Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          Sh8vpKUpcQxafSDKCn08qHNgADilivhb0x5aIlK22aE=
Subject key identifier:   02:7C:CD:B4:41:E5:88:7C:51:00:89:45:2B:D2:BC:18:FD:D5:14:B6
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       019D3940FCA0DEB988A7B962325AA12E00E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 11:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:53 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: qYpHwjjFQ8hCn6rSC/zFXFVcIsow++2W6udPoJkkvJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 11:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:fc:a0:de:b9:88:a7:b9:62:32:5a:a1:2e:00:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Mar 29 11:00:53 2026 GMT
            Not After : Mar 30 11:00:53 2026 GMT
        Subject: CN=027ccdb441e5887c510089452bd2bc18fdd514b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:10:10:c0:59:fc:6a:52:e8:52:76:96:68:2f:
                    19:da:97:30:d1:39:67:1e:a2:a6:f4:88:c6:1f:c7:
                    7d:d7:09:0e:64:6f:4c:74:6a:db:b8:a4:c8:44:62:
                    dd:c4:34:bf:16:79:96:50:82:06:ac:a8:d7:d1:13:
                    d9:38:63:5c:3f:8d:7a:60:cd:ae:6d:b1:83:8b:d3:
                    03:19:32:f8:f8:3d:1b:f1:26:39:1d:31:e6:3e:4d:
                    44:2a:05:75:66:01:c5:8b:2a:eb:7e:ca:c1:8e:5f:
                    0d:0a:8b:15:12:4e:d0:d7:22:0c:c2:9d:bc:c7:7e:
                    44:03:c0:eb:51:40:8d:53:a1:ed:58:bc:31:b8:b6:
                    22:a7:0a:a8:55:ca:a9:c6:9b:14:1a:ca:9c:97:1b:
                    1c:0e:56:3b:c2:53:a6:35:c0:5f:fc:0e:0c:a1:31:
                    8d:1e:9b:15:c4:ee:a6:7a:80:b4:79:88:50:9b:ee:
                    b9:7f:fb:60:45:c0:2e:a9:9c:00:1b:c2:15:3e:5c:
                    96:4b:ba:df:ab:90:00:30:61:d3:af:08:8f:cb:ad:
                    68:4f:d4:65:0c:ce:d6:be:0f:a8:e4:b0:54:09:27:
                    73:11:b7:09:1a:6b:77:a8:c6:f4:e5:47:34:9d:be:
                    f1:b7:78:1b:9e:a9:04:ee:1e:49:5c:95:a0:3a:b9:
                    15:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:7C:CD:B4:41:E5:88:7C:51:00:89:45:2B:D2:BC:18:FD:D5:14:B6
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:a8:d4:3d:04:b7:02:4f:7b:8f:d2:9a:3c:25:df:a1:e5:13:
         e8:22:cc:ee:2c:30:a5:f8:49:cd:a1:12:d1:d1:a7:32:9b:10:
         c2:17:bd:f3:89:aa:91:c7:2e:52:00:21:b4:38:b0:31:bb:6f:
         ee:44:b3:e9:80:e0:ab:30:29:75:f8:66:8c:9c:b8:98:1a:d6:
         dc:15:34:f6:93:a4:f7:00:11:58:d1:23:d2:31:39:b2:32:1c:
         02:96:ae:3e:ba:62:00:99:0a:6e:2e:12:e3:81:5c:8d:eb:5d:
         1b:fd:95:73:bf:d0:b7:5a:4a:39:4a:2b:67:cb:c1:5d:19:4a:
         0b:9a:30:d9:33:ec:80:e3:72:05:82:51:72:b8:62:12:f8:70:
         26:0a:a6:9b:23:84:25:59:67:4b:6a:3b:b4:0f:fd:96:a3:ec:
         3a:fa:48:24:54:20:4a:83:3f:8a:af:08:7e:c1:10:8a:18:88:
         f6:30:6c:c5:b3:e6:70:83:44:a0:f0:12:a4:75:20:2b:fe:8c:
         ff:c9:f2:57:86:93:7a:66:06:54:d2:8b:ff:97:0d:e1:0a:e5:
         42:81:a7:dd:59:d3:b4:2c:d6:a2:f0:e6:ef:54:69:c0:2e:17:
         ad:02:83:08:a1:e1:e2:8d:83:0a:c2:41:69:a6:20:fc:76:f2:
         49:df:66:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QPyg3rmIp7liMlqhLgDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjYwMzI5MTEwMDUzWhcNMjYwMzMwMTEwMDUzWjAzMTEwLwYDVQQD
EygwMjdjY2RiNDQxZTU4ODdjNTEwMDg5NDUyYmQyYmMxOGZkZDUxNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRAQwFn8alLoUnaWaC8Z2pcw0Tln
HqKm9IjGH8d91wkOZG9MdGrbuKTIRGLdxDS/FnmWUIIGrKjX0RPZOGNcP416YM2u
bbGDi9MDGTL4+D0b8SY5HTHmPk1EKgV1ZgHFiyrrfsrBjl8NCosVEk7Q1yIMwp28
x35EA8DrUUCNU6HtWLwxuLYipwqoVcqpxpsUGsqclxscDlY7wlOmNcBf/A4MoTGN
HpsVxO6meoC0eYhQm+65f/tgRcAuqZwAG8IVPlyWS7rfq5AAMGHTrwiPy61oT9Rl
DM7Wvg+o5LBUCSdzEbcJGmt3qMb05Uc0nb7xt3gbnqkE7h5JXJWgOrkViQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAJ8zbRB5Yh8UQCJRSvSvBj91RS2MB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmqjUPQS3
Ak97j9KaPCXfoeUT6CLM7iwwpfhJzaES0dGnMpsQwhe984mqkccuUgAhtDiwMbtv
7kSz6YDgqzApdfhmjJy4mBrW3BU09pOk9wARWNEj0jE5sjIcApauPrpiAJkKbi4S
44FcjetdG/2Vc7/Qt1pKOUorZ8vBXRlKC5ow2TPsgONyBYJRcrhiEvhwJgqmmyOE
JVlnS2o7tA/9lqPsOvpIJFQgSoM/iq8IfsEQihiI9jBsxbPmcINEoPASpHUgK/6M
/8nyV4aTemYGVNKL/5cN4QrlQoGn3VnTtCzWovDm71RpwC4XrQKDCKHh4o2DCsJB
aaYg/HbySd9m8Q==
-----END CERTIFICATE-----