Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
File:                     xxovfXzIw2N0bpa8P8yLBflgb-o.mft (raw, json)
Hash identifier:          pGxxDZAN9liRr3sPXZetdqC81kmGMC4hnbr6QpL/GVE=
Subject key identifier:   E0:B4:76:FD:26:A2:40:E7:C9:E0:E3:8C:C6:93:66:29:42:33:43:FF
Authority key identifier: C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA
Certificate issuer:       /CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
Certificate serial:       019D37BFF2E35A071E780617913387A4062D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 04:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:19 +0000
Files and hashes:         1: xxovfXzIw2N0bpa8P8yLBflgb-o.crl (hash: rkafyem+5jaKSmdqlwAo+2cL+iXeNahGoY46lzNMeqM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:bf:f2:e3:5a:07:1e:78:06:17:91:33:87:a4:06:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c71a2f7d7cc8c363746e96bc3fcc8b05f9606fea
        Validity
            Not Before: Mar 29 04:00:19 2026 GMT
            Not After : Mar 30 04:00:19 2026 GMT
        Subject: CN=e0b476fd26a240e7c9e0e38cc6936629423343ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b3:87:25:48:b3:7b:06:d1:74:4f:36:14:7f:
                    a1:b6:d9:db:42:e4:b2:25:19:bf:5a:7a:21:bd:dc:
                    ff:1d:ca:34:88:49:04:6a:81:0f:80:55:79:50:d1:
                    a1:6f:86:2e:c9:af:f2:a1:b2:a3:06:f6:2a:4a:f7:
                    55:ee:c6:75:ba:5d:f7:22:03:18:19:8c:1d:1d:08:
                    42:af:4d:80:1d:11:4a:ab:28:b0:5c:01:a3:2a:8f:
                    12:92:7c:40:2e:3d:d3:10:9d:01:9c:e2:b1:86:ba:
                    5c:a1:c9:82:f8:62:e0:30:87:8a:79:ed:f5:c7:30:
                    61:35:b5:da:ac:c6:2c:21:57:86:c7:c4:d6:58:4a:
                    9c:6e:47:ef:a8:5c:5d:25:30:f1:d6:b3:51:78:f6:
                    ef:d9:cc:e1:a8:e1:96:8a:dd:0c:27:f4:96:fd:65:
                    2c:16:f4:6d:e6:c1:69:db:6b:ea:84:64:ff:22:71:
                    ee:aa:41:b0:56:e9:6f:d4:83:9e:84:11:e6:9a:39:
                    ff:fb:12:dd:ad:25:7b:80:79:43:42:99:af:8c:69:
                    66:00:5e:95:2f:6d:5b:1e:b2:ed:4f:e0:8f:ad:0b:
                    c7:b9:a5:58:18:8f:d0:83:d6:d1:ec:1d:7e:4a:37:
                    fe:1d:9a:4f:cf:0f:af:ae:41:93:2e:bb:ce:ec:cf:
                    98:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B4:76:FD:26:A2:40:E7:C9:E0:E3:8C:C6:93:66:29:42:33:43:FF
            X509v3 Authority Key Identifier:
                keyid:C7:1A:2F:7D:7C:C8:C3:63:74:6E:96:BC:3F:CC:8B:05:F9:60:6F:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xxovfXzIw2N0bpa8P8yLBflgb-o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0dc925-a33b-4d3a-add3-d6d140e4ce6d/1/xxovfXzIw2N0bpa8P8yLBflgb-o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:5a:71:79:a9:5a:95:14:0b:02:af:d9:81:bf:56:f2:21:10:
         90:09:0e:03:bf:22:31:d7:b7:3a:40:2f:e5:5c:d0:2f:d8:4e:
         75:ab:83:de:cb:1c:d0:f8:94:0c:a9:93:c1:f5:0b:f8:40:e0:
         c2:06:90:a9:02:d7:91:7f:77:c5:2d:41:3a:9e:58:52:2b:34:
         ed:cd:08:ee:ac:fe:86:65:16:67:fc:e9:58:9a:fd:68:05:e8:
         55:bf:ce:19:db:9b:ae:0b:31:d7:3e:15:42:8e:31:91:f0:cc:
         16:c0:a5:3f:4d:f7:51:0a:33:83:53:50:23:66:bf:a4:29:ec:
         a8:e8:d1:39:16:92:34:9f:98:f6:5a:eb:02:27:1c:f7:7d:3b:
         c3:5b:5d:c7:ee:1d:00:e3:e4:d0:c3:88:b1:61:94:db:fa:71:
         9d:b8:3f:b5:79:31:96:90:87:c0:4e:1d:96:f5:0c:d5:a0:2b:
         e9:48:71:19:a3:f9:77:99:3a:f9:bb:69:e6:ae:32:5b:34:fa:
         3b:af:90:2d:b8:7c:71:32:31:e4:cd:0e:0c:06:7f:de:db:65:
         5d:82:e9:8b:5c:f8:97:60:68:9e:27:85:0b:75:28:87:dc:9d:
         24:6c:b4:39:69:2d:d1:a7:55:8e:68:a8:b5:21:67:fe:4d:18:
         e3:41:d7:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03v/LjWgceeAYXkTOHpAYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MWEyZjdkN2NjOGMzNjM3NDZlOTZiYzNmY2M4YjA1Zjk2
MDZmZWEwHhcNMjYwMzI5MDQwMDE5WhcNMjYwMzMwMDQwMDE5WjAzMTEwLwYDVQQD
EyhlMGI0NzZmZDI2YTI0MGU3YzllMGUzOGNjNjkzNjYyOTQyMzM0M2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07OHJUizewbRdE82FH+httnbQuSy
JRm/Wnohvdz/Hco0iEkEaoEPgFV5UNGhb4Yuya/yobKjBvYqSvdV7sZ1ul33IgMY
GYwdHQhCr02AHRFKqyiwXAGjKo8SknxALj3TEJ0BnOKxhrpcocmC+GLgMIeKee31
xzBhNbXarMYsIVeGx8TWWEqcbkfvqFxdJTDx1rNRePbv2czhqOGWit0MJ/SW/WUs
FvRt5sFp22vqhGT/InHuqkGwVulv1IOehBHmmjn/+xLdrSV7gHlDQpmvjGlmAF6V
L21bHrLtT+CPrQvHuaVYGI/Qg9bR7B1+Sjf+HZpPzw+vrkGTLrvO7M+Y/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOC0dv0mokDnyeDjjMaTZilCM0P/MB8GA1UdIwQY
MBaAFMcaL318yMNjdG6WvD/MiwX5YG/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMt
ZDZkMTQwZTRjZTZkLzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wZGM5MjUtYTMzYi00ZDNhLWFkZDMtZDZkMTQwZTRjZTZk
LzEveHhvdmZYekl3Mk4wYnBhOFA4eUxCZmxnYi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl1pxeala
lRQLAq/Zgb9W8iEQkAkOA78iMde3OkAv5VzQL9hOdauD3ssc0PiUDKmTwfUL+EDg
wgaQqQLXkX93xS1BOp5YUis07c0I7qz+hmUWZ/zpWJr9aAXoVb/OGdubrgsx1z4V
Qo4xkfDMFsClP033UQozg1NQI2a/pCnsqOjRORaSNJ+Y9lrrAicc9307w1tdx+4d
AOPk0MOIsWGU2/pxnbg/tXkxlpCHwE4dlvUM1aAr6UhxGaP5d5k6+btp5q4yWzT6
O6+QLbh8cTIx5M0ODAZ/3ttlXYLpi1z4l2BonieFC3Uoh9ydJGy0OWkt0adVjmio
tSFn/k0Y40HXMQ==
-----END CERTIFICATE-----