Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          Fq3/FP26SDWPbkz6ojS9ZDmxJhgknCxIqu8uwpJGCZk=
Subject key identifier:   53:32:AE:17:7F:CD:13:87:6F:98:BC:8A:AF:6B:E9:57:A4:99:76:74
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019D3865750B0BE02712C75C09E56DF70BF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:06 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: Gc1VK1V9MHtqSmNvefHjNDqJl4BoveB7b/+rFfLhhdQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:75:0b:0b:e0:27:12:c7:5c:09:e5:6d:f7:0b:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Mar 29 07:01:06 2026 GMT
            Not After : Mar 30 07:01:06 2026 GMT
        Subject: CN=5332ae177fcd13876f98bc8aaf6be957a4997674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:65:aa:e1:fc:83:f5:0e:b5:af:bb:a9:85:fd:
                    4e:9c:2f:d8:e7:7c:7e:71:e5:5a:8d:eb:a7:f8:d8:
                    67:c4:12:fe:46:42:a8:13:32:be:89:28:99:07:26:
                    cc:e5:fa:9d:54:51:bc:93:7e:10:00:51:04:dc:43:
                    90:37:f3:f2:ad:5f:9d:00:cb:32:00:bc:93:68:cc:
                    9d:d7:7c:85:ef:eb:80:85:1a:54:d8:46:98:bf:37:
                    8e:a4:8b:20:82:d7:18:94:be:dd:cb:8a:14:f2:33:
                    d9:3b:65:50:3b:6c:13:d6:72:82:f6:fd:58:bb:38:
                    f4:95:d9:ae:0f:64:2d:20:a2:a2:38:63:f8:a4:90:
                    7d:63:e2:d9:fc:e7:12:6f:fc:cc:70:93:7b:fd:77:
                    55:15:7d:a8:61:1d:97:1b:8c:6d:d1:a9:e1:62:54:
                    49:98:95:a8:ce:0d:92:18:bf:09:e2:50:61:23:07:
                    bc:62:9e:bd:5a:45:8c:82:bc:02:c8:56:ad:9d:33:
                    e0:9d:d6:65:f7:10:0d:be:66:75:66:3e:26:f6:b7:
                    99:71:e3:a2:89:5a:19:48:e8:47:42:f1:1c:32:13:
                    e3:69:2f:ae:b3:5f:74:fe:4f:ae:20:cb:72:a2:d5:
                    39:d8:36:bc:13:aa:0e:64:c4:81:7f:81:e3:be:e8:
                    92:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:32:AE:17:7F:CD:13:87:6F:98:BC:8A:AF:6B:E9:57:A4:99:76:74
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:72:83:cc:fa:e6:f3:f1:1e:eb:f6:fa:58:fb:f6:39:21:b6:
         0a:df:36:5f:41:b5:07:1f:ff:78:59:22:8f:9d:42:b9:84:22:
         d6:f4:ec:45:2d:b2:35:15:a0:ce:62:28:34:e6:c4:78:29:3a:
         d3:5f:16:2a:53:a2:dc:35:3e:38:ea:bf:03:2a:69:47:18:9a:
         6c:19:7b:bf:2a:e1:fc:95:a1:2a:92:9e:64:65:19:63:5a:9b:
         df:7e:87:3e:be:2a:90:a7:2e:48:fb:78:3a:88:50:f0:ef:57:
         ad:85:7b:5c:6a:be:87:28:51:40:55:25:3a:9c:47:d8:68:c6:
         c8:a2:aa:fd:71:e4:54:66:ca:8f:31:42:8d:74:a1:9c:f9:7b:
         ff:7e:b6:f0:7d:b7:ea:73:44:3c:d1:f9:c2:0c:bf:2a:2e:f6:
         90:34:6b:b2:40:02:27:09:6e:83:26:7d:63:c6:62:d9:5a:33:
         c3:e1:93:5c:39:f2:22:e2:97:e7:a8:f3:97:92:60:62:61:16:
         67:17:97:38:1e:0e:07:d5:d8:a6:6d:62:87:db:97:b3:b0:02:
         86:d3:50:0a:c4:c6:a5:ed:88:0c:20:8c:7b:82:47:1b:ee:2d:
         0b:6f:f7:74:6b:22:11:e5:29:d6:ea:02:1f:e2:9d:70:c1:96:
         33:05:3f:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXULC+AnEsdcCeVt9wv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjYwMzI5MDcwMTA2WhcNMjYwMzMwMDcwMTA2WjAzMTEwLwYDVQQD
Eyg1MzMyYWUxNzdmY2QxMzg3NmY5OGJjOGFhZjZiZTk1N2E0OTk3Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWWq4fyD9Q61r7uphf1OnC/Y53x+
ceVajeun+NhnxBL+RkKoEzK+iSiZBybM5fqdVFG8k34QAFEE3EOQN/PyrV+dAMsy
ALyTaMyd13yF7+uAhRpU2EaYvzeOpIsggtcYlL7dy4oU8jPZO2VQO2wT1nKC9v1Y
uzj0ldmuD2QtIKKiOGP4pJB9Y+LZ/OcSb/zMcJN7/XdVFX2oYR2XG4xt0anhYlRJ
mJWozg2SGL8J4lBhIwe8Yp69WkWMgrwCyFatnTPgndZl9xANvmZ1Zj4m9reZceOi
iVoZSOhHQvEcMhPjaS+us190/k+uIMtyotU52Da8E6oOZMSBf4HjvuiS/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFMyrhd/zROHb5i8iq9r6VekmXZ0MB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJnKDzPrm
8/Ee6/b6WPv2OSG2Ct82X0G1Bx//eFkij51CuYQi1vTsRS2yNRWgzmIoNObEeCk6
018WKlOi3DU+OOq/AyppRxiabBl7vyrh/JWhKpKeZGUZY1qb336HPr4qkKcuSPt4
OohQ8O9XrYV7XGq+hyhRQFUlOpxH2GjGyKKq/XHkVGbKjzFCjXShnPl7/3628H23
6nNEPNH5wgy/Ki72kDRrskACJwlugyZ9Y8Zi2Vozw+GTXDnyIuKX56jzl5JgYmEW
ZxeXOB4OB9XYpm1ih9uXs7AChtNQCsTGpe2IDCCMe4JHG+4tC2/3dGsiEeUp1uoC
H+KdcMGWMwU/XQ==
-----END CERTIFICATE-----