Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
File:                     _OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft (raw, json)
Hash identifier:          LWCNs7yFKIMLFT5NIUdiKloNg7zR7ROKbPyF8uF00Sk=
Subject key identifier:   63:22:73:9A:B5:89:20:8A:EC:E3:97:3A:E0:41:AE:07:53:E4:9B:A4
Authority key identifier: FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1
Certificate issuer:       /CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
Certificate serial:       019CAB6BB7E7DD0A443DD3CF66509697256E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
Manifest number:          11C0
Signing time:             Sun 01 Mar 2026 22:01:29 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:29 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:29 +0000
Files and hashes:         1: _OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl (hash: DP3a4BgPsvW6mKbU0uLTu1M6w7sm/QThd2OxSJCGjtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:b7:e7:dd:0a:44:3d:d3:cf:66:50:96:97:25:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fce27d64a4ce95e08311afaff43e66d073fb21d1
        Validity
            Not Before: Mar  1 22:01:29 2026 GMT
            Not After : Mar  2 22:01:29 2026 GMT
        Subject: CN=6322739ab589208aece3973ae041ae0753e49ba4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8b:ea:9f:48:23:ed:82:4d:e7:e2:d8:3e:7d:
                    0b:d6:42:59:b9:38:ac:66:eb:2b:00:8c:11:f9:fa:
                    a8:c5:2b:00:76:0f:89:a1:14:96:94:7c:91:6d:72:
                    2f:d8:8b:db:e2:1e:38:58:e1:4d:5f:8f:71:bc:ae:
                    ab:96:8d:c1:56:7f:bb:86:08:aa:f9:f5:01:c4:76:
                    90:51:b7:a4:cc:5e:b8:19:09:a7:aa:a0:3a:1a:24:
                    bd:07:a5:e8:3a:a6:4d:23:dc:0a:83:a0:d7:7c:f1:
                    58:b8:05:70:51:cf:b9:61:9c:a0:2a:95:ff:44:cd:
                    8b:a8:4d:61:6b:9f:f1:32:82:8b:44:53:7f:d2:b9:
                    89:00:f5:7e:67:95:f8:de:d3:f9:c3:32:f7:01:97:
                    ea:04:15:17:d4:45:6a:54:18:f5:be:d5:25:b0:ae:
                    16:a9:70:25:44:75:7a:dd:66:78:83:6f:ed:b4:7d:
                    b6:bd:8c:2e:5b:70:87:d6:34:bb:1d:1c:67:58:24:
                    b2:3f:2f:0f:bf:c2:a8:11:37:15:e5:e9:c1:e9:7a:
                    13:bf:b2:d7:b4:29:d6:f8:7a:11:9d:83:11:c1:6f:
                    1b:05:92:e6:69:41:c3:8c:4a:41:3c:3e:b4:69:6e:
                    da:2f:5b:98:f6:6b:ec:cc:50:7b:01:aa:db:c7:f7:
                    13:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:22:73:9A:B5:89:20:8A:EC:E3:97:3A:E0:41:AE:07:53:E4:9B:A4
            X509v3 Authority Key Identifier:
                keyid:FC:E2:7D:64:A4:CE:95:E0:83:11:AF:AF:F4:3E:66:D0:73:FB:21:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/37dce6-ffe5-476b-808a-0014bc855bf4/1/_OJ9ZKTOleCDEa-v9D5m0HP7IdE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:a8:a5:ed:ed:4e:29:09:ac:fa:aa:cb:b4:94:45:7f:2c:bb:
         e5:0e:c6:81:9a:f6:a0:a1:f5:2c:b0:4d:fb:6e:ba:8e:5a:02:
         2a:90:fc:60:61:74:9f:eb:c4:71:97:2c:72:ea:be:2a:a7:20:
         fa:bc:d3:e5:a9:82:cc:c5:3c:8d:34:9a:1c:42:b3:80:fc:f3:
         11:3a:f0:b2:59:c8:72:02:62:40:14:14:c2:74:60:5f:85:67:
         42:bd:b5:cc:ee:07:d1:5b:42:54:fd:85:1d:1b:e3:e6:47:12:
         33:13:40:c7:29:ec:38:2e:fe:57:04:ca:95:b0:e4:7b:6a:54:
         ab:03:ba:55:b2:3e:e7:2f:3c:ca:e9:a9:e0:0b:a3:1e:34:ec:
         62:d1:73:b8:4e:cd:db:51:f8:c9:95:e2:2c:47:1b:c7:a4:3d:
         6d:96:1a:b6:bf:84:bd:00:9d:58:73:86:d5:2a:8a:a5:64:5a:
         09:e1:56:07:45:9a:1a:4b:3d:fc:77:8c:3f:d6:8e:41:a7:c3:
         3e:42:32:4a:14:05:48:01:20:5f:b9:18:e6:09:73:9f:a1:40:
         db:99:3a:7c:30:b2:6b:b4:73:48:2f:f8:48:b3:11:cc:74:2b:
         06:9b:35:c5:45:da:e4:c2:da:1c:ce:e6:b0:0c:8f:dd:b1:b1:
         da:3e:61:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra7fn3QpEPdPPZlCWlyVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTI3ZDY0YTRjZTk1ZTA4MzExYWZhZmY0M2U2NmQwNzNm
YjIxZDEwHhcNMjYwMzAxMjIwMTI5WhcNMjYwMzAyMjIwMTI5WjAzMTEwLwYDVQQD
Eyg2MzIyNzM5YWI1ODkyMDhhZWNlMzk3M2FlMDQxYWUwNzUzZTQ5YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIvqn0gj7YJN5+LYPn0L1kJZuTis
ZusrAIwR+fqoxSsAdg+JoRSWlHyRbXIv2Ivb4h44WOFNX49xvK6rlo3BVn+7hgiq
+fUBxHaQUbekzF64GQmnqqA6GiS9B6XoOqZNI9wKg6DXfPFYuAVwUc+5YZygKpX/
RM2LqE1ha5/xMoKLRFN/0rmJAPV+Z5X43tP5wzL3AZfqBBUX1EVqVBj1vtUlsK4W
qXAlRHV63WZ4g2/ttH22vYwuW3CH1jS7HRxnWCSyPy8Pv8KoETcV5enB6XoTv7LX
tCnW+HoRnYMRwW8bBZLmaUHDjEpBPD60aW7aL1uY9mvszFB7Aarbx/cTEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMic5q1iSCK7OOXOuBBrgdT5JukMB8GA1UdIwQY
MBaAFPzifWSkzpXggxGvr/Q+ZtBz+yHRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEt
MDAxNGJjODU1YmY0LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zN2RjZTYtZmZlNS00NzZiLTgwOGEtMDAxNGJjODU1YmY0
LzEvX09KOVpLVE9sZUNERWEtdjlENW0wSFA3SWRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuqil7e1O
KQms+qrLtJRFfyy75Q7GgZr2oKH1LLBN+266jloCKpD8YGF0n+vEcZcscuq+Kqcg
+rzT5amCzMU8jTSaHEKzgPzzETrwslnIcgJiQBQUwnRgX4VnQr21zO4H0VtCVP2F
HRvj5kcSMxNAxynsOC7+VwTKlbDke2pUqwO6VbI+5y88yump4AujHjTsYtFzuE7N
21H4yZXiLEcbx6Q9bZYatr+EvQCdWHOG1SqKpWRaCeFWB0WaGks9/HeMP9aOQafD
PkIyShQFSAEgX7kY5glzn6FA25k6fDCya7RzSC/4SLMRzHQrBps1xUXa5MLaHM7m
sAyP3bGx2j5h2w==
-----END CERTIFICATE-----