Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          UYJ2Kq50yvUj1Y8GbH4psgK6bRZVJYI1THlr76hxEx0=
Subject key identifier:   00:17:1F:F8:38:7F:A3:BB:6E:6F:50:A0:DA:6A:C8:6C:7D:A2:74:04
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       019CAC46D668649F1A4713A010C443611FF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          07C2
Signing time:             Mon 02 Mar 2026 02:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:49 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: yeT60yflA1UXLNEv1w7fojXjg8POlJbnuMrzbAxIpDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:d6:68:64:9f:1a:47:13:a0:10:c4:43:61:1f:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Mar  2 02:00:49 2026 GMT
            Not After : Mar  3 02:00:49 2026 GMT
        Subject: CN=00171ff8387fa3bb6e6f50a0da6ac86c7da27404
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a9:de:ce:2b:35:91:3c:f1:77:19:2e:00:37:
                    57:ae:d2:42:1c:1d:e5:ae:7f:72:45:4f:3f:95:c5:
                    65:24:c2:ad:91:fa:d2:4d:dc:d8:55:81:6e:29:aa:
                    76:6e:e9:2a:bc:8a:fc:f5:0f:8c:66:48:eb:5b:c5:
                    20:a4:e6:17:07:cc:c1:77:e0:51:ff:2f:f7:0d:3c:
                    1a:03:3a:b7:1e:3b:7f:0f:3c:4b:dd:bc:b7:86:ea:
                    67:39:41:c2:ce:83:3d:c6:13:be:f7:7f:77:e8:75:
                    c2:da:23:0c:eb:bb:bc:a8:7a:b7:1b:0e:2e:dd:01:
                    d6:e9:c3:25:b0:eb:3a:95:ab:cc:3d:16:40:b6:0d:
                    c2:0c:a1:4b:03:bb:17:fd:f3:a7:0c:39:ce:bc:e4:
                    04:1d:2e:e0:92:de:fe:74:86:55:30:6c:c7:e3:07:
                    fc:ba:aa:2f:5c:ef:76:d1:fb:e8:e8:f6:1e:99:80:
                    a1:0a:94:9b:ed:4f:39:38:e7:4b:80:bf:05:93:3c:
                    45:99:ce:82:91:a9:42:9d:82:3e:58:c3:02:14:3c:
                    55:22:01:bb:6d:a3:5f:a3:50:61:ea:9c:6f:6c:51:
                    5e:89:c4:8c:81:b3:c1:76:7a:17:d5:cb:a4:d6:ee:
                    33:c7:b6:91:9e:dd:85:eb:eb:eb:ca:b3:5b:ee:c3:
                    38:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:17:1F:F8:38:7F:A3:BB:6E:6F:50:A0:DA:6A:C8:6C:7D:A2:74:04
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:c2:a4:5e:5f:a7:5f:e5:c6:c9:91:bb:64:ef:a6:be:38:36:
         41:47:b8:d9:a0:87:bb:96:c6:27:e2:39:41:d6:f4:3b:ef:dd:
         87:8a:2d:f3:b2:56:35:1c:82:75:23:91:0f:36:b6:a6:ab:d8:
         19:d5:a3:4c:3c:5c:53:5b:65:96:e0:0b:7d:9c:b9:1f:8e:08:
         23:02:c6:5d:71:b2:74:f3:dd:4a:b2:c8:ac:6e:bb:40:26:17:
         27:97:97:b9:4f:99:0a:12:9d:05:28:59:66:3f:37:96:d4:76:
         84:ea:13:02:c1:fd:c7:07:7b:08:58:7e:76:eb:98:e4:81:1b:
         17:0a:11:14:4a:c9:b7:4d:38:e8:93:47:87:42:79:bf:00:8f:
         30:cb:7f:d4:ba:e7:dc:7d:26:80:7b:b1:9c:ef:d4:1f:f1:3d:
         d7:f3:80:07:28:c5:e1:28:6b:5b:4d:a7:02:73:25:a8:d6:87:
         28:f8:0b:23:aa:28:31:84:c4:80:eb:0d:3d:37:c3:f2:b0:05:
         e6:b8:e1:b8:e0:c5:8e:8f:7e:74:ae:11:5a:f9:16:87:fb:e5:
         c7:ca:9f:13:0c:f3:7e:6e:be:9b:d9:2e:06:19:1e:14:85:6d:
         a1:10:60:aa:c4:2c:91:ec:08:8e:18:cc:7d:30:97:6e:51:85:
         58:a4:b6:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRtZoZJ8aRxOgEMRDYR/zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjYwMzAyMDIwMDQ5WhcNMjYwMzAzMDIwMDQ5WjAzMTEwLwYDVQQD
EygwMDE3MWZmODM4N2ZhM2JiNmU2ZjUwYTBkYTZhYzg2YzdkYTI3NDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKnezis1kTzxdxkuADdXrtJCHB3l
rn9yRU8/lcVlJMKtkfrSTdzYVYFuKap2bukqvIr89Q+MZkjrW8UgpOYXB8zBd+BR
/y/3DTwaAzq3Hjt/DzxL3by3hupnOUHCzoM9xhO+93936HXC2iMM67u8qHq3Gw4u
3QHW6cMlsOs6lavMPRZAtg3CDKFLA7sX/fOnDDnOvOQEHS7gkt7+dIZVMGzH4wf8
uqovXO920fvo6PYemYChCpSb7U85OOdLgL8FkzxFmc6CkalCnYI+WMMCFDxVIgG7
baNfo1Bh6pxvbFFeicSMgbPBdnoX1cuk1u4zx7aRnt2F6+vryrNb7sM4uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAAXH/g4f6O7bm9QoNpqyGx9onQEMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkcKkXl+n
X+XGyZG7ZO+mvjg2QUe42aCHu5bGJ+I5Qdb0O+/dh4ot87JWNRyCdSORDza2pqvY
GdWjTDxcU1tlluALfZy5H44IIwLGXXGydPPdSrLIrG67QCYXJ5eXuU+ZChKdBShZ
Zj83ltR2hOoTAsH9xwd7CFh+duuY5IEbFwoRFErJt0046JNHh0J5vwCPMMt/1Lrn
3H0mgHuxnO/UH/E91/OAByjF4ShrW02nAnMlqNaHKPgLI6ooMYTEgOsNPTfD8rAF
5rjhuODFjo9+dK4RWvkWh/vlx8qfEwzzfm6+m9kuBhkeFIVtoRBgqsQskewIjhjM
fTCXblGFWKS2cw==
-----END CERTIFICATE-----