Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          r8N/S2TBBoKSQ7RATXPqPjsioRkjdnYjPwhiicnvZJE=
Subject key identifier:   A1:96:5F:FE:4F:52:50:86:41:82:61:22:AB:45:B2:25:59:D8:4F:9C
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       019D3866599E7DAAB8A69F21788B3CEF7F8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:02:04 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:04 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:04 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: xWXDJvnED1ccVWgXibOOWAK6kiE4t3tfGjPHd4ng418=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:59:9e:7d:aa:b8:a6:9f:21:78:8b:3c:ef:7f:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Mar 29 07:02:04 2026 GMT
            Not After : Mar 30 07:02:04 2026 GMT
        Subject: CN=a1965ffe4f52508641826122ab45b22559d84f9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:6e:be:fe:69:81:b2:f9:c1:14:13:92:40:70:
                    3d:de:83:bd:66:63:97:1a:eb:f3:28:ba:f4:b1:f4:
                    b0:98:da:5b:d7:a2:f4:5d:a4:e1:8f:ba:52:8b:df:
                    cd:23:78:cc:43:b9:c9:a6:b5:53:0f:e2:af:d3:f2:
                    6a:43:a0:c0:84:6f:a8:0e:61:cf:7c:ff:e5:46:0d:
                    4b:66:c4:01:62:08:27:be:de:25:3a:e8:56:93:b1:
                    d5:a2:4b:80:78:be:7e:54:fc:cc:b9:5b:ec:ca:eb:
                    52:06:d6:6c:b5:53:3a:c0:ae:8d:d8:00:28:2d:b2:
                    12:d0:c3:94:10:2f:c9:ac:7e:fc:1b:18:78:cb:3c:
                    0c:c9:12:49:68:03:46:68:74:c5:11:47:77:05:fa:
                    17:67:75:54:e8:91:d0:62:94:c1:aa:32:35:84:28:
                    44:f7:e5:67:30:22:d5:9c:78:e0:a7:e9:c8:a9:03:
                    f9:5d:90:3e:93:c3:4f:a8:64:9e:80:fe:15:3a:d8:
                    e5:3e:5d:14:d2:98:db:cd:22:5f:2f:21:97:32:2d:
                    e3:34:b3:2d:e3:96:70:53:b9:02:3b:85:43:83:e9:
                    26:c8:6e:63:ef:26:c5:a4:24:94:d9:e7:ca:54:5e:
                    f6:ab:fd:6f:4b:e4:b2:b9:ea:03:1c:a2:56:6b:c9:
                    00:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:96:5F:FE:4F:52:50:86:41:82:61:22:AB:45:B2:25:59:D8:4F:9C
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c1:d6:e5:f4:30:71:46:f6:d9:3e:02:a8:35:8b:48:93:8c:73:
         58:fa:a9:e4:26:8d:e6:a3:44:b7:a0:23:13:fe:2f:e3:f5:86:
         89:af:3e:c9:95:bc:fc:ca:27:a7:f8:2b:08:06:88:71:d7:94:
         6f:ba:e9:b8:62:1a:4f:33:60:a7:bb:d2:71:7e:20:05:61:f2:
         4b:90:97:ea:23:c7:f3:fd:08:64:c0:90:94:70:e5:ee:23:e7:
         be:83:a7:d7:3c:a6:70:7f:88:04:7a:70:cd:d6:69:23:2e:ee:
         d5:f1:25:5c:8a:54:8e:37:9e:8b:e0:b5:64:56:4b:50:7b:80:
         20:e1:3a:69:0e:59:e2:f4:07:7f:fe:64:2e:8e:d2:b6:39:ca:
         be:fc:89:0e:7a:f5:d0:14:fe:03:13:6b:f9:72:25:9c:ef:97:
         fb:81:af:b0:06:f3:0f:e5:01:93:b9:0d:f8:bd:b7:74:b1:12:
         c5:e1:12:19:8d:1f:41:ed:8b:3f:11:a7:44:5c:51:f3:93:01:
         ae:43:7e:3b:01:98:75:45:50:17:20:6c:2a:b0:bd:8f:ff:6b:
         e0:56:4d:bd:a4:5a:1d:2a:a6:d5:24:a0:f5:47:cf:10:ef:96:
         d8:da:99:64:92:f2:3e:85:80:e2:01:21:38:b2:8e:82:8c:a6:
         00:92:0a:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zlmefaq4pp8heIs873+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjYwMzI5MDcwMjA0WhcNMjYwMzMwMDcwMjA0WjAzMTEwLwYDVQQD
EyhhMTk2NWZmZTRmNTI1MDg2NDE4MjYxMjJhYjQ1YjIyNTU5ZDg0ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm6+/mmBsvnBFBOSQHA93oO9ZmOX
GuvzKLr0sfSwmNpb16L0XaThj7pSi9/NI3jMQ7nJprVTD+Kv0/JqQ6DAhG+oDmHP
fP/lRg1LZsQBYggnvt4lOuhWk7HVokuAeL5+VPzMuVvsyutSBtZstVM6wK6N2AAo
LbIS0MOUEC/JrH78Gxh4yzwMyRJJaANGaHTFEUd3BfoXZ3VU6JHQYpTBqjI1hChE
9+VnMCLVnHjgp+nIqQP5XZA+k8NPqGSegP4VOtjlPl0U0pjbzSJfLyGXMi3jNLMt
45ZwU7kCO4VDg+kmyG5j7ybFpCSU2efKVF72q/1vS+SyueoDHKJWa8kAQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGWX/5PUlCGQYJhIqtFsiVZ2E+cMB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwdbl9DBx
RvbZPgKoNYtIk4xzWPqp5CaN5qNEt6AjE/4v4/WGia8+yZW8/Monp/grCAaIcdeU
b7rpuGIaTzNgp7vScX4gBWHyS5CX6iPH8/0IZMCQlHDl7iPnvoOn1zymcH+IBHpw
zdZpIy7u1fElXIpUjjeei+C1ZFZLUHuAIOE6aQ5Z4vQHf/5kLo7StjnKvvyJDnr1
0BT+AxNr+XIlnO+X+4GvsAbzD+UBk7kN+L23dLESxeESGY0fQe2LPxGnRFxR85MB
rkN+OwGYdUVQFyBsKrC9j/9r4FZNvaRaHSqm1SSg9UfPEO+W2NqZZJLyPoWA4gEh
OLKOgoymAJIKkg==
-----END CERTIFICATE-----