Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          q5yOEiPz/fOLOYC6yfd194MFtCpxAeR8woBRx+7EN7I=
Subject key identifier:   0A:B0:BC:59:5A:FB:B7:84:D0:47:4D:CA:51:14:3D:8B:D3:43:D9:C5
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       019D38D330E2E6902E6BDDD2E40EAA166F8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:57 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: u/36afNwVFDuIlXZvJQFJWEXQtRPXXzTZ24OXhe4I4M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 09:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:30:e2:e6:90:2e:6b:dd:d2:e4:0e:aa:16:6f:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Mar 29 09:00:57 2026 GMT
            Not After : Mar 30 09:00:57 2026 GMT
        Subject: CN=0ab0bc595afbb784d0474dca51143d8bd343d9c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:48:7a:bc:71:e7:d7:be:4c:63:57:a4:2b:09:
                    71:53:48:3c:69:2a:b6:38:93:6a:f2:38:ce:c2:e5:
                    21:99:9e:33:85:05:30:60:4c:65:7d:ec:6f:af:62:
                    fe:b8:71:39:46:42:c3:17:03:ff:23:ee:5a:14:a5:
                    49:8d:38:f4:66:60:5f:9f:a2:f7:60:c4:f2:99:38:
                    7a:ab:ba:25:0e:c3:a9:c0:4d:a6:8a:bc:e9:3f:02:
                    a8:e8:32:b2:8c:fc:de:da:24:b8:0d:3e:e5:a5:75:
                    33:55:c9:92:91:b7:30:d4:10:38:d4:ff:a3:2b:d6:
                    c7:e6:76:5b:71:f3:4f:55:95:20:12:9c:84:f8:3c:
                    b1:42:36:53:1d:a5:b3:81:5d:06:27:67:44:c2:59:
                    e7:36:7a:12:52:2a:c1:c1:96:93:33:e7:fa:55:0c:
                    a1:a7:d3:3e:bd:d5:a5:9a:92:d4:d7:87:c3:f6:62:
                    40:ec:6b:e2:e4:b3:2e:eb:9c:c4:53:3b:2b:e8:6b:
                    04:8d:e4:b7:c3:59:a5:d2:89:4a:46:44:ce:d5:8a:
                    46:f5:05:3d:06:e2:5f:13:98:4f:15:9a:93:f6:46:
                    f0:28:e4:20:17:46:6d:88:d5:e5:01:2d:71:ac:61:
                    50:54:f0:bc:81:c4:a3:af:a0:cb:01:8e:e8:2e:06:
                    62:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:B0:BC:59:5A:FB:B7:84:D0:47:4D:CA:51:14:3D:8B:D3:43:D9:C5
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:70:a5:83:81:f6:3c:0d:6d:fc:4c:e1:27:5b:84:89:1f:4f:
         7a:9b:12:e6:22:98:62:86:a4:73:c9:6a:3a:c6:52:67:99:e3:
         ad:4c:d9:0d:3f:7c:66:29:63:ff:77:c9:28:d1:e2:ff:de:c6:
         ff:22:7f:45:0b:bd:bb:aa:d4:00:ad:7d:78:a2:2d:8b:ff:e4:
         e2:4e:fa:d6:4c:2d:2f:70:ad:5e:46:6e:48:f2:0a:b8:a6:8a:
         e0:07:61:ff:c6:69:88:c6:6e:43:4e:fc:93:43:2e:f0:6d:0e:
         d8:a2:7e:33:13:6d:e3:cd:ee:f1:85:a5:a6:d3:50:80:52:89:
         24:cd:66:f2:9b:44:27:39:1a:7b:82:11:33:93:46:30:e6:51:
         f4:4e:f8:a9:61:c0:70:2a:ed:39:6f:c4:8c:45:2a:bf:fc:86:
         6c:41:bc:ad:7e:a8:ec:ec:47:4c:5d:24:08:e7:b1:03:cf:27:
         b1:45:10:8f:26:d8:31:4c:21:36:e5:6d:99:95:ba:7a:a2:5a:
         3b:25:0d:fe:52:46:00:43:57:1a:11:b7:89:9a:01:5c:d4:33:
         15:7e:f0:b3:8c:b4:fa:45:9d:4e:7f:09:9f:86:9c:73:3f:f5:
         7c:85:9b:22:bf:fa:ff:64:c8:de:86:7d:67:3c:13:2f:f0:70:
         e4:9c:36:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zDi5pAua93S5A6qFm+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjYwMzI5MDkwMDU3WhcNMjYwMzMwMDkwMDU3WjAzMTEwLwYDVQQD
EygwYWIwYmM1OTVhZmJiNzg0ZDA0NzRkY2E1MTE0M2Q4YmQzNDNkOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUh6vHHn175MY1ekKwlxU0g8aSq2
OJNq8jjOwuUhmZ4zhQUwYExlfexvr2L+uHE5RkLDFwP/I+5aFKVJjTj0ZmBfn6L3
YMTymTh6q7olDsOpwE2mirzpPwKo6DKyjPze2iS4DT7lpXUzVcmSkbcw1BA41P+j
K9bH5nZbcfNPVZUgEpyE+DyxQjZTHaWzgV0GJ2dEwlnnNnoSUirBwZaTM+f6VQyh
p9M+vdWlmpLU14fD9mJA7Gvi5LMu65zEUzsr6GsEjeS3w1ml0olKRkTO1YpG9QU9
BuJfE5hPFZqT9kbwKOQgF0ZtiNXlAS1xrGFQVPC8gcSjr6DLAY7oLgZiGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqwvFla+7eE0EdNylEUPYvTQ9nFMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmXClg4H2
PA1t/EzhJ1uEiR9PepsS5iKYYoakc8lqOsZSZ5njrUzZDT98Zilj/3fJKNHi/97G
/yJ/RQu9u6rUAK19eKIti//k4k761kwtL3CtXkZuSPIKuKaK4Adh/8ZpiMZuQ078
k0Mu8G0O2KJ+MxNt483u8YWlptNQgFKJJM1m8ptEJzkae4IRM5NGMOZR9E74qWHA
cCrtOW/EjEUqv/yGbEG8rX6o7OxHTF0kCOexA88nsUUQjybYMUwhNuVtmZW6eqJa
OyUN/lJGAENXGhG3iZoBXNQzFX7ws4y0+kWdTn8Jn4accz/1fIWbIr/6/2TI3oZ9
ZzwTL/Bw5Jw2NA==
-----END CERTIFICATE-----