Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
File:                     OXqyKGxnhx2rRXpygyl_yMaIpK8.mft (raw, json)
Hash identifier:          +6RImYdL//eNE0wW3Li+MSQyW3O3KR22ICGQsNMTNDY=
Subject key identifier:   33:21:D5:4E:4E:26:06:7E:3E:C7:CE:1B:6A:B7:70:3F:F3:C0:0C:23
Authority key identifier: 39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF
Certificate issuer:       /CN=397ab2286c67871dab457a7283297fc8c688a4af
Certificate serial:       019D390A26FFBBE0200CA79D097B64C59E06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 10:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:59 +0000
Files and hashes:         1: OXqyKGxnhx2rRXpygyl_yMaIpK8.crl (hash: lmmVf+zusx+JeCkFS3tlqxuIkkAd7HV52BakQ23Q63A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:26:ff:bb:e0:20:0c:a7:9d:09:7b:64:c5:9e:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=397ab2286c67871dab457a7283297fc8c688a4af
        Validity
            Not Before: Mar 29 10:00:59 2026 GMT
            Not After : Mar 30 10:00:59 2026 GMT
        Subject: CN=3321d54e4e26067e3ec7ce1b6ab7703ff3c00c23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:27:57:3c:4c:2a:bd:64:eb:f6:18:01:2d:8f:
                    eb:db:67:89:54:2a:e1:5c:12:bb:1b:a7:25:34:b0:
                    75:ea:31:4d:6e:7b:49:62:f8:e8:e8:b4:9a:f2:4e:
                    7b:4f:9d:65:40:85:89:9d:93:b3:2f:91:56:ed:ec:
                    95:13:03:87:47:a5:1f:56:ff:da:f2:87:9d:38:64:
                    a6:9b:46:29:50:d8:ee:7d:64:e0:8d:6a:37:29:0f:
                    67:b1:4e:40:25:d7:2a:24:8c:20:c3:d8:3d:09:22:
                    0f:d1:ef:ef:61:04:62:95:8c:5d:79:04:20:a4:4f:
                    f9:5e:b5:a5:d7:63:1d:5e:4d:ee:2b:81:54:2e:09:
                    d6:be:c5:00:8f:81:9b:46:e5:d1:cb:af:54:d0:e9:
                    2e:27:5b:a1:b6:a3:f4:b9:7a:df:51:5d:a0:4d:e5:
                    2c:cc:a2:25:f9:cf:db:d2:03:ae:f9:35:ff:ea:b6:
                    c4:ef:b5:25:ed:56:5e:ab:2c:d3:e8:fd:87:20:34:
                    9a:e6:83:3d:bf:29:fb:90:62:19:2d:1f:71:21:aa:
                    27:f5:b6:86:22:b8:4b:0f:c3:0e:2f:f1:7a:64:f6:
                    fa:88:7a:d6:ad:86:11:bb:8c:7d:d2:c5:b5:a3:98:
                    19:2c:1d:94:8c:93:da:95:9b:7e:6c:de:c8:54:e2:
                    fd:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:21:D5:4E:4E:26:06:7E:3E:C7:CE:1B:6A:B7:70:3F:F3:C0:0C:23
            X509v3 Authority Key Identifier:
                keyid:39:7A:B2:28:6C:67:87:1D:AB:45:7A:72:83:29:7F:C8:C6:88:A4:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXqyKGxnhx2rRXpygyl_yMaIpK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/2b2124-8794-4a8b-9930-3323fd060b9b/1/OXqyKGxnhx2rRXpygyl_yMaIpK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:a2:43:19:e3:0f:b1:ce:ec:6c:df:fe:70:23:bf:75:e5:f7:
         c5:aa:48:ea:8c:f8:38:3b:db:c4:39:2f:5c:c2:f0:d4:af:b8:
         90:1f:db:da:03:95:b8:31:70:2e:1d:b9:d4:0a:eb:f8:16:4b:
         c5:61:5d:b8:4a:8a:de:f1:50:87:2c:2a:3b:35:2a:77:16:8c:
         ac:85:a7:0b:06:79:e1:34:00:66:49:e5:ac:1a:ac:23:07:b7:
         da:a5:a4:ea:ec:eb:24:84:ae:e2:73:10:a2:21:ec:65:43:93:
         d9:27:46:8e:1e:2b:2e:0d:6c:5b:8f:e5:1d:51:bb:56:93:3f:
         1e:b4:c4:13:d6:51:bf:62:46:81:36:e6:a6:f8:25:1c:b9:9b:
         84:50:70:70:e6:4d:25:91:a4:f3:63:7f:24:d0:50:6b:2d:61:
         1a:b3:c0:e1:0a:63:4d:e2:ef:bc:66:16:20:f5:fc:d4:26:d5:
         c7:d1:8f:b0:cb:19:64:8d:13:e7:44:c7:fc:1a:0c:05:81:6b:
         0e:a7:c0:4b:40:1f:e5:a4:0d:ef:e1:ab:90:cd:87:5e:2e:7a:
         2d:16:74:c1:db:5b:1e:5a:99:af:6e:b7:bf:6e:64:b0:60:4d:
         07:2d:38:35:79:fe:42:6d:5e:e1:05:95:a1:7e:76:a9:95:39:
         90:20:fc:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cib/u+AgDKedCXtkxZ4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5N2FiMjI4NmM2Nzg3MWRhYjQ1N2E3MjgzMjk3ZmM4YzY4
OGE0YWYwHhcNMjYwMzI5MTAwMDU5WhcNMjYwMzMwMTAwMDU5WjAzMTEwLwYDVQQD
EygzMzIxZDU0ZTRlMjYwNjdlM2VjN2NlMWI2YWI3NzAzZmYzYzAwYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSdXPEwqvWTr9hgBLY/r22eJVCrh
XBK7G6clNLB16jFNbntJYvjo6LSa8k57T51lQIWJnZOzL5FW7eyVEwOHR6UfVv/a
8oedOGSmm0YpUNjufWTgjWo3KQ9nsU5AJdcqJIwgw9g9CSIP0e/vYQRilYxdeQQg
pE/5XrWl12MdXk3uK4FULgnWvsUAj4GbRuXRy69U0OkuJ1uhtqP0uXrfUV2gTeUs
zKIl+c/b0gOu+TX/6rbE77Ul7VZeqyzT6P2HIDSa5oM9vyn7kGIZLR9xIaon9baG
IrhLD8MOL/F6ZPb6iHrWrYYRu4x90sW1o5gZLB2UjJPalZt+bN7IVOL92QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMh1U5OJgZ+PsfOG2q3cD/zwAwjMB8GA1UdIwQY
MBaAFDl6sihsZ4cdq0V6coMpf8jGiKSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAt
MzMyM2ZkMDYwYjliLzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8yYjIxMjQtODc5NC00YThiLTk5MzAtMzMyM2ZkMDYwYjli
LzEvT1hxeUtHeG5oeDJyUlhweWd5bF95TWFJcEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMKJDGeMP
sc7sbN/+cCO/deX3xapI6oz4ODvbxDkvXMLw1K+4kB/b2gOVuDFwLh251Arr+BZL
xWFduEqK3vFQhywqOzUqdxaMrIWnCwZ54TQAZknlrBqsIwe32qWk6uzrJISu4nMQ
oiHsZUOT2SdGjh4rLg1sW4/lHVG7VpM/HrTEE9ZRv2JGgTbmpvglHLmbhFBwcOZN
JZGk82N/JNBQay1hGrPA4QpjTeLvvGYWIPX81CbVx9GPsMsZZI0T50TH/BoMBYFr
DqfAS0Af5aQN7+GrkM2HXi56LRZ0wdtbHlqZr263v25ksGBNBy04NXn+Qm1e4QWV
oX52qZU5kCD8XQ==
-----END CERTIFICATE-----