99:31:23:56:13:cf:18:87:58:80:cc:92:ea:43:58:
         5f:6e:8e:a4:be:c9:e4:31:8d:30:22:1d:59:01:bf:75:71:38:
         44:db:ca:ba:33:72:7e:c3:72:1d:ac:62:79:2b:79:0b:21:ae:
         91:e0:77:1e:a8:7e:d2:74:d1:2a:50:09:b1:a4:d9:09:c8:09:
         e5:af:73:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra81ORnNFo7d5pvG2daLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjYwMzAxMjIwMTM0WhcNMjYwMzAyMjIwMTM0WjAzMTEwLwYDVQQD
EyhkZDU4NWFjMTgwMzY3NGQ2MjliNDFmZDkxYzA1MDRiYzBmYjk0ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Spj7UutSae4ZCd/yd+bKLZnRKW
3RI2qpMFmrjPXn6lF9wzp02Wp8eQXLWTGXCoURAGa7VgM7hwpLq+kbM87YT19wag
WVCquF8ghD/ZWvl/x7ApQHgXqkJVoPc/IeCcLN2BrNtg/ijEeGWLmgTLUYXJk3Bl
GTd/ZckHVkPIw+mq+qXKqcPxa7uG7gCtbxYcK+TpaeCTrLWPrRVKJFFOjxxWVPPg
aPKCdLOSsck3eU5kPIbDDqO7hhvrsc5S9nu09vhKron+35VLuU5GyPb1H/qap6Pj
qvj106SLTDNSihMfqFMAwQ2DEzptDR8IGWrt0pSt+3ww4VnNkfKcAyHgWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1YWsGANnTWKbQf2RwFBLwPuU+rMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALBhM+1+7
a4fskDlHTxWMKjPyJKa45xY+6ZnaxCXm1LOjIJpBrwnXiypVRIzr2+FcOVq908ji
fJbrB2BZKdIPA5tvc4lQ2YwNjApfCdmoOuD1vhv0Dt7Bgzo9eKY65TkzHJF22v9a
4Wq3DgmVze9f1kq4yWd01WQmQCjHzJDYdNrceOGrEy71yaDsObfSgIZ+OkfjHyik
sFa6sH2O7iqbZrj2dtBKBzRERxcjX20XafU8IwyJ8pmvmTEjVhPPGIdYgMyS6kNY
X26OpL7J5DGNMCIdWQG/dXE4RNvKujNyfsNyHaxieSt5CyGukeB3Hqh+0nTRKlAJ
saTZCcgJ5a9zNg==
-----END CERTIFICATE-----