Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          lRi/+UeV69nVkHqYw1TZhsms1TMm+lZrWqZeMb5kjg4=
Subject key identifier:   B5:52:11:65:A0:5B:49:93:B3:E5:85:DA:A1:84:53:8E:A1:CC:77:C5
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       019D3AF8CB3BA0D55A3CF9385C3C9ABFFD8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          188E
Signing time:             Sun 29 Mar 2026 19:01:16 +0000
Manifest this update:     Sun 29 Mar 2026 19:01:16 +0000
Manifest next update:     Mon 30 Mar 2026 19:01:16 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: 4eWrC0jlYQ9vG0i2iAxlmEuVZoxrNbQ/7EuJe3MLyn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f8:cb:3b:a0:d5:5a:3c:f9:38:5c:3c:9a:bf:fd:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Mar 29 19:01:16 2026 GMT
            Not After : Mar 30 19:01:16 2026 GMT
        Subject: CN=b5521165a05b4993b3e585daa184538ea1cc77c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:ba:28:51:92:99:53:95:c9:b6:c3:f8:4b:01:
                    e8:ea:f8:e8:c6:97:4e:ea:ac:27:ac:68:76:e0:d5:
                    5a:da:ec:ab:08:98:f5:09:96:c9:e3:46:bd:ac:2e:
                    b4:c9:15:8a:72:a4:1f:72:e6:5a:be:e0:2c:a3:13:
                    4d:36:d2:d4:e0:92:32:84:7d:0a:e0:42:c0:d0:76:
                    51:9d:3f:06:3a:5f:f9:aa:6d:c8:0f:eb:1b:87:d5:
                    8d:d9:27:49:4a:1f:17:1d:d8:42:4d:07:88:80:b5:
                    17:8a:1f:61:4a:a8:e0:eb:24:e2:b3:84:14:c6:83:
                    89:29:ee:09:c1:13:c6:f8:fc:70:5c:ee:76:30:da:
                    88:27:1a:dd:ea:2a:7c:67:63:17:36:26:9b:49:26:
                    03:cb:00:1c:11:44:49:ad:b3:80:5f:f5:c4:6c:12:
                    b5:38:82:eb:f7:0b:e2:f2:f1:29:e0:31:4d:04:af:
                    d7:77:be:a4:ea:66:2f:32:66:b7:66:48:8c:55:4e:
                    85:cb:78:80:4d:d8:f8:0d:c5:39:1b:b7:3b:7b:ab:
                    00:38:63:f8:85:07:3c:8a:f9:f2:33:f6:8e:3d:67:
                    80:05:28:62:01:e9:d4:18:2c:4a:27:af:ac:f9:df:
                    d9:d7:d3:d4:e6:df:53:e0:1f:42:34:79:3e:7c:01:
                    14:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:52:11:65:A0:5B:49:93:B3:E5:85:DA:A1:84:53:8E:A1:CC:77:C5
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:ca:a5:fa:d3:be:ff:47:1f:76:d9:e2:3e:23:64:96:a2:7e:
         dc:9b:91:89:7d:1e:26:25:c9:fd:21:dd:30:8d:61:8f:a1:6a:
         1b:82:b0:87:1a:7c:a1:76:5f:6c:6a:ad:d4:8b:59:bd:dd:a3:
         2f:c1:20:83:93:7a:74:fc:d9:ec:5c:4f:fa:1b:38:51:42:ff:
         fa:b9:1c:fa:ce:b6:a1:0c:c8:e9:96:fa:68:9c:b8:e0:7c:01:
         17:71:ce:aa:6d:b2:27:ae:14:7c:a7:3e:8c:5e:a1:57:89:da:
         cf:7c:76:f6:ce:a7:00:02:60:5b:6f:20:22:68:0a:a0:51:d8:
         ee:92:e9:7d:92:c7:6a:d8:c5:d3:f0:fd:ca:d0:f6:29:ab:da:
         5a:71:3e:f9:49:51:0c:9c:18:03:09:95:fc:22:a6:82:c2:2d:
         15:b2:c2:6b:65:be:e2:78:6e:66:0b:ec:87:5b:a4:2f:d2:27:
         8a:43:b0:5c:65:6c:33:c6:e9:e7:21:e1:76:52:f6:04:87:26:
         0a:e5:58:0a:ac:ba:a0:39:a3:2f:6f:35:ee:c4:6b:fb:f4:8e:
         3e:53:99:38:55:a8:b2:fa:2f:ed:dc:65:96:08:60:19:c2:a1:
         71:15:9f:16:68:09:a5:04:0d:8a:1c:54:22:30:a6:7d:41:eb:
         09:e4:9e:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+Ms7oNVaPPk4XDyav/2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjYwMzI5MTkwMTE2WhcNMjYwMzMwMTkwMTE2WjAzMTEwLwYDVQQD
EyhiNTUyMTE2NWEwNWI0OTkzYjNlNTg1ZGFhMTg0NTM4ZWExY2M3N2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbooUZKZU5XJtsP4SwHo6vjoxpdO
6qwnrGh24NVa2uyrCJj1CZbJ40a9rC60yRWKcqQfcuZavuAsoxNNNtLU4JIyhH0K
4ELA0HZRnT8GOl/5qm3ID+sbh9WN2SdJSh8XHdhCTQeIgLUXih9hSqjg6yTis4QU
xoOJKe4JwRPG+PxwXO52MNqIJxrd6ip8Z2MXNiabSSYDywAcEURJrbOAX/XEbBK1
OILr9wvi8vEp4DFNBK/Xd76k6mYvMma3ZkiMVU6Fy3iATdj4DcU5G7c7e6sAOGP4
hQc8ivnyM/aOPWeABShiAenUGCxKJ6+s+d/Z19PU5t9T4B9CNHk+fAEU8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLVSEWWgW0mTs+WF2qGEU46hzHfFMB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqMql+tO+
/0cfdtniPiNklqJ+3JuRiX0eJiXJ/SHdMI1hj6FqG4Kwhxp8oXZfbGqt1ItZvd2j
L8Egg5N6dPzZ7FxP+hs4UUL/+rkc+s62oQzI6Zb6aJy44HwBF3HOqm2yJ64UfKc+
jF6hV4naz3x29s6nAAJgW28gImgKoFHY7pLpfZLHatjF0/D9ytD2KavaWnE++UlR
DJwYAwmV/CKmgsItFbLCa2W+4nhuZgvsh1ukL9InikOwXGVsM8bp5yHhdlL2BIcm
CuVYCqy6oDmjL2817sRr+/SOPlOZOFWosvov7dxllghgGcKhcRWfFmgJpQQNihxU
IjCmfUHrCeSeTA==
-----END CERTIFICATE-----