Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          0ciphpFwXC+vzPRERZ3Wh9L1q9kwHGirtIATvDimO+8=
Subject key identifier:   E8:4B:E9:E4:85:D4:02:1D:69:19:04:31:13:D6:96:79:D4:92:CA:2F
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019CAAC644D8E4F26953B17BFA6CBBF9B322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0C55
Signing time:             Sun 01 Mar 2026 19:00:46 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:46 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:46 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: Pn3OP6uTGYADKJye8Tz6VU5HruuZ3Ztk5TjCjZnDZT4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:44:d8:e4:f2:69:53:b1:7b:fa:6c:bb:f9:b3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Mar  1 19:00:46 2026 GMT
            Not After : Mar  2 19:00:46 2026 GMT
        Subject: CN=e84be9e485d4021d6919043113d69679d492ca2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c1:c7:f9:73:96:04:44:94:73:e2:c6:fa:61:
                    9c:a4:0a:ce:3e:cf:3e:93:49:2e:c6:21:48:55:c9:
                    6b:9e:99:0c:6e:e0:d1:42:f7:43:8e:b9:5f:0d:d6:
                    51:24:c1:42:0d:49:58:69:d8:4a:ed:97:a1:03:0f:
                    73:30:b2:37:a2:27:74:8c:f1:2c:82:01:69:29:ac:
                    f4:26:d9:20:04:e0:c4:7a:bb:5b:ee:eb:dd:3b:09:
                    c4:05:1a:af:c7:8c:5e:a8:8d:3b:6c:1b:74:f8:38:
                    54:4b:23:72:ca:34:de:07:08:a0:ec:fb:e0:05:97:
                    42:b2:2e:9c:04:98:fc:31:23:2e:08:d2:be:5a:5c:
                    db:41:f0:f2:36:b5:ca:5a:2d:24:16:62:e6:59:0c:
                    c6:f4:51:c4:0d:41:91:e4:ad:fa:85:37:47:32:96:
                    6b:71:29:61:64:c4:46:e8:20:bb:2a:71:21:d9:f5:
                    f5:f9:03:5c:2d:87:9f:3b:01:47:e4:f7:c7:81:cc:
                    e9:da:2b:c2:49:c3:05:f7:cf:78:51:ad:83:07:de:
                    ad:58:95:de:6f:4a:ca:72:5f:9d:c9:56:5a:1f:0b:
                    c2:62:57:22:ac:86:8d:1a:da:df:fa:8f:bc:6a:ba:
                    c6:34:ad:db:81:02:c7:6a:7c:99:37:01:ab:a4:14:
                    c0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:4B:E9:E4:85:D4:02:1D:69:19:04:31:13:D6:96:79:D4:92:CA:2F
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:65:55:94:ea:9d:25:ec:9c:6d:7c:6f:1e:2c:84:8b:8b:fc:
         1e:f0:14:c6:50:38:d8:37:45:43:ea:f5:c7:26:c4:ac:ab:80:
         6b:0a:dd:f4:ed:1c:21:e2:f5:4c:ec:fe:d9:33:92:a3:c2:59:
         dc:d7:74:23:b3:46:0f:ca:16:20:aa:0e:21:2a:9a:90:54:50:
         78:db:8f:8a:9e:f9:b7:e1:6b:a1:b6:de:1f:46:99:aa:7b:85:
         aa:3e:6f:0b:7a:55:76:9d:0c:6f:f7:45:36:e8:62:dc:0d:e4:
         ef:76:4a:54:d3:48:8a:a3:79:c2:55:48:01:73:8b:b5:99:4c:
         03:0b:12:24:38:36:f9:c8:bc:fd:db:c7:c1:41:7a:fd:9f:e9:
         89:68:85:a8:7b:dd:db:88:e5:24:ec:c8:ca:56:03:a8:24:f7:
         de:0b:67:50:4e:73:ac:95:47:58:1b:ae:ba:5e:7f:47:3b:db:
         69:93:38:31:17:2e:8d:54:2f:0e:f1:9e:81:0c:17:c2:f8:27:
         2e:c8:26:78:fa:8f:2e:42:d2:ef:32:83:76:ef:1c:97:64:6e:
         89:42:55:d4:1a:88:7e:4f:e0:e4:35:97:a5:9a:7d:5a:f0:b1:
         82:f3:d8:0e:58:ff:ee:dd:ec:92:40:7e:46:55:a3:4b:f9:10:
         a3:7c:12:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxkTY5PJpU7F7+my7+bMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjYwMzAxMTkwMDQ2WhcNMjYwMzAyMTkwMDQ2WjAzMTEwLwYDVQQD
EyhlODRiZTllNDg1ZDQwMjFkNjkxOTA0MzExM2Q2OTY3OWQ0OTJjYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sHH+XOWBESUc+LG+mGcpArOPs8+
k0kuxiFIVclrnpkMbuDRQvdDjrlfDdZRJMFCDUlYadhK7ZehAw9zMLI3oid0jPEs
ggFpKaz0JtkgBODEertb7uvdOwnEBRqvx4xeqI07bBt0+DhUSyNyyjTeBwig7Pvg
BZdCsi6cBJj8MSMuCNK+WlzbQfDyNrXKWi0kFmLmWQzG9FHEDUGR5K36hTdHMpZr
cSlhZMRG6CC7KnEh2fX1+QNcLYefOwFH5PfHgczp2ivCScMF9894Ua2DB96tWJXe
b0rKcl+dyVZaHwvCYlcirIaNGtrf+o+8arrGNK3bgQLHanyZNwGrpBTAhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOhL6eSF1AIdaRkEMRPWlnnUksovMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf2VVlOqd
JeycbXxvHiyEi4v8HvAUxlA42DdFQ+r1xybErKuAawrd9O0cIeL1TOz+2TOSo8JZ
3Nd0I7NGD8oWIKoOISqakFRQeNuPip75t+FrobbeH0aZqnuFqj5vC3pVdp0Mb/dF
Nuhi3A3k73ZKVNNIiqN5wlVIAXOLtZlMAwsSJDg2+ci8/dvHwUF6/Z/piWiFqHvd
24jlJOzIylYDqCT33gtnUE5zrJVHWBuuul5/RzvbaZM4MRcujVQvDvGegQwXwvgn
LsgmePqPLkLS7zKDdu8cl2RuiUJV1BqIfk/g5DWXpZp9WvCxgvPYDlj/7t3skkB+
RlWjS/kQo3wScw==
-----END CERTIFICATE-----