Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          EsiF214LXKu/kVR4L/OYVU07NL1TsGL+IBDJZJTNQeM=
Subject key identifier:   3D:64:1D:9B:95:0B:34:09:1E:B1:15:4E:26:F7:A5:4E:A3:C4:A9:F4
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       019D98F422A4338426E04A19D65CB21DEEB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          101B
Signing time:             Fri 17 Apr 2026 01:00:29 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:29 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:29 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: IgEIs+r0NptxYfxqZYxhDmIt1UEtv29E1vpnqgYFzVI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:22:a4:33:84:26:e0:4a:19:d6:5c:b2:1d:ee:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Apr 17 01:00:29 2026 GMT
            Not After : Apr 18 01:00:29 2026 GMT
        Subject: CN=3d641d9b950b34091eb1154e26f7a54ea3c4a9f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a2:11:24:ee:a3:f1:52:86:d7:b7:2b:14:89:
                    34:ac:53:8c:61:36:e1:62:f1:25:b0:56:c4:51:2c:
                    a9:8f:49:bb:94:82:66:f9:89:23:26:10:53:80:3b:
                    37:be:93:d4:c7:69:94:71:65:80:9f:a9:c9:ae:1d:
                    00:b9:a3:02:fd:09:93:ef:1f:60:d6:f1:e5:64:ce:
                    7f:ba:c5:e8:9e:c9:e8:88:6e:37:2e:33:f9:93:1e:
                    58:f4:cb:35:d0:53:05:09:3b:11:28:83:69:1e:02:
                    ea:1b:43:86:f5:fb:72:63:8c:c8:73:91:85:75:cf:
                    c9:2d:38:e8:87:ed:ac:66:9f:56:b1:b1:09:2f:12:
                    c1:b0:c0:06:d8:e1:2e:43:fe:d7:97:82:3e:09:74:
                    cf:08:f0:ee:10:5e:e6:32:b7:dd:94:c8:4e:c9:78:
                    54:e5:0f:f5:58:39:59:27:a1:bc:a2:e0:39:92:b6:
                    80:3c:9e:b0:38:31:5b:0d:8a:4b:2f:d0:7c:8d:3e:
                    75:ba:27:97:90:ed:fd:5d:af:f9:fc:a6:36:e3:a0:
                    a9:47:04:76:99:a3:19:51:61:3a:e0:e8:cf:07:55:
                    a8:52:26:2b:8d:f5:00:c3:f1:22:ce:82:88:7a:07:
                    8e:ef:fe:95:d3:62:78:12:a6:2a:b0:d6:77:c1:b6:
                    5b:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:64:1D:9B:95:0B:34:09:1E:B1:15:4E:26:F7:A5:4E:A3:C4:A9:F4
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ed:f9:fa:93:4a:14:ce:ce:f2:6d:30:98:df:0a:3c:f1:63:
         ed:38:e2:b8:28:63:1b:f0:32:d2:cd:b6:54:5a:6f:d0:24:73:
         b6:f9:6a:08:ff:03:91:2a:cb:20:47:83:3b:d1:ab:40:f9:b7:
         60:e3:e0:68:d8:12:80:57:5b:b3:d3:be:b4:c6:fd:a2:69:ef:
         ec:e2:c4:b9:5d:b2:e7:df:36:48:56:4e:a4:e5:8a:4c:4a:91:
         2b:cc:d5:a3:ae:63:ce:e6:ee:f5:90:80:a7:aa:ce:dd:87:63:
         56:4b:3a:7b:a7:42:e6:98:4c:2c:b0:ca:f3:bf:57:13:8d:2c:
         dd:e8:3f:ab:92:2e:da:2c:00:9a:b2:7c:5f:78:71:06:7a:ae:
         aa:95:b7:4a:13:80:84:04:a2:8c:9a:0f:63:7f:91:5c:e4:90:
         86:e2:47:76:22:a1:0b:69:e0:70:f9:b2:d4:a6:43:1d:27:e7:
         65:00:d5:03:1a:51:44:c3:96:47:6d:c2:cc:f3:f3:d4:54:12:
         3d:fe:c4:5c:8c:cb:67:af:72:d9:6d:fb:f1:0b:1f:14:1a:6d:
         f1:49:2a:93:81:cd:bc:d0:4c:89:71:41:79:9a:49:01:d0:2b:
         e3:61:63:4c:a4:2a:40:36:7e:0d:47:b1:37:d8:9f:d5:bb:6c:
         fe:35:20:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9CKkM4Qm4EoZ1lyyHe6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjYwNDE3MDEwMDI5WhcNMjYwNDE4MDEwMDI5WjAzMTEwLwYDVQQD
EygzZDY0MWQ5Yjk1MGIzNDA5MWViMTE1NGUyNmY3YTU0ZWEzYzRhOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqIRJO6j8VKG17crFIk0rFOMYTbh
YvElsFbEUSypj0m7lIJm+YkjJhBTgDs3vpPUx2mUcWWAn6nJrh0AuaMC/QmT7x9g
1vHlZM5/usXonsnoiG43LjP5kx5Y9Ms10FMFCTsRKINpHgLqG0OG9ftyY4zIc5GF
dc/JLTjoh+2sZp9WsbEJLxLBsMAG2OEuQ/7Xl4I+CXTPCPDuEF7mMrfdlMhOyXhU
5Q/1WDlZJ6G8ouA5kraAPJ6wODFbDYpLL9B8jT51uieXkO39Xa/5/KY246CpRwR2
maMZUWE64OjPB1WoUiYrjfUAw/EizoKIegeO7/6V02J4EqYqsNZ3wbZbAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1kHZuVCzQJHrEVTib3pU6jxKn0MB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMO35+pNK
FM7O8m0wmN8KPPFj7TjiuChjG/Ay0s22VFpv0CRztvlqCP8DkSrLIEeDO9GrQPm3
YOPgaNgSgFdbs9O+tMb9omnv7OLEuV2y5982SFZOpOWKTEqRK8zVo65jzubu9ZCA
p6rO3YdjVks6e6dC5phMLLDK879XE40s3eg/q5Iu2iwAmrJ8X3hxBnquqpW3ShOA
hASijJoPY3+RXOSQhuJHdiKhC2ngcPmy1KZDHSfnZQDVAxpRRMOWR23CzPPz1FQS
Pf7EXIzLZ69y2W378QsfFBpt8Ukqk4HNvNBMiXFBeZpJAdAr42FjTKQqQDZ+DUex
N9if1bts/jUgxQ==
-----END CERTIFICATE-----