Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
File:                     xq11SrfApAHA_x08Ensn1T_cyYE.mft (raw, json)
Hash identifier:          G4iRzVnsieSEAyFL3TrZHXUudSQVv8w8/yvKF6ADmdA=
Subject key identifier:   60:65:03:CE:CD:70:CC:9C:29:24:27:FD:60:06:D1:32:04:3E:66:FF
Authority key identifier: C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81
Certificate issuer:       /CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
Certificate serial:       019D37C031FA6CE6151BB9F5ED0600C8F86F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 04:00:35 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:35 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:35 +0000
Files and hashes:         1: xq11SrfApAHA_x08Ensn1T_cyYE.crl (hash: zm70xCX1OexBpvvoyf0W76D16ZYi3n8ze5fUqoiUGDI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:31:fa:6c:e6:15:1b:b9:f5:ed:06:00:c8:f8:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6ad754ab7c0a401c0ff1d3c127b27d53fdcc981
        Validity
            Not Before: Mar 29 04:00:35 2026 GMT
            Not After : Mar 30 04:00:35 2026 GMT
        Subject: CN=606503cecd70cc9c292427fd6006d132043e66ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b9:de:f5:bb:08:4b:9d:94:e5:3d:d3:88:1e:
                    02:8c:97:8b:ef:41:f5:7d:5a:5e:ab:f9:22:42:ed:
                    b4:ab:0c:94:38:44:cc:51:4f:bf:05:c4:aa:3c:86:
                    a9:40:75:3d:91:90:d0:95:84:ea:60:9c:03:7b:27:
                    e8:87:f2:26:8a:ce:0a:88:2d:44:c1:7b:da:f6:f7:
                    7c:da:ec:39:33:33:49:eb:0b:d1:69:c1:82:50:79:
                    83:8f:38:e3:f5:ae:61:f3:c2:df:32:7b:1b:25:fb:
                    d7:db:70:f5:ac:c3:58:4f:55:29:c9:4e:8c:89:65:
                    41:19:83:37:7f:f7:ba:3f:f2:a1:12:db:22:ad:5b:
                    34:51:07:f9:bc:8a:63:b6:8f:04:21:ec:74:3a:cb:
                    d9:3c:0b:72:20:54:1b:dc:bb:ea:aa:38:98:e2:7f:
                    55:ac:26:2a:69:36:5e:ab:a9:52:1a:75:61:6c:b2:
                    00:a9:ad:a6:89:55:43:61:c7:91:0e:f4:51:9b:a1:
                    c8:7f:d5:10:47:65:7d:13:6f:50:92:ba:61:d3:0b:
                    e1:d3:2f:f2:cf:9d:54:cf:a9:11:af:a3:44:3a:03:
                    a4:7e:cf:87:3b:3e:93:aa:10:06:ba:b9:fa:0b:b3:
                    ee:c1:11:f8:c5:79:0b:48:90:f4:d5:be:b2:64:f4:
                    33:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:65:03:CE:CD:70:CC:9C:29:24:27:FD:60:06:D1:32:04:3E:66:FF
            X509v3 Authority Key Identifier:
                keyid:C6:AD:75:4A:B7:C0:A4:01:C0:FF:1D:3C:12:7B:27:D5:3F:DC:C9:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xq11SrfApAHA_x08Ensn1T_cyYE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4c3133-cb98-4eae-abce-ba33d36755df/1/xq11SrfApAHA_x08Ensn1T_cyYE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:2e:cb:86:dc:17:4a:fc:cb:0b:1e:ac:d9:b1:25:8f:2d:cc:
         6e:a3:a5:ba:84:99:4a:ce:43:3a:6a:c9:24:e8:7b:f1:41:15:
         18:83:ad:4a:19:56:48:cb:1a:d4:ec:bc:04:19:c4:3f:f3:a1:
         43:8a:c9:32:86:0a:0a:58:7e:6b:70:03:57:42:9b:64:c3:cd:
         a6:1b:d7:b8:82:0f:7f:27:12:ec:82:37:76:63:fb:f4:c4:8d:
         72:54:e1:eb:d8:83:72:ed:a4:5f:78:a0:45:da:fb:23:16:57:
         29:54:84:32:40:1c:61:16:d7:0b:bb:e4:74:57:2b:86:4f:79:
         28:55:7f:04:de:0c:c2:58:ea:83:3e:3d:40:58:4a:b8:64:e5:
         8a:6b:81:9b:b0:38:01:60:e8:b1:54:7a:6d:08:ab:c3:ee:0b:
         5c:d8:0a:31:c7:a6:37:d7:a4:a2:68:dd:ab:b2:95:80:38:9f:
         2d:d4:d2:c7:bf:6a:68:e5:86:38:89:1a:87:59:9a:00:bc:e3:
         32:29:e8:12:54:5e:bb:3a:28:ff:43:1b:46:43:70:d9:f3:1b:
         44:31:24:ca:91:a3:9d:85:b5:fd:d7:9b:a6:cf:d7:e3:e8:86:
         b7:17:c7:d6:37:24:6d:a5:36:87:93:8b:9e:b3:1c:a5:90:49:
         ed:36:09:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wDH6bOYVG7n17QYAyPhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YWQ3NTRhYjdjMGE0MDFjMGZmMWQzYzEyN2IyN2Q1M2Zk
Y2M5ODEwHhcNMjYwMzI5MDQwMDM1WhcNMjYwMzMwMDQwMDM1WjAzMTEwLwYDVQQD
Eyg2MDY1MDNjZWNkNzBjYzljMjkyNDI3ZmQ2MDA2ZDEzMjA0M2U2NmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrne9bsIS52U5T3TiB4CjJeL70H1
fVpeq/kiQu20qwyUOETMUU+/BcSqPIapQHU9kZDQlYTqYJwDeyfoh/Imis4KiC1E
wXva9vd82uw5MzNJ6wvRacGCUHmDjzjj9a5h88LfMnsbJfvX23D1rMNYT1UpyU6M
iWVBGYM3f/e6P/KhEtsirVs0UQf5vIpjto8EIex0OsvZPAtyIFQb3LvqqjiY4n9V
rCYqaTZeq6lSGnVhbLIAqa2miVVDYceRDvRRm6HIf9UQR2V9E29Qkrph0wvh0y/y
z51Uz6kRr6NEOgOkfs+HOz6TqhAGurn6C7PuwRH4xXkLSJD01b6yZPQzcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGBlA87NcMycKSQn/WAG0TIEPmb/MB8GA1UdIwQY
MBaAFMatdUq3wKQBwP8dPBJ7J9U/3MmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2Ut
YmEzM2QzNjc1NWRmLzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YzMxMzMtY2I5OC00ZWFlLWFiY2UtYmEzM2QzNjc1NWRm
LzEveHExMVNyZkFwQUhBX3gwOEVuc24xVF9jeVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABS7LhtwX
SvzLCx6s2bEljy3MbqOluoSZSs5DOmrJJOh78UEVGIOtShlWSMsa1Oy8BBnEP/Oh
Q4rJMoYKClh+a3ADV0KbZMPNphvXuIIPfycS7II3dmP79MSNclTh69iDcu2kX3ig
Rdr7IxZXKVSEMkAcYRbXC7vkdFcrhk95KFV/BN4Mwljqgz49QFhKuGTlimuBm7A4
AWDosVR6bQirw+4LXNgKMcemN9ekomjdq7KVgDifLdTSx79qaOWGOIkah1maALzj
MinoElReuzoo/0MbRkNw2fMbRDEkypGjnYW1/debps/X4+iGtxfH1jckbaU2h5OL
nrMcpZBJ7TYJog==
-----END CERTIFICATE-----