Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
File:                     O4RSPDky4tGYBGI0uWLg3FGr9YY.mft (raw, json)
Hash identifier:          qjs2E2tzloHZT0qy7EpwlNCl2t0tO9ghIL+NjwGoNt8=
Subject key identifier:   2D:9C:82:B7:A9:94:46:15:46:41:95:9D:75:D8:6B:3D:4B:C0:AF:0F
Authority key identifier: 3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86
Certificate issuer:       /CN=3b84523c3932e2d198046234b962e0dc51abf586
Certificate serial:       019CAB6B4B9BEDF89AF780CE3F8A8C5511C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
Manifest number:          1845
Signing time:             Sun 01 Mar 2026 22:01:01 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:01 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:01 +0000
Files and hashes:         1: O4RSPDky4tGYBGI0uWLg3FGr9YY.crl (hash: EmUo+2vjwoxL+GgVl9aVtAxDNJifB6WdRFeROUOA7+Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:4b:9b:ed:f8:9a:f7:80:ce:3f:8a:8c:55:11:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b84523c3932e2d198046234b962e0dc51abf586
        Validity
            Not Before: Mar  1 22:01:01 2026 GMT
            Not After : Mar  2 22:01:01 2026 GMT
        Subject: CN=2d9c82b7a99446154641959d75d86b3d4bc0af0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:75:dc:d0:60:b7:5c:16:cd:b9:48:55:d5:17:
                    e6:69:26:25:c2:d8:7c:bf:a4:b2:6a:bd:04:3b:59:
                    78:52:00:c8:1f:49:6c:e2:f6:6e:2f:3c:7c:99:38:
                    6a:fb:16:3d:f8:3d:0c:a2:2b:ed:32:b6:c8:0b:2b:
                    e6:4f:2e:8b:fb:b0:6a:fe:b6:e0:ca:5b:7b:95:88:
                    61:47:b9:d9:bf:b1:65:2c:04:1d:92:ee:10:3c:e5:
                    01:72:54:fb:2d:24:a1:33:b2:69:bc:45:c9:a6:9d:
                    0d:b8:61:b7:ba:34:fc:00:bc:77:22:28:44:94:97:
                    4f:7d:85:e0:74:55:72:d7:48:d2:2c:ac:ab:b8:e3:
                    2e:a1:c8:11:2a:e0:f0:84:2d:75:10:98:65:f8:2e:
                    44:69:a0:81:8b:6d:5d:c3:1d:7d:e9:8a:31:e9:a9:
                    c0:e9:71:b8:fa:38:e9:35:b1:9f:7c:e5:9c:92:83:
                    d4:5a:6d:d4:3b:c5:ac:ff:15:f9:2a:00:20:60:fa:
                    f2:cf:63:d9:54:eb:50:3a:3a:2a:d4:3d:c5:96:22:
                    e4:e1:cc:98:bb:1f:6a:78:c5:b5:b4:18:1c:43:93:
                    20:fd:e5:aa:eb:97:66:e2:73:57:5b:d5:b3:ad:81:
                    43:dd:8b:08:ca:5c:87:61:73:96:9d:f0:7d:e6:d9:
                    9d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:9C:82:B7:A9:94:46:15:46:41:95:9D:75:D8:6B:3D:4B:C0:AF:0F
            X509v3 Authority Key Identifier:
                keyid:3B:84:52:3C:39:32:E2:D1:98:04:62:34:B9:62:E0:DC:51:AB:F5:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O4RSPDky4tGYBGI0uWLg3FGr9YY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/640a5e-ed52-47b0-bcff-bdf5c780742e/1/O4RSPDky4tGYBGI0uWLg3FGr9YY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:84:d0:4e:dc:c1:79:5b:86:93:0a:50:bf:f1:18:cf:eb:d4:
         0c:48:ea:38:6b:68:fd:de:9e:62:55:f4:0a:da:39:b7:ff:bb:
         68:4f:ee:e1:90:dd:a0:f5:3d:c2:49:2c:72:75:c5:01:c6:67:
         a0:ff:45:40:5f:27:8f:7b:ce:bc:16:85:47:4a:26:87:f1:d8:
         98:75:d9:1d:8a:52:f8:df:8e:6f:7f:31:4c:d4:20:e3:5a:a5:
         ba:f4:8c:0e:28:d1:89:6b:df:58:df:c9:bd:48:50:a5:7e:92:
         3e:a8:63:ca:2e:93:72:95:80:0c:dc:11:79:38:bc:9c:be:8b:
         2a:97:f5:61:21:e8:37:86:bb:76:6b:e3:b1:79:5f:24:69:eb:
         0e:c8:c3:b5:3b:41:55:eb:8c:6f:bc:d2:0a:a2:0a:86:65:21:
         8e:5e:25:7f:17:d1:fe:91:d2:d7:c3:f9:6a:91:45:5e:55:a2:
         5f:2c:34:ba:ef:a2:98:ac:bb:67:ca:39:19:36:aa:df:e1:93:
         09:88:9b:0f:93:30:0d:67:d5:b8:51:f3:47:83:7f:12:3b:22:
         60:9d:47:a9:b8:95:7d:9e:61:47:93:5c:58:1f:f2:d5:31:eb:
         63:15:4c:99:c9:d1:f1:08:e6:7f:ad:2d:51:88:75:f5:db:79:
         a7:6e:9f:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra0ub7fia94DOP4qMVRHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiODQ1MjNjMzkzMmUyZDE5ODA0NjIzNGI5NjJlMGRjNTFh
YmY1ODYwHhcNMjYwMzAxMjIwMTAxWhcNMjYwMzAyMjIwMTAxWjAzMTEwLwYDVQQD
EygyZDljODJiN2E5OTQ0NjE1NDY0MTk1OWQ3NWQ4NmIzZDRiYzBhZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nXc0GC3XBbNuUhV1RfmaSYlwth8
v6Syar0EO1l4UgDIH0ls4vZuLzx8mThq+xY9+D0MoivtMrbICyvmTy6L+7Bq/rbg
ylt7lYhhR7nZv7FlLAQdku4QPOUBclT7LSShM7JpvEXJpp0NuGG3ujT8ALx3IihE
lJdPfYXgdFVy10jSLKyruOMuocgRKuDwhC11EJhl+C5EaaCBi21dwx196Yox6anA
6XG4+jjpNbGffOWckoPUWm3UO8Ws/xX5KgAgYPryz2PZVOtQOjoq1D3FliLk4cyY
ux9qeMW1tBgcQ5Mg/eWq65dm4nNXW9WzrYFD3YsIylyHYXOWnfB95tmd7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2cgreplEYVRkGVnXXYaz1LwK8PMB8GA1UdIwQY
MBaAFDuEUjw5MuLRmARiNLli4NxRq/WGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYt
YmRmNWM3ODA3NDJlLzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82NDBhNWUtZWQ1Mi00N2IwLWJjZmYtYmRmNWM3ODA3NDJl
LzEvTzRSU1BEa3k0dEdZQkdJMHVXTGczRkdyOVlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoTQTtzB
eVuGkwpQv/EYz+vUDEjqOGto/d6eYlX0Cto5t/+7aE/u4ZDdoPU9wkkscnXFAcZn
oP9FQF8nj3vOvBaFR0omh/HYmHXZHYpS+N+Ob38xTNQg41qluvSMDijRiWvfWN/J
vUhQpX6SPqhjyi6TcpWADNwReTi8nL6LKpf1YSHoN4a7dmvjsXlfJGnrDsjDtTtB
VeuMb7zSCqIKhmUhjl4lfxfR/pHS18P5apFFXlWiXyw0uu+imKy7Z8o5GTaq3+GT
CYibD5MwDWfVuFHzR4N/EjsiYJ1HqbiVfZ5hR5NcWB/y1THrYxVMmcnR8Qjmf60t
UYh19dt5p26fqQ==
-----END CERTIFICATE-----