Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
File:                     XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft (raw, json)
Hash identifier:          t3Lh9szmwqBRomTemFJvl2Fd9k5cVn7yzapQvTLTnJM=
Subject key identifier:   0B:E3:E3:38:AC:3B:FA:F5:68:6F:DE:62:A9:30:E3:DE:16:1C:CC:FA
Authority key identifier: 5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25
Certificate issuer:       /CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
Certificate serial:       019D38D2B5F4B897FDDB94B4F60E67BF7EC2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 09:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:26 +0000
Files and hashes:         1: XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl (hash: vciaiFRsOulN2QM/UCUujq1yVrPhysJiCTzivtfMWeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:b5:f4:b8:97:fd:db:94:b4:f6:0e:67:bf:7e:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e2643ec29f8b04f838d6e5dc5069c1064c5bd25
        Validity
            Not Before: Mar 29 09:00:26 2026 GMT
            Not After : Mar 30 09:00:26 2026 GMT
        Subject: CN=0be3e338ac3bfaf5686fde62a930e3de161cccfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:4a:bf:23:87:b5:26:5d:9b:88:f1:ed:ab:01:
                    84:fe:fe:76:c5:23:58:03:57:0e:fe:17:87:57:bc:
                    20:0a:81:39:08:52:0b:5e:82:0b:56:9f:92:12:67:
                    d0:32:ed:1e:f6:e0:61:2d:cb:c1:da:98:53:99:18:
                    2a:91:ff:4a:e0:e1:00:5a:0a:27:ca:ea:3e:16:76:
                    a6:1e:21:ae:10:8b:46:56:87:8f:31:c3:20:96:13:
                    eb:a3:85:4a:cd:b0:3e:ce:2a:90:e8:d1:da:a2:aa:
                    2d:2e:e6:e2:16:1e:5f:7f:a4:83:b2:2c:43:3b:aa:
                    90:9c:df:e0:04:0e:9c:62:67:4b:34:e6:62:f4:50:
                    3b:3a:c1:ee:03:8e:cc:cd:41:45:24:0c:0f:d0:9b:
                    f5:4a:2c:7c:ae:e8:ff:39:00:39:4f:66:30:42:1b:
                    6f:fe:38:a4:cd:2e:fe:ee:60:25:5a:72:49:82:be:
                    16:23:25:99:67:c1:6a:81:4b:81:d5:e5:bb:88:97:
                    34:36:df:6d:d6:1f:fb:df:ee:c3:f1:9a:a7:89:c2:
                    79:bf:64:3d:3a:23:fc:ea:46:df:f6:f0:3d:f5:74:
                    cb:15:b8:a5:04:54:ac:80:4b:62:f7:c5:bf:3e:51:
                    44:ce:bd:71:aa:16:70:e1:69:bf:c9:33:db:20:a0:
                    3b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:E3:E3:38:AC:3B:FA:F5:68:6F:DE:62:A9:30:E3:DE:16:1C:CC:FA
            X509v3 Authority Key Identifier:
                keyid:5E:26:43:EC:29:F8:B0:4F:83:8D:6E:5D:C5:06:9C:10:64:C5:BD:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiZD7Cn4sE-DjW5dxQacEGTFvSU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/82c4e6-0ab8-4f46-aed1-a4c3a85f3f0a/1/XiZD7Cn4sE-DjW5dxQacEGTFvSU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:05:9c:d8:cf:9b:7e:c7:30:e7:7f:bd:a0:5a:a1:29:5e:18:
         97:1b:b6:19:73:88:34:c2:c8:1a:51:bd:e8:2a:55:68:d2:ff:
         57:2a:7d:43:21:5d:22:b9:93:04:c0:c3:5d:5a:a2:26:08:43:
         db:da:6e:6f:55:4a:f0:6a:ef:90:f0:c8:56:c2:1b:2f:25:86:
         54:62:8e:fd:a4:eb:cd:50:e8:5f:16:2a:55:c8:34:d8:e9:36:
         18:12:bb:3e:6e:c9:12:7c:4a:ca:a5:e9:e6:73:91:b1:00:55:
         16:c3:c0:d5:1e:4e:9a:6a:d1:b3:9d:b8:b1:37:f5:86:74:2c:
         fa:f9:aa:93:bb:8f:71:5d:97:d2:29:58:7a:6b:59:76:cc:4e:
         40:85:19:a6:d3:85:68:5c:59:ba:15:c4:c6:57:6e:97:81:f2:
         ef:44:9a:aa:10:17:09:41:3a:c1:99:85:30:ba:1d:c6:cd:d2:
         b8:b6:91:49:63:15:62:77:ab:da:65:61:8b:08:3a:0f:a2:ad:
         0e:87:6c:7b:07:0d:7a:f4:f4:d0:09:4e:43:aa:4f:b4:ba:00:
         f7:8a:90:68:0a:53:1d:e9:eb:68:3b:44:e4:63:26:ca:5d:16:
         49:fa:0d:a7:60:1b:3d:a8:12:d3:60:81:5e:27:13:76:37:62:
         0f:e4:c3:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040rX0uJf925S09g5nv37CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjY0M2VjMjlmOGIwNGY4MzhkNmU1ZGM1MDY5YzEwNjRj
NWJkMjUwHhcNMjYwMzI5MDkwMDI2WhcNMjYwMzMwMDkwMDI2WjAzMTEwLwYDVQQD
EygwYmUzZTMzOGFjM2JmYWY1Njg2ZmRlNjJhOTMwZTNkZTE2MWNjY2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Eq/I4e1Jl2biPHtqwGE/v52xSNY
A1cO/heHV7wgCoE5CFILXoILVp+SEmfQMu0e9uBhLcvB2phTmRgqkf9K4OEAWgon
yuo+FnamHiGuEItGVoePMcMglhPro4VKzbA+ziqQ6NHaoqotLubiFh5ff6SDsixD
O6qQnN/gBA6cYmdLNOZi9FA7OsHuA47MzUFFJAwP0Jv1Six8ruj/OQA5T2YwQhtv
/jikzS7+7mAlWnJJgr4WIyWZZ8FqgUuB1eW7iJc0Nt9t1h/73+7D8ZqnicJ5v2Q9
OiP86kbf9vA99XTLFbilBFSsgEti98W/PlFEzr1xqhZw4Wm/yTPbIKA78QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvj4zisO/r1aG/eYqkw494WHMz6MB8GA1UdIwQY
MBaAFF4mQ+wp+LBPg41uXcUGnBBkxb0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEt
YTRjM2E4NWYzZjBhLzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84MmM0ZTYtMGFiOC00ZjQ2LWFlZDEtYTRjM2E4NWYzZjBh
LzEvWGlaRDdDbjRzRS1Ealc1ZHhRYWNFR1RGdlNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVgWc2M+b
fscw53+9oFqhKV4Ylxu2GXOINMLIGlG96CpVaNL/Vyp9QyFdIrmTBMDDXVqiJghD
29pub1VK8GrvkPDIVsIbLyWGVGKO/aTrzVDoXxYqVcg02Ok2GBK7Pm7JEnxKyqXp
5nORsQBVFsPA1R5OmmrRs524sTf1hnQs+vmqk7uPcV2X0ilYemtZdsxOQIUZptOF
aFxZuhXExldul4Hy70SaqhAXCUE6wZmFMLodxs3SuLaRSWMVYner2mVhiwg6D6Kt
DodsewcNevT00AlOQ6pPtLoA94qQaApTHenraDtE5GMmyl0WSfoNp2AbPagS02CB
XicTdjdiD+TDpw==
-----END CERTIFICATE-----