Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
File:                     _tPwXKP9-ef5nGXMagpnJPWTGnA.mft (raw, json)
Hash identifier:          2MbRX/JuWVnWuSQ4eC2Qa2/KKfQwl11zCivzp1uCP/Q=
Subject key identifier:   90:6E:9C:4F:39:8C:27:F4:3C:03:F4:7A:B9:A7:BB:55:A9:3B:40:D3
Authority key identifier: FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70
Certificate issuer:       /CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
Certificate serial:       019D3865DC439075C01EE55DC9026E5B5AE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:32 +0000
Files and hashes:         1: _tPwXKP9-ef5nGXMagpnJPWTGnA.crl (hash: 7E/SLUKnmXsZKYyFtALRt9UoDFM5NaVgzfn5FNiP0lk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:dc:43:90:75:c0:1e:e5:5d:c9:02:6e:5b:5a:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fed3f05ca3fdf9e7f99c65cc6a0a6724f5931a70
        Validity
            Not Before: Mar 29 07:01:32 2026 GMT
            Not After : Mar 30 07:01:32 2026 GMT
        Subject: CN=906e9c4f398c27f43c03f47ab9a7bb55a93b40d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:48:a4:60:d5:51:81:60:81:e2:9d:10:8f:0b:
                    85:bf:8a:f8:18:76:0a:29:c3:3d:fd:a6:35:6a:df:
                    7a:fa:95:38:a7:d2:4d:2b:81:07:ec:7e:cd:1b:18:
                    6f:0e:15:85:4d:97:14:3d:ca:88:13:61:ee:d8:63:
                    a8:bc:0c:31:74:c8:16:c4:66:28:64:ec:cd:fc:d2:
                    d1:be:2c:8f:66:13:86:f0:b3:1b:34:72:3e:4d:7c:
                    7b:08:b0:0f:9a:3b:8c:e6:ca:bc:47:98:e3:a2:f2:
                    3f:04:1c:68:bd:97:b3:e7:3a:21:b3:f4:83:74:56:
                    b1:5c:ee:ae:ce:74:5b:fe:3d:5c:3b:87:05:ba:d7:
                    4d:1f:d7:99:66:97:3a:c2:d8:60:df:25:0f:f4:48:
                    6c:5b:5f:65:5e:4d:1f:8d:4a:7b:06:82:eb:a0:34:
                    21:9f:e7:42:5e:6d:34:8d:cd:d9:1a:45:ac:ff:6e:
                    e1:03:b6:9a:84:0d:d0:cd:e6:0e:0f:c8:38:e1:8f:
                    d4:75:c4:38:cc:bb:5d:3f:6c:e6:ce:7e:17:ad:a8:
                    5c:6b:50:6e:09:44:e2:8d:ee:e4:cf:e4:6e:c8:b8:
                    2f:42:37:17:e5:2d:38:be:35:c2:91:46:11:b5:22:
                    53:40:2c:f6:0f:b4:0e:f0:1a:de:dd:7f:39:43:fb:
                    c0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:6E:9C:4F:39:8C:27:F4:3C:03:F4:7A:B9:A7:BB:55:A9:3B:40:D3
            X509v3 Authority Key Identifier:
                keyid:FE:D3:F0:5C:A3:FD:F9:E7:F9:9C:65:CC:6A:0A:67:24:F5:93:1A:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tPwXKP9-ef5nGXMagpnJPWTGnA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c95639-722a-4021-beeb-ac5ee625babc/1/_tPwXKP9-ef5nGXMagpnJPWTGnA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:78:0d:49:28:ff:fc:7b:90:d8:cc:f0:4f:98:f3:c0:1f:38:
         b0:23:cb:be:dd:b6:fd:b1:fd:48:de:c2:23:5b:06:81:71:92:
         c5:ad:82:fa:3d:66:f1:7d:95:6a:80:54:0a:06:4d:0f:5b:b5:
         91:ff:c4:79:ef:2f:48:05:aa:67:4b:8c:b9:91:9a:e8:46:e3:
         e4:99:ac:8d:ab:7b:f7:81:eb:67:b5:c4:72:0f:ec:05:47:d3:
         ac:c8:22:48:81:f6:d1:14:18:92:34:5f:53:4b:da:75:15:1a:
         ee:cc:cb:a3:4b:46:32:27:b1:87:e4:62:88:96:c6:0e:ce:69:
         37:3e:2f:ca:42:09:f6:d8:70:f5:06:2a:23:1a:b0:88:e2:b6:
         fa:a3:79:5c:06:19:55:e7:b3:00:d4:29:7d:18:25:1d:2b:09:
         26:23:91:37:22:36:22:45:7d:56:76:b2:1f:05:d9:ad:36:ec:
         cf:30:6a:82:64:ec:98:63:5d:e1:d4:a5:f2:cc:ef:76:6d:2c:
         59:67:dc:d9:34:2b:7c:eb:0b:d2:4b:9f:3f:8b:22:54:b4:4a:
         84:d1:aa:f2:0e:f9:1a:d5:0a:92:4f:95:a9:0f:21:36:27:d0:
         de:a8:eb:92:06:af:d3:10:b0:16:a0:f1:3e:f5:a9:ef:05:56:
         bb:31:fb:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdxDkHXAHuVdyQJuW1rjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZDNmMDVjYTNmZGY5ZTdmOTljNjVjYzZhMGE2NzI0ZjU5
MzFhNzAwHhcNMjYwMzI5MDcwMTMyWhcNMjYwMzMwMDcwMTMyWjAzMTEwLwYDVQQD
Eyg5MDZlOWM0ZjM5OGMyN2Y0M2MwM2Y0N2FiOWE3YmI1NWE5M2I0MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0ikYNVRgWCB4p0QjwuFv4r4GHYK
KcM9/aY1at96+pU4p9JNK4EH7H7NGxhvDhWFTZcUPcqIE2Hu2GOovAwxdMgWxGYo
ZOzN/NLRviyPZhOG8LMbNHI+TXx7CLAPmjuM5sq8R5jjovI/BBxovZez5zohs/SD
dFaxXO6uznRb/j1cO4cFutdNH9eZZpc6wthg3yUP9EhsW19lXk0fjUp7BoLroDQh
n+dCXm00jc3ZGkWs/27hA7aahA3QzeYOD8g44Y/UdcQ4zLtdP2zmzn4Xrahca1Bu
CUTije7kz+RuyLgvQjcX5S04vjXCkUYRtSJTQCz2D7QO8Bre3X85Q/vAPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBunE85jCf0PAP0ermnu1WpO0DTMB8GA1UdIwQY
MBaAFP7T8Fyj/fnn+ZxlzGoKZyT1kxpwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWIt
YWM1ZWU2MjViYWJjLzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jOTU2MzktNzIyYS00MDIxLWJlZWItYWM1ZWU2MjViYWJj
LzEvX3RQd1hLUDktZWY1bkdYTWFncG5KUFdUR25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHgNSSj/
/HuQ2MzwT5jzwB84sCPLvt22/bH9SN7CI1sGgXGSxa2C+j1m8X2VaoBUCgZND1u1
kf/Eee8vSAWqZ0uMuZGa6Ebj5Jmsjat794HrZ7XEcg/sBUfTrMgiSIH20RQYkjRf
U0vadRUa7szLo0tGMiexh+RiiJbGDs5pNz4vykIJ9thw9QYqIxqwiOK2+qN5XAYZ
VeezANQpfRglHSsJJiORNyI2IkV9VnayHwXZrTbszzBqgmTsmGNd4dSl8szvdm0s
WWfc2TQrfOsL0kufP4siVLRKhNGq8g75GtUKkk+VqQ8hNifQ3qjrkgav0xCwFqDx
PvWp7wVWuzH70w==
-----END CERTIFICATE-----