Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
File:                     aesKgBz9tLWANaXQdaKQSy6qX5E.mft (raw, json)
Hash identifier:          66m12m0KhhcAJb1baL9fVZX4oW/Eg8m77kIRODOmgTg=
Subject key identifier:   A0:F9:61:2B:50:0D:1B:6C:65:D6:E5:BE:69:6F:2B:6A:1B:A7:C8:8C
Authority key identifier: 69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91
Certificate issuer:       /CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
Certificate serial:       019D3865738EDF1E67AC0B256F3942004F44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:05 +0000
Files and hashes:         1: aesKgBz9tLWANaXQdaKQSy6qX5E.crl (hash: aO+2lrqfNrXWzbsSxN42+qh0LdhPWlanXSQvG2KrjMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:73:8e:df:1e:67:ac:0b:25:6f:39:42:00:4f:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
        Validity
            Not Before: Mar 29 07:01:05 2026 GMT
            Not After : Mar 30 07:01:05 2026 GMT
        Subject: CN=a0f9612b500d1b6c65d6e5be696f2b6a1ba7c88c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:cb:5a:d9:e0:03:f3:a8:3a:f7:ce:da:03:4f:
                    3e:8a:74:69:3b:68:32:db:a6:19:86:71:4e:73:36:
                    1d:61:9a:fd:be:c7:6b:37:86:60:7f:18:2c:2e:95:
                    cb:db:e6:df:ae:71:c8:7e:2f:f0:ec:02:c4:64:c8:
                    59:d6:1b:a6:c9:b3:c2:6a:e0:15:5d:68:41:0d:cf:
                    92:d1:74:25:ca:83:c9:ba:15:93:45:3a:5a:41:6c:
                    28:86:76:87:08:c2:6d:dd:04:65:87:58:41:b1:d5:
                    29:a8:1b:d6:b5:68:26:0c:9c:92:51:69:59:ea:96:
                    da:29:d4:c4:8c:6f:2d:07:15:25:77:55:48:47:43:
                    59:8f:59:4d:a3:2f:b8:5c:eb:f9:5e:09:00:b1:f7:
                    4a:4d:83:31:c8:4e:72:aa:a2:39:51:b2:53:c3:57:
                    8d:f8:4b:d1:ed:a7:95:4a:b2:e5:54:bb:80:e2:83:
                    33:f1:3d:e5:58:d4:49:f7:fd:36:07:a8:3e:29:0a:
                    a8:70:74:ab:cf:f6:e5:04:a8:8f:51:05:51:5d:7e:
                    e2:6d:f0:66:fc:37:66:70:af:f8:fc:98:97:77:6f:
                    44:c7:f8:97:1f:f9:7d:72:a9:60:93:3a:73:34:c8:
                    89:05:a1:a8:a7:bd:60:2f:31:7a:29:e2:c0:40:09:
                    5e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F9:61:2B:50:0D:1B:6C:65:D6:E5:BE:69:6F:2B:6A:1B:A7:C8:8C
            X509v3 Authority Key Identifier:
                keyid:69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:c4:7b:3d:2e:57:17:f2:a4:19:70:fb:f2:26:ad:b6:6d:68:
         e4:23:49:71:65:8d:58:6c:d3:6b:7f:bb:e2:74:d9:8a:87:c2:
         8e:66:e8:e1:64:2d:9a:a8:2f:8a:56:fa:33:03:83:82:20:78:
         57:fe:26:21:73:70:ca:06:0b:90:03:77:53:3e:d4:96:00:54:
         b7:ad:87:8f:22:95:74:48:28:a5:ef:88:0b:79:da:f6:d0:a2:
         3d:f6:d5:bd:95:d6:07:50:9c:4f:f6:10:49:23:d8:3e:98:0d:
         b1:6e:84:9f:77:51:80:2b:89:6e:24:68:c7:84:5a:22:1a:bd:
         cc:5b:0e:e3:aa:42:2c:25:bc:f3:fa:65:bb:5a:cc:54:78:58:
         c5:4f:46:a8:eb:5d:af:8a:5d:f3:f3:be:b3:93:48:dd:d9:ab:
         f4:3f:eb:11:41:3a:56:9a:90:62:82:0c:e1:f1:80:9e:f0:89:
         3a:8f:45:78:be:db:06:fc:2b:68:7b:17:af:43:94:45:ac:04:
         a6:89:57:78:6d:b7:46:31:af:eb:4e:ec:6d:0d:d4:e6:bd:5e:
         a3:65:77:9a:29:d8:3c:44:5c:95:47:5b:ad:85:9f:d3:0e:eb:
         b3:c4:04:93:40:0e:ea:17:48:d8:eb:d7:72:07:e3:37:69:25:
         13:24:51:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXOO3x5nrAslbzlCAE9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwYTgwMWNmZGI0YjU4MDM1YTVkMDc1YTI5MDRiMmVh
YTVmOTEwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
EyhhMGY5NjEyYjUwMGQxYjZjNjVkNmU1YmU2OTZmMmI2YTFiYTdjODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMta2eAD86g6987aA08+inRpO2gy
26YZhnFOczYdYZr9vsdrN4ZgfxgsLpXL2+bfrnHIfi/w7ALEZMhZ1humybPCauAV
XWhBDc+S0XQlyoPJuhWTRTpaQWwohnaHCMJt3QRlh1hBsdUpqBvWtWgmDJySUWlZ
6pbaKdTEjG8tBxUld1VIR0NZj1lNoy+4XOv5XgkAsfdKTYMxyE5yqqI5UbJTw1eN
+EvR7aeVSrLlVLuA4oMz8T3lWNRJ9/02B6g+KQqocHSrz/blBKiPUQVRXX7ibfBm
/DdmcK/4/JiXd29Ex/iXH/l9cqlgkzpzNMiJBaGop71gLzF6KeLAQAle0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD5YStQDRtsZdblvmlvK2obp8iMMB8GA1UdIwQY
MBaAFGnrCoAc/bS1gDWl0HWikEsuql+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzkt
MDBmNTZmNDcyMWMyLzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzktMDBmNTZmNDcyMWMy
LzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACcR7PS5X
F/KkGXD78iattm1o5CNJcWWNWGzTa3+74nTZiofCjmbo4WQtmqgvilb6MwODgiB4
V/4mIXNwygYLkAN3Uz7UlgBUt62HjyKVdEgope+IC3na9tCiPfbVvZXWB1CcT/YQ
SSPYPpgNsW6En3dRgCuJbiRox4RaIhq9zFsO46pCLCW88/plu1rMVHhYxU9GqOtd
r4pd8/O+s5NI3dmr9D/rEUE6VpqQYoIM4fGAnvCJOo9FeL7bBvwraHsXr0OURawE
polXeG23RjGv607sbQ3U5r1eo2V3minYPERclUdbrYWf0w7rs8QEk0AO6hdI2OvX
cgfjN2klEyRRaA==
-----END CERTIFICATE-----