Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          HEu3915s1YfA0MwwnJuTaZFBQKo/R5598E7Do3/Sagc=
Subject key identifier:   30:35:99:5A:B2:51:13:29:00:B4:A4:66:90:DE:D7:0C:F5:D5:49:FA
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019D3866A8E7F556D2A395B37B9A82B3C840
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          1194
Signing time:             Sun 29 Mar 2026 07:02:25 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:25 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:25 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: fDPIhvgws9tyqEGFoQst0Wvf5/9wSgHpHBko6Q8Avds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:a8:e7:f5:56:d2:a3:95:b3:7b:9a:82:b3:c8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Mar 29 07:02:25 2026 GMT
            Not After : Mar 30 07:02:25 2026 GMT
        Subject: CN=3035995ab251132900b4a46690ded70cf5d549fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a4:8d:3c:9b:59:65:5e:be:c2:1b:d8:77:1d:
                    5e:06:3c:69:44:f6:25:c5:43:c9:9b:9a:14:28:20:
                    4e:b5:53:42:f5:bd:94:7f:c6:9d:9e:28:8e:da:5c:
                    29:f3:c9:4d:31:be:e3:50:77:7d:29:2b:35:46:a8:
                    32:37:7f:d0:c5:c0:46:13:d4:6f:3d:14:3a:6c:72:
                    7c:b8:75:fd:4e:49:7e:12:02:41:fd:d5:75:10:01:
                    22:11:60:79:7f:0c:c3:76:c5:11:fa:da:f4:12:68:
                    5b:45:c1:3c:c1:1f:06:11:5b:05:d7:ce:99:7d:f5:
                    5c:97:9f:be:4c:6b:06:04:7b:73:8e:d3:82:d5:8b:
                    fc:ba:ca:09:13:43:6b:57:88:d1:5e:e4:37:d9:89:
                    37:b4:b0:34:31:43:57:5b:58:89:81:55:63:0b:b3:
                    d1:ce:ab:21:78:99:15:be:d1:67:3b:10:cd:5b:cd:
                    32:33:b4:10:6f:68:11:b0:e2:60:45:34:72:7b:a2:
                    b8:5b:e4:ec:f7:ce:88:ee:d5:e1:3f:b6:19:09:da:
                    7d:61:aa:80:d1:45:2b:ea:a9:5b:6c:78:bf:d1:a3:
                    9e:8b:a8:c1:73:fd:48:a8:0a:61:1b:3a:1b:cb:08:
                    eb:a6:8f:89:43:21:09:7c:70:28:87:3e:00:94:4a:
                    d0:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:35:99:5A:B2:51:13:29:00:B4:A4:66:90:DE:D7:0C:F5:D5:49:FA
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:20:56:9b:80:37:df:26:23:d8:f2:cc:f1:2c:6e:bd:91:6f:
         f3:f1:6d:8e:1e:f1:84:f0:6e:b5:46:8c:e8:0b:12:1e:1a:ac:
         66:a0:39:1e:34:3c:c0:80:9c:6c:53:1d:b7:83:d0:dc:0c:a7:
         14:6c:26:ff:3b:9a:36:c0:ca:a5:06:6c:de:28:fa:88:69:90:
         1d:d9:25:fe:17:fc:ad:0d:27:b8:90:d3:f1:c1:2e:a0:61:34:
         01:89:1b:6a:2c:b0:aa:92:b0:f1:90:c8:c9:f3:c7:4a:f1:a3:
         a8:05:d6:f5:7f:6b:93:8a:8b:e0:ab:02:57:37:e6:0a:8c:94:
         02:5e:55:f4:50:5f:c2:c9:7c:c5:1d:0a:7a:61:7c:da:e9:96:
         68:c9:1d:bf:ad:8f:26:88:9b:18:a6:30:e0:cf:4e:28:bc:8b:
         58:6a:14:c9:ee:17:db:37:b9:aa:e4:55:48:83:e8:b9:02:63:
         3d:1b:ca:76:f5:d3:7b:1d:1d:6d:8e:80:29:46:11:4c:da:74:
         7f:e7:d5:58:07:f9:c8:74:71:bd:41:0f:f3:94:6a:84:00:20:
         ba:55:25:3e:eb:97:2e:fb:ab:11:a4:ca:2f:97:5c:d1:23:b9:
         2c:ad:5a:d1:ee:87:1e:24:b3:49:89:9b:5f:27:e4:e4:a1:e3:
         bf:53:1b:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zqjn9VbSo5Wze5qCs8hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjYwMzI5MDcwMjI1WhcNMjYwMzMwMDcwMjI1WjAzMTEwLwYDVQQD
EygzMDM1OTk1YWIyNTExMzI5MDBiNGE0NjY5MGRlZDcwY2Y1ZDU0OWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaSNPJtZZV6+whvYdx1eBjxpRPYl
xUPJm5oUKCBOtVNC9b2Uf8adniiO2lwp88lNMb7jUHd9KSs1RqgyN3/QxcBGE9Rv
PRQ6bHJ8uHX9Tkl+EgJB/dV1EAEiEWB5fwzDdsUR+tr0EmhbRcE8wR8GEVsF186Z
ffVcl5++TGsGBHtzjtOC1Yv8usoJE0NrV4jRXuQ32Yk3tLA0MUNXW1iJgVVjC7PR
zqsheJkVvtFnOxDNW80yM7QQb2gRsOJgRTRye6K4W+Ts986I7tXhP7YZCdp9YaqA
0UUr6qlbbHi/0aOei6jBc/1IqAphGzobywjrpo+JQyEJfHAohz4AlErQzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDA1mVqyURMpALSkZpDe1wz11Un6MB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKCBWm4A3
3yYj2PLM8SxuvZFv8/Ftjh7xhPButUaM6AsSHhqsZqA5HjQ8wICcbFMdt4PQ3Ayn
FGwm/zuaNsDKpQZs3ij6iGmQHdkl/hf8rQ0nuJDT8cEuoGE0AYkbaiywqpKw8ZDI
yfPHSvGjqAXW9X9rk4qL4KsCVzfmCoyUAl5V9FBfwsl8xR0KemF82umWaMkdv62P
JoibGKYw4M9OKLyLWGoUye4X2ze5quRVSIPouQJjPRvKdvXTex0dbY6AKUYRTNp0
f+fVWAf5yHRxvUEP85RqhAAgulUlPuuXLvurEaTKL5dc0SO5LK1a0e6HHiSzSYmb
Xyfk5KHjv1Mb6g==
-----END CERTIFICATE-----