Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          LBRJuOKZER2f/Um8XN5CQ1CXl6TyrS4TeqOtWMWcMaA=
Subject key identifier:   56:21:5A:A5:5B:5B:04:CD:26:38:55:A1:2A:C3:C1:0B:DC:EA:10:06
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       019D38D3A3E600C38620F0D06ADAD0B3FA70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:27 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: wc+YtojLXSyeiTqtc5mCS1AkR1z5IM10AB4EYb+D7W0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:a3:e6:00:c3:86:20:f0:d0:6a:da:d0:b3:fa:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Mar 29 09:01:27 2026 GMT
            Not After : Mar 30 09:01:27 2026 GMT
        Subject: CN=56215aa55b5b04cd263855a12ac3c10bdcea1006
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:32:ac:f6:29:39:b0:25:3c:39:1e:02:13:07:
                    c4:3d:92:50:f7:99:ef:c9:3d:2c:1b:e8:73:e6:af:
                    36:09:c6:58:b2:3a:02:2c:a1:5a:48:b3:39:de:23:
                    e8:60:10:0c:7e:7d:7a:d0:6e:82:d8:7e:7d:be:36:
                    75:51:ee:bd:44:a4:61:b0:84:14:63:d9:b4:a9:7e:
                    4d:d0:ff:c8:55:f5:11:d0:ac:d0:93:2a:73:d2:9e:
                    1f:79:2a:49:28:75:44:f6:bb:47:fc:a9:6b:9a:b9:
                    4c:40:39:24:2e:ef:37:10:71:82:5e:dc:22:bb:18:
                    20:49:b7:68:87:b7:b9:ee:00:02:0a:54:ad:ed:4f:
                    47:83:e8:c5:b5:9f:69:e3:a2:58:75:3a:44:86:5f:
                    b6:d5:09:cd:ce:60:3d:b3:b5:5c:1d:f1:e7:7a:b2:
                    b0:d2:2a:2b:e8:bb:44:94:77:5e:04:af:47:6f:24:
                    47:fc:34:94:4e:23:72:40:77:35:2d:71:34:fa:4c:
                    fe:0c:4d:d4:ca:64:c0:3a:1a:a2:ec:f6:f6:66:a0:
                    3f:f2:e0:78:ce:44:56:50:de:d0:c1:07:b0:c0:a7:
                    d0:6b:a0:af:38:f7:48:e6:7d:15:68:a7:cf:97:e5:
                    0a:01:66:f7:91:e4:aa:98:40:84:1c:85:79:c0:72:
                    ec:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:21:5A:A5:5B:5B:04:CD:26:38:55:A1:2A:C3:C1:0B:DC:EA:10:06
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:d5:0f:1c:ac:04:a5:fe:72:e3:53:5f:77:9f:d1:68:2a:a7:
         58:cb:ce:a8:b8:a6:0a:1b:a8:9c:2f:ef:4a:47:a9:9f:6a:41:
         9c:f0:78:89:f4:5b:ee:5d:17:7c:f5:42:f6:b2:a7:ec:cd:f9:
         5c:75:3f:7a:07:34:cd:c2:db:67:72:55:ef:eb:12:20:ba:29:
         9d:63:a9:d9:76:ff:34:ca:45:2e:14:6d:5e:6d:7d:c9:3b:89:
         a4:65:b3:60:58:28:4b:c5:fc:03:f1:28:69:96:35:58:17:fd:
         4f:e7:17:66:2b:c5:2a:46:64:97:44:68:07:58:44:9d:be:52:
         09:ff:56:76:df:89:b1:a3:da:e0:82:dd:07:84:7d:b1:42:29:
         cb:b5:ae:13:3b:82:3c:6f:03:39:80:28:e8:26:47:89:7a:78:
         32:3f:c1:3c:da:31:03:d6:86:48:1f:0f:fa:7e:cc:1b:d1:72:
         df:4e:1b:76:b7:34:14:3d:a6:6c:7e:1c:65:17:b9:97:a2:79:
         7f:31:bb:b4:a8:63:6d:b1:65:fd:62:50:59:e6:9e:c6:0a:88:
         c0:63:97:a9:6f:6a:bb:14:7f:0c:e3:16:c0:67:b8:bd:3b:03:
         99:20:70:dc:5e:d5:e2:bd:da:f5:db:ee:ba:37:a4:15:ba:3e:
         50:0c:98:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0406PmAMOGIPDQatrQs/pwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjYwMzI5MDkwMTI3WhcNMjYwMzMwMDkwMTI3WjAzMTEwLwYDVQQD
Eyg1NjIxNWFhNTViNWIwNGNkMjYzODU1YTEyYWMzYzEwYmRjZWExMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzKs9ik5sCU8OR4CEwfEPZJQ95nv
yT0sG+hz5q82CcZYsjoCLKFaSLM53iPoYBAMfn160G6C2H59vjZ1Ue69RKRhsIQU
Y9m0qX5N0P/IVfUR0KzQkypz0p4feSpJKHVE9rtH/KlrmrlMQDkkLu83EHGCXtwi
uxggSbdoh7e57gACClSt7U9Hg+jFtZ9p46JYdTpEhl+21QnNzmA9s7VcHfHnerKw
0ior6LtElHdeBK9HbyRH/DSUTiNyQHc1LXE0+kz+DE3UymTAOhqi7Pb2ZqA/8uB4
zkRWUN7QwQewwKfQa6CvOPdI5n0VaKfPl+UKAWb3keSqmECEHIV5wHLs1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYhWqVbWwTNJjhVoSrDwQvc6hAGMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALdUPHKwE
pf5y41Nfd5/RaCqnWMvOqLimChuonC/vSkepn2pBnPB4ifRb7l0XfPVC9rKn7M35
XHU/egc0zcLbZ3JV7+sSILopnWOp2Xb/NMpFLhRtXm19yTuJpGWzYFgoS8X8A/Eo
aZY1WBf9T+cXZivFKkZkl0RoB1hEnb5SCf9Wdt+JsaPa4ILdB4R9sUIpy7WuEzuC
PG8DOYAo6CZHiXp4Mj/BPNoxA9aGSB8P+n7MG9Fy304bdrc0FD2mbH4cZRe5l6J5
fzG7tKhjbbFl/WJQWeaexgqIwGOXqW9quxR/DOMWwGe4vTsDmSBw3F7V4r3a9dvu
ujekFbo+UAyYLw==
-----END CERTIFICATE-----