Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
File:                     gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft (raw, json)
Hash identifier:          Ziuvx66QYqCT1AdByWCCiN650rx9hBNLb1kniMlzjxU=
Subject key identifier:   FA:91:F0:AB:76:52:22:65:AF:DF:E0:04:BD:5C:0A:BE:F4:B0:F0:B8
Authority key identifier: 80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68
Certificate issuer:       /CN=80eb71d019a483225c324c88c6c48020ef9f1168
Certificate serial:       019D371B43D2ED2150C2D18ED4C6BA54C43D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 01:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:26 +0000
Files and hashes:         1: gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl (hash: RIAjlRtxeKXacDdmX+smUCydsYKngnRs8FnXpGLJ9Dk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:43:d2:ed:21:50:c2:d1:8e:d4:c6:ba:54:c4:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80eb71d019a483225c324c88c6c48020ef9f1168
        Validity
            Not Before: Mar 29 01:00:26 2026 GMT
            Not After : Mar 30 01:00:26 2026 GMT
        Subject: CN=fa91f0ab76522265afdfe004bd5c0abef4b0f0b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:74:68:63:77:49:c9:c4:81:ab:61:86:3f:8e:
                    19:ed:9a:5f:2f:1b:ce:7b:cc:a4:2c:1a:9f:d9:2a:
                    c4:3e:e5:30:7e:47:05:67:30:a5:9a:a9:c5:54:a3:
                    ee:33:8b:25:09:eb:9e:bb:da:44:17:d9:5c:60:06:
                    70:4e:36:bc:d8:c2:89:b9:be:ef:48:12:82:8b:55:
                    cd:3e:26:34:e0:d0:dd:17:76:65:e5:64:13:f1:2c:
                    0e:59:2d:48:3a:59:7a:d1:e7:48:35:0a:dc:00:cb:
                    c6:31:a4:b8:a7:73:4e:19:86:28:89:4c:59:16:1e:
                    45:43:9b:f2:61:58:c4:b2:58:2c:dd:72:3b:72:02:
                    7a:94:76:08:7e:04:80:20:7b:1e:28:0f:ee:e3:07:
                    b8:83:52:62:27:9b:5d:c6:c1:d9:3c:70:cd:d0:be:
                    5c:21:86:86:9d:06:41:23:a5:94:52:f3:ad:6e:2d:
                    5b:af:fb:58:35:fd:c2:3b:4d:24:b6:bd:1b:47:87:
                    7a:4a:eb:41:ee:dc:7b:9e:ce:25:ab:95:1a:18:47:
                    46:82:2d:a0:4c:14:f4:58:9d:93:9a:88:e5:89:23:
                    1d:96:b8:f4:37:3f:f9:2b:f0:31:e4:e4:4b:76:00:
                    3c:42:64:e1:9f:8c:fd:fb:b8:39:78:0e:8d:5e:87:
                    81:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:91:F0:AB:76:52:22:65:AF:DF:E0:04:BD:5C:0A:BE:F4:B0:F0:B8
            X509v3 Authority Key Identifier:
                keyid:80:EB:71:D0:19:A4:83:22:5C:32:4C:88:C6:C4:80:20:EF:9F:11:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gOtx0BmkgyJcMkyIxsSAIO-fEWg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/290789-1922-4eb0-8ad4-fed89d170da4/1/gOtx0BmkgyJcMkyIxsSAIO-fEWg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:bc:5d:97:64:e7:0a:b7:c6:ce:12:0e:41:de:74:67:ac:28:
         2e:6e:81:dc:41:36:af:b6:2d:4c:36:44:18:6e:cc:4b:7c:fa:
         a3:de:cc:b1:36:b9:99:78:69:f7:60:48:45:a1:da:6a:17:a8:
         7f:de:18:de:85:72:16:4a:66:d6:61:ff:1e:3e:37:9a:cf:0f:
         56:23:40:c6:76:95:e4:d3:84:fc:e0:01:31:35:3f:66:88:85:
         99:f2:b4:84:fb:da:8d:81:7b:b6:54:b5:4b:be:16:5e:b4:7c:
         35:db:8d:55:99:cf:9a:f7:94:10:d2:91:c2:a6:e9:4a:ad:12:
         50:a1:d8:0d:9b:58:ef:25:80:0f:b8:de:e1:53:f4:e0:20:24:
         ed:32:27:81:8e:58:bb:62:69:6e:30:7a:98:96:26:59:cf:f7:
         9f:f2:f2:52:b7:5a:fd:33:54:bd:c5:db:eb:9d:2b:9d:b4:d1:
         5c:3e:6c:31:84:ae:a2:59:d7:2e:e7:45:ab:9f:e9:8e:9f:9a:
         94:88:e6:8e:ad:19:01:e2:2f:2f:0e:a4:8e:b2:e1:83:a8:7e:
         06:2c:d3:00:44:58:79:79:d5:ff:e3:e6:1a:97:a9:4d:f7:97:
         9d:0e:d2:94:88:80:34:77:be:91:82:a9:71:d6:67:31:7c:c6:
         1b:72:2e:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G0PS7SFQwtGO1Ma6VMQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWI3MWQwMTlhNDgzMjI1YzMyNGM4OGM2YzQ4MDIwZWY5
ZjExNjgwHhcNMjYwMzI5MDEwMDI2WhcNMjYwMzMwMDEwMDI2WjAzMTEwLwYDVQQD
EyhmYTkxZjBhYjc2NTIyMjY1YWZkZmUwMDRiZDVjMGFiZWY0YjBmMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13RoY3dJycSBq2GGP44Z7ZpfLxvO
e8ykLBqf2SrEPuUwfkcFZzClmqnFVKPuM4slCeueu9pEF9lcYAZwTja82MKJub7v
SBKCi1XNPiY04NDdF3Zl5WQT8SwOWS1IOll60edINQrcAMvGMaS4p3NOGYYoiUxZ
Fh5FQ5vyYVjEslgs3XI7cgJ6lHYIfgSAIHseKA/u4we4g1JiJ5tdxsHZPHDN0L5c
IYaGnQZBI6WUUvOtbi1br/tYNf3CO00ktr0bR4d6SutB7tx7ns4lq5UaGEdGgi2g
TBT0WJ2TmojliSMdlrj0Nz/5K/Ax5ORLdgA8QmThn4z9+7g5eA6NXoeB+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqR8Kt2UiJlr9/gBL1cCr70sPC4MB8GA1UdIwQY
MBaAFIDrcdAZpIMiXDJMiMbEgCDvnxFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQt
ZmVkODlkMTcwZGE0LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yOTA3ODktMTkyMi00ZWIwLThhZDQtZmVkODlkMTcwZGE0
LzEvZ090eDBCbWtneUpjTWt5SXhzU0FJTy1mRVdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATrxdl2Tn
CrfGzhIOQd50Z6woLm6B3EE2r7YtTDZEGG7MS3z6o97MsTa5mXhp92BIRaHaaheo
f94Y3oVyFkpm1mH/Hj43ms8PViNAxnaV5NOE/OABMTU/ZoiFmfK0hPvajYF7tlS1
S74WXrR8NduNVZnPmveUENKRwqbpSq0SUKHYDZtY7yWAD7je4VP04CAk7TIngY5Y
u2JpbjB6mJYmWc/3n/LyUrda/TNUvcXb650rnbTRXD5sMYSuolnXLudFq5/pjp+a
lIjmjq0ZAeIvLw6kjrLhg6h+BizTAERYeXnV/+PmGpepTfeXnQ7SlIiANHe+kYKp
cdZnMXzGG3IuCA==
-----END CERTIFICATE-----