Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          Tk3h5SqZ1XAT4fVn3zwQ4fDgEv2LBJyfiPphndT/LCQ=
Subject key identifier:   70:53:94:62:38:3F:09:5A:33:E6:35:25:16:C9:1B:8F:38:1F:C0:C5
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       019D984FDFAC62CBB97CC31211D93AA87197
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0CD0
Signing time:             Thu 16 Apr 2026 22:01:04 +0000
Manifest this update:     Thu 16 Apr 2026 22:01:04 +0000
Manifest next update:     Fri 17 Apr 2026 22:01:04 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: OmdnjW/V6X4ZtZvW3ZxqiIwF3AmYL1UGG0WPNoJqgbk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:4f:df:ac:62:cb:b9:7c:c3:12:11:d9:3a:a8:71:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Apr 16 22:01:04 2026 GMT
            Not After : Apr 17 22:01:04 2026 GMT
        Subject: CN=70539462383f095a33e6352516c91b8f381fc0c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e0:03:34:92:cc:89:bf:f9:88:bc:09:55:85:
                    da:34:56:a3:ce:5b:b1:39:04:c1:fe:e2:c4:4d:ab:
                    dc:3d:59:4a:0e:5d:ba:6b:72:32:08:e5:53:b6:46:
                    84:34:f8:23:f2:40:7d:bf:6b:02:72:bb:0e:cb:db:
                    81:cd:f6:ab:56:ce:73:47:01:01:89:35:aa:48:61:
                    27:d2:af:e6:a5:f3:46:67:25:fc:ba:66:23:43:ef:
                    ec:b4:53:50:26:0c:25:49:21:57:dc:0c:3c:a1:2b:
                    ed:68:f4:e5:bc:d3:7c:02:8b:ab:8b:82:4a:22:c4:
                    ff:cf:8a:9c:e9:87:29:07:38:b2:8d:c0:e6:5c:38:
                    51:d4:cc:4e:16:28:f3:d1:8c:67:d9:38:d1:44:3e:
                    55:0f:00:7e:e3:b0:08:20:85:0d:0e:8a:07:f1:2f:
                    33:83:43:e9:36:fc:cf:3f:bb:d7:5c:3f:83:7a:8d:
                    54:5f:ce:ef:9f:a8:da:72:81:ed:9c:1b:fe:65:32:
                    17:a7:fa:71:5d:7f:9b:b2:67:62:9d:ba:70:a2:c7:
                    36:fa:ea:1e:b5:78:df:9d:c2:df:c3:44:a8:58:6a:
                    05:5a:d9:af:9a:2d:30:d6:4d:8b:c8:c7:e9:99:bb:
                    1e:5f:56:15:1f:b4:6d:4a:ce:00:f7:80:0d:0b:2e:
                    49:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:53:94:62:38:3F:09:5A:33:E6:35:25:16:C9:1B:8F:38:1F:C0:C5
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:44:bb:bb:2c:0b:a7:5e:ef:61:17:e5:4e:59:eb:b2:29:60:
         1e:de:12:01:7f:a0:11:c0:67:d9:46:f8:84:46:81:76:30:75:
         49:ad:c8:36:88:b5:4c:f5:6e:73:8c:77:aa:93:6f:1e:1d:8a:
         93:9a:33:fd:fa:86:40:f6:00:08:e7:84:d0:43:6d:66:63:1f:
         0c:b8:65:26:0e:54:f7:ce:84:aa:10:00:9b:03:c2:e4:65:bd:
         94:71:10:6b:ba:71:37:ff:d4:22:8a:a7:2a:b2:bb:ec:6f:f5:
         1c:8b:ec:bc:64:b0:59:4f:05:8c:f5:4a:09:21:cc:7f:00:db:
         91:99:9b:0a:ce:54:90:f5:f9:be:60:ad:99:aa:b4:71:db:22:
         3a:f5:4a:7b:05:dd:78:cc:fc:7e:6e:16:1c:a7:b9:4d:85:62:
         f4:d1:d9:56:a4:ac:f8:6d:7a:bc:42:d3:27:c4:7d:5c:e2:7d:
         16:86:c3:43:1b:a8:5e:64:e6:58:66:f8:b0:ce:19:4f:16:4b:
         fd:67:b5:3e:db:57:b2:a3:e0:06:04:a6:f2:9c:ba:cd:e4:1e:
         23:a9:27:d8:a6:96:df:df:62:5c:2e:a0:3a:bd:23:45:80:c1:
         1a:fb:fe:2e:f8:69:71:37:bf:1c:82:e3:44:df:c2:2a:97:81:
         e4:a7:38:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YT9+sYsu5fMMSEdk6qHGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjYwNDE2MjIwMTA0WhcNMjYwNDE3MjIwMTA0WjAzMTEwLwYDVQQD
Eyg3MDUzOTQ2MjM4M2YwOTVhMzNlNjM1MjUxNmM5MWI4ZjM4MWZjMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOADNJLMib/5iLwJVYXaNFajzlux
OQTB/uLETavcPVlKDl26a3IyCOVTtkaENPgj8kB9v2sCcrsOy9uBzfarVs5zRwEB
iTWqSGEn0q/mpfNGZyX8umYjQ+/stFNQJgwlSSFX3Aw8oSvtaPTlvNN8Aouri4JK
IsT/z4qc6YcpBziyjcDmXDhR1MxOFijz0Yxn2TjRRD5VDwB+47AIIIUNDooH8S8z
g0PpNvzPP7vXXD+Deo1UX87vn6jacoHtnBv+ZTIXp/pxXX+bsmdinbpwosc2+uoe
tXjfncLfw0SoWGoFWtmvmi0w1k2LyMfpmbseX1YVH7RtSs4A94ANCy5J1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBTlGI4PwlaM+Y1JRbJG484H8DFMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA0S7uywL
p17vYRflTlnrsilgHt4SAX+gEcBn2Ub4hEaBdjB1Sa3INoi1TPVuc4x3qpNvHh2K
k5oz/fqGQPYACOeE0ENtZmMfDLhlJg5U986EqhAAmwPC5GW9lHEQa7pxN//UIoqn
KrK77G/1HIvsvGSwWU8FjPVKCSHMfwDbkZmbCs5UkPX5vmCtmaq0cdsiOvVKewXd
eMz8fm4WHKe5TYVi9NHZVqSs+G16vELTJ8R9XOJ9FobDQxuoXmTmWGb4sM4ZTxZL
/We1PttXsqPgBgSm8py6zeQeI6kn2KaW399iXC6gOr0jRYDBGvv+LvhpcTe/HILj
RN/CKpeB5Kc4ZQ==
-----END CERTIFICATE-----