Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
File:                     oGqOPGol1GOfOUWtFszF6Yo6kqY.mft (raw, json)
Hash identifier:          svkLYUW0NieOxQmQMfAAZE7fZEcF62pPUTRZBJl42y8=
Subject key identifier:   D2:DB:35:D3:44:BC:EC:1B:BA:65:92:36:83:49:4D:61:79:17:4A:EF
Authority key identifier: A0:6A:8E:3C:6A:25:D4:63:9F:39:45:AD:16:CC:C5:E9:8A:3A:92:A6
Certificate issuer:       /CN=a06a8e3c6a25d4639f3945ad16ccc5e98a3a92a6
Certificate serial:       019CA97CBBCEF420A4819C4D357E2C0F6813
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 13:00:49 +0000
Manifest this update:     Sun 01 Mar 2026 13:00:49 +0000
Manifest next update:     Mon 02 Mar 2026 13:00:49 +0000
Files and hashes:         1: oGqOPGol1GOfOUWtFszF6Yo6kqY.crl (hash: ngJ7zNv53VGzVYM0WOTjdbMwywp9jL1xRAaXnhuy9Ss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 13:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:7c:bb:ce:f4:20:a4:81:9c:4d:35:7e:2c:0f:68:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a06a8e3c6a25d4639f3945ad16ccc5e98a3a92a6
        Validity
            Not Before: Mar  1 13:00:49 2026 GMT
            Not After : Mar  2 13:00:49 2026 GMT
        Subject: CN=d2db35d344bcec1bba65923683494d6179174aef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:34:86:d6:bd:5b:d9:bc:5d:5e:d0:d9:fc:83:
                    7e:60:6b:d0:56:ec:92:18:7f:3a:7e:c9:62:64:47:
                    06:ba:1d:fe:10:89:15:b7:27:f7:26:a3:a2:9a:0d:
                    c6:0b:0d:e5:96:4d:cc:1a:26:e8:24:c5:f8:34:61:
                    3d:1c:b6:2a:0c:7d:c7:47:ad:9f:75:23:f2:ee:80:
                    00:0b:b0:bc:b3:0c:a5:40:64:2e:8b:c9:3c:fc:a3:
                    fe:29:fa:64:58:d2:7d:99:6d:09:a6:73:c6:fb:52:
                    31:0c:9e:20:e3:f5:0f:d3:dc:41:27:ac:ec:07:fa:
                    07:d7:11:44:2f:c9:87:c5:58:7a:e5:ff:43:19:28:
                    32:23:f4:20:b0:4a:aa:d0:6e:c0:5d:28:78:da:98:
                    54:23:fb:f9:25:11:1f:0f:9e:7e:db:da:23:70:c2:
                    02:b5:ae:b3:3a:6c:b5:62:47:22:21:11:7b:55:14:
                    e4:b4:44:8b:cd:74:2d:54:9d:cf:29:5a:5a:29:56:
                    dd:d4:30:45:dc:15:52:51:8c:0b:23:6e:1d:87:d8:
                    c6:a0:42:7b:9a:13:f6:72:39:fd:f5:3d:b8:78:41:
                    f5:8f:d7:d0:09:f4:fb:4c:83:b6:76:14:60:1f:89:
                    1d:d8:14:e1:e1:a5:8b:e8:97:ac:a1:b2:ea:c0:56:
                    82:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:DB:35:D3:44:BC:EC:1B:BA:65:92:36:83:49:4D:61:79:17:4A:EF
            X509v3 Authority Key Identifier:
                keyid:A0:6A:8E:3C:6A:25:D4:63:9F:39:45:AD:16:CC:C5:E9:8A:3A:92:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGqOPGol1GOfOUWtFszF6Yo6kqY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d24305-c551-450d-b697-9ac2d536f12d/1/oGqOPGol1GOfOUWtFszF6Yo6kqY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:8e:38:7f:e6:c9:7b:3f:b2:fc:41:b0:29:c3:ab:51:32:bc:
         b4:48:0b:96:3b:d7:fe:1e:90:b3:6c:6f:f4:8c:e6:6c:57:c9:
         e3:6f:e6:3b:24:f4:e7:9f:45:00:e4:7e:7c:9a:97:ab:db:c2:
         45:d6:8c:89:6e:3f:ab:6d:1f:eb:90:5b:53:31:d0:41:c3:4f:
         53:79:a9:84:09:c6:a5:cc:8e:17:4d:e7:90:a9:ac:98:00:fd:
         7d:6d:43:a1:16:4c:10:4f:bb:8c:42:2f:5a:ab:45:c7:85:86:
         7a:1a:33:54:49:b8:8c:1b:66:a0:c0:27:68:39:30:0d:cf:21:
         71:e9:a5:18:b3:e8:5d:02:c1:d2:46:32:99:ed:93:15:c0:b5:
         f5:88:93:bb:bd:ef:34:25:6b:73:e6:b8:b9:bd:10:39:51:d2:
         88:5b:23:9e:3c:4e:b5:58:e1:60:a5:56:36:8d:70:8c:26:39:
         6d:e5:dd:af:33:0a:a2:29:b6:74:4b:d2:07:bc:42:81:d2:ee:
         f6:56:bf:c7:4f:55:a2:0c:24:d5:a2:b0:4b:7a:3b:92:1e:57:
         a0:c5:28:33:e6:29:f0:ef:65:22:c5:e8:c1:0d:37:52:0b:45:
         58:5e:6c:c6:44:d6:18:74:b4:9a:e1:bb:3b:1f:2d:43:2d:b7:
         78:7a:2d:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypfLvO9CCkgZxNNX4sD2gTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNmE4ZTNjNmEyNWQ0NjM5ZjM5NDVhZDE2Y2NjNWU5OGEz
YTkyYTYwHhcNMjYwMzAxMTMwMDQ5WhcNMjYwMzAyMTMwMDQ5WjAzMTEwLwYDVQQD
EyhkMmRiMzVkMzQ0YmNlYzFiYmE2NTkyMzY4MzQ5NGQ2MTc5MTc0YWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDSG1r1b2bxdXtDZ/IN+YGvQVuyS
GH86fsliZEcGuh3+EIkVtyf3JqOimg3GCw3llk3MGiboJMX4NGE9HLYqDH3HR62f
dSPy7oAAC7C8swylQGQui8k8/KP+KfpkWNJ9mW0JpnPG+1IxDJ4g4/UP09xBJ6zs
B/oH1xFEL8mHxVh65f9DGSgyI/QgsEqq0G7AXSh42phUI/v5JREfD55+29ojcMIC
ta6zOmy1YkciIRF7VRTktESLzXQtVJ3PKVpaKVbd1DBF3BVSUYwLI24dh9jGoEJ7
mhP2cjn99T24eEH1j9fQCfT7TIO2dhRgH4kd2BTh4aWL6JesobLqwFaCVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLbNdNEvOwbumWSNoNJTWF5F0rvMB8GA1UdIwQY
MBaAFKBqjjxqJdRjnzlFrRbMxemKOpKmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9kMjQzMDUtYzU1MS00NTBkLWI2OTct
OWFjMmQ1MzZmMTJkLzEvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9kMjQzMDUtYzU1MS00NTBkLWI2OTctOWFjMmQ1MzZmMTJk
LzEvb0dxT1BHb2wxR09mT1VXdEZzekY2WW82a3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATI44f+bJ
ez+y/EGwKcOrUTK8tEgLljvX/h6Qs2xv9IzmbFfJ42/mOyT0559FAOR+fJqXq9vC
RdaMiW4/q20f65BbUzHQQcNPU3mphAnGpcyOF03nkKmsmAD9fW1DoRZMEE+7jEIv
WqtFx4WGehozVEm4jBtmoMAnaDkwDc8hcemlGLPoXQLB0kYyme2TFcC19YiTu73v
NCVrc+a4ub0QOVHSiFsjnjxOtVjhYKVWNo1wjCY5beXdrzMKoim2dEvSB7xCgdLu
9la/x09Vogwk1aKwS3o7kh5XoMUoM+Yp8O9lIsXowQ03UgtFWF5sxkTWGHS0muG7
Ox8tQy23eHotwA==
-----END CERTIFICATE-----