Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
File:                     xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft (raw, json)
Hash identifier:          C3DW2SCCBS1n/KjXxdg2E8DvFyByXAZSTIrKMOV1r3c=
Subject key identifier:   FF:5D:90:D4:4B:87:5A:8B:18:E7:1F:3B:2F:15:E9:C3:72:49:CA:E9
Authority key identifier: C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0
Certificate issuer:       /CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
Certificate serial:       019D38664FAEB36A2C271FD82E36CA9A84DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:02:02 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:02 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:02 +0000
Files and hashes:         1: xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl (hash: F0nD82sCzBHXlPWHB4rO5Si8gV30n6nt+e1ff/+hujI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:4f:ae:b3:6a:2c:27:1f:d8:2e:36:ca:9a:84:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5d18e1a1dc6558c4dba731efa32769c45f54ba0
        Validity
            Not Before: Mar 29 07:02:02 2026 GMT
            Not After : Mar 30 07:02:02 2026 GMT
        Subject: CN=ff5d90d44b875a8b18e71f3b2f15e9c37249cae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:60:eb:8a:69:bd:70:1e:06:5b:38:8f:00:6d:
                    7e:12:b6:ba:9c:8f:31:d7:60:ff:2f:01:58:24:b0:
                    e0:a8:ad:72:e3:2f:82:c4:db:03:a6:b4:72:96:ee:
                    61:55:1b:c9:b5:8a:b8:1a:57:f4:f6:73:95:4d:15:
                    21:9a:e3:50:1b:06:8b:bf:9f:fe:34:3d:a7:87:83:
                    d6:7d:a4:be:be:a4:87:cb:d7:26:b1:bf:98:1a:22:
                    73:73:75:8e:07:ab:5c:65:fc:58:41:0a:3c:74:95:
                    8a:88:02:52:59:cf:dd:c0:5b:21:43:b8:9b:ea:a3:
                    69:82:8e:52:c8:dc:63:35:8e:82:52:7d:4a:3f:a3:
                    c0:ff:d8:b5:71:76:9e:fd:e3:d0:82:6a:f0:c1:2d:
                    69:4e:ce:d8:a3:72:41:d0:eb:6d:e0:94:54:1f:37:
                    07:55:b1:49:4f:81:8f:15:dc:5e:fd:54:56:d8:c3:
                    5c:0e:9d:61:10:e2:83:0e:9e:7a:35:21:71:80:18:
                    da:d4:27:88:84:ed:4e:58:73:e4:d8:cb:e1:ad:62:
                    99:92:31:6e:d1:94:42:10:f3:44:ab:e3:c0:5c:a4:
                    38:a6:84:31:92:5e:ea:1a:aa:a4:bd:e1:01:06:e3:
                    f7:56:f5:c6:eb:a6:09:0a:3d:e8:44:d2:cd:72:de:
                    9e:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:5D:90:D4:4B:87:5A:8B:18:E7:1F:3B:2F:15:E9:C3:72:49:CA:E9
            X509v3 Authority Key Identifier:
                keyid:C5:D1:8E:1A:1D:C6:55:8C:4D:BA:73:1E:FA:32:76:9C:45:F5:4B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xdGOGh3GVYxNunMe-jJ2nEX1S6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/6f6b07-2e45-410f-9318-1cbe661a63ff/1/xdGOGh3GVYxNunMe-jJ2nEX1S6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:41:0d:e2:ef:cc:0e:67:e5:9c:91:98:32:94:44:4e:e1:c2:
         6d:a6:1b:37:86:f3:32:ce:0b:0b:7d:81:86:6c:e5:c3:df:20:
         8c:30:48:cf:2f:63:5f:46:10:74:6a:c8:d7:f8:98:1a:58:c9:
         71:99:90:76:57:0a:97:71:02:09:ef:22:ef:90:5c:bd:30:5e:
         4f:46:2d:c5:06:c6:a4:51:e2:df:dd:bc:db:f7:07:5c:9a:bc:
         74:f3:68:6d:0e:50:40:07:42:9a:30:d5:e6:d7:33:74:cc:f1:
         54:02:4a:00:7f:d5:71:f6:14:9d:24:64:29:05:f9:2c:70:67:
         ae:56:d2:c6:0b:3d:ac:03:bc:f5:3a:91:1b:22:6d:6e:fa:78:
         26:4c:42:1c:08:a8:8d:7f:50:06:ac:cf:3a:f9:e3:86:fc:4c:
         bf:ee:e4:92:cb:2b:fd:f4:1b:2f:4b:97:d2:03:09:3c:43:48:
         f3:c8:58:22:ec:82:8c:fe:db:e2:df:34:f5:bf:12:df:10:22:
         a5:4b:cf:8e:f5:52:35:0c:7c:2c:2a:7b:9e:84:d3:ac:f6:15:
         d6:70:9d:07:d8:09:87:c0:cd:86:34:24:04:06:96:2b:02:76:
         62:de:7c:3a:14:47:32:b4:be:76:a3:b8:7a:63:21:ad:8f:8a:
         96:8a:22:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zk+us2osJx/YLjbKmoTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZDE4ZTFhMWRjNjU1OGM0ZGJhNzMxZWZhMzI3NjljNDVm
NTRiYTAwHhcNMjYwMzI5MDcwMjAyWhcNMjYwMzMwMDcwMjAyWjAzMTEwLwYDVQQD
EyhmZjVkOTBkNDRiODc1YThiMThlNzFmM2IyZjE1ZTljMzcyNDljYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWDrimm9cB4GWziPAG1+Era6nI8x
12D/LwFYJLDgqK1y4y+CxNsDprRylu5hVRvJtYq4Glf09nOVTRUhmuNQGwaLv5/+
ND2nh4PWfaS+vqSHy9cmsb+YGiJzc3WOB6tcZfxYQQo8dJWKiAJSWc/dwFshQ7ib
6qNpgo5SyNxjNY6CUn1KP6PA/9i1cXae/ePQgmrwwS1pTs7Yo3JB0Ott4JRUHzcH
VbFJT4GPFdxe/VRW2MNcDp1hEOKDDp56NSFxgBja1CeIhO1OWHPk2MvhrWKZkjFu
0ZRCEPNEq+PAXKQ4poQxkl7qGqqkveEBBuP3VvXG66YJCj3oRNLNct6eIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP9dkNRLh1qLGOcfOy8V6cNyScrpMB8GA1UdIwQY
MBaAFMXRjhodxlWMTbpzHvoydpxF9UugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgt
MWNiZTY2MWE2M2ZmLzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC82ZjZiMDctMmU0NS00MTBmLTkzMTgtMWNiZTY2MWE2M2Zm
LzEveGRHT0doM0dWWXhOdW5NZS1qSjJuRVgxUzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm0EN4u/M
DmflnJGYMpRETuHCbaYbN4bzMs4LC32Bhmzlw98gjDBIzy9jX0YQdGrI1/iYGljJ
cZmQdlcKl3ECCe8i75BcvTBeT0YtxQbGpFHi39282/cHXJq8dPNobQ5QQAdCmjDV
5tczdMzxVAJKAH/VcfYUnSRkKQX5LHBnrlbSxgs9rAO89TqRGyJtbvp4JkxCHAio
jX9QBqzPOvnjhvxMv+7kkssr/fQbL0uX0gMJPENI88hYIuyCjP7b4t809b8S3xAi
pUvPjvVSNQx8LCp7noTTrPYV1nCdB9gJh8DNhjQkBAaWKwJ2Yt58OhRHMrS+dqO4
emMhrY+KlooiGQ==
-----END CERTIFICATE-----