Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
File:                     xRlGjFXmvnFcDagFzvta7IXTKSY.mft (raw, json)
Hash identifier:          SQxOh1ZRlpNjsFHIXdbUDERxQ4iPtIwGD182DWNOD7Y=
Subject key identifier:   1A:68:B6:61:CA:95:98:45:6C:45:82:FF:8B:04:3D:AC:10:7A:D4:F0
Authority key identifier: C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26
Certificate issuer:       /CN=c519468c55e6be715c0da805cefb5aec85d32926
Certificate serial:       019D38667014B59CDAE6F28207254158F926
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
Manifest number:          1188
Signing time:             Sun 29 Mar 2026 07:02:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:10 +0000
Files and hashes:         1: xRlGjFXmvnFcDagFzvta7IXTKSY.crl (hash: rnFcXRvksR775XSUHmGwoWTCTH2CXEpR3Z97yz8eGTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:70:14:b5:9c:da:e6:f2:82:07:25:41:58:f9:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c519468c55e6be715c0da805cefb5aec85d32926
        Validity
            Not Before: Mar 29 07:02:10 2026 GMT
            Not After : Mar 30 07:02:10 2026 GMT
        Subject: CN=1a68b661ca9598456c4582ff8b043dac107ad4f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0d:61:f8:ed:0a:eb:25:ae:49:b1:2c:a2:0b:
                    9f:32:ea:e1:4c:1e:aa:6e:a9:5e:39:9b:de:dd:11:
                    7b:e0:af:bf:6e:28:97:39:1f:e2:f4:ea:d2:01:52:
                    1d:eb:aa:89:07:e9:81:12:47:47:3c:db:3d:dc:c8:
                    c9:18:ca:97:43:53:19:b9:c9:67:db:d3:1c:53:66:
                    6f:16:cc:e7:00:f7:7f:9f:05:b6:44:79:d0:ba:f2:
                    11:c3:7d:0f:53:c7:86:3e:4e:de:89:d1:41:f8:e6:
                    49:a4:f9:4f:91:8f:ea:fa:01:41:f6:41:61:9c:85:
                    ce:7b:ce:84:58:4b:e9:18:81:9e:1e:2f:bf:fe:c8:
                    3a:81:ad:19:23:33:de:07:d4:e1:b7:be:f9:00:d9:
                    07:dc:41:67:8a:bb:13:7d:72:6a:c0:3f:c7:23:00:
                    c1:7b:c2:ca:da:da:70:9e:bf:56:e7:e5:c3:bc:09:
                    c5:26:6b:b1:c8:d3:2c:12:ab:ed:fc:30:d7:b2:69:
                    f4:83:f0:6f:cc:dc:f0:ba:79:3b:4a:e3:13:af:50:
                    11:ae:46:ec:2e:fa:53:1d:69:d4:d6:19:3d:b1:f9:
                    bb:e3:9c:56:cc:89:79:d1:ce:f3:77:72:60:9d:ee:
                    9f:05:24:ff:0b:be:c8:f7:10:05:46:45:b1:fb:59:
                    11:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:68:B6:61:CA:95:98:45:6C:45:82:FF:8B:04:3D:AC:10:7A:D4:F0
            X509v3 Authority Key Identifier:
                keyid:C5:19:46:8C:55:E6:BE:71:5C:0D:A8:05:CE:FB:5A:EC:85:D3:29:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRlGjFXmvnFcDagFzvta7IXTKSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/2ca2c3-e20f-494e-b1ce-6a71b844ad66/1/xRlGjFXmvnFcDagFzvta7IXTKSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:6d:95:74:53:00:e4:7a:11:85:55:a7:be:52:4e:52:69:a9:
         6b:46:61:04:de:2b:02:50:28:54:10:68:69:d8:0d:60:be:3b:
         e9:04:4d:93:66:83:62:03:5f:75:36:be:b5:a7:ef:c5:7a:d6:
         57:b1:3b:aa:4a:84:8f:05:fa:b8:cc:db:7c:e2:b4:bc:52:1a:
         d3:ca:24:91:2c:d0:c2:31:cd:53:01:18:44:db:0f:2b:6b:93:
         e4:63:a9:77:8c:be:90:7a:fe:f5:37:3c:08:e6:16:2f:ec:dc:
         89:23:19:7c:39:5a:7c:dc:9d:6e:a0:c9:db:87:27:d2:f4:78:
         20:dd:83:82:04:3b:26:98:ea:4b:85:ef:98:2e:5d:ea:f2:1e:
         97:b1:7d:a9:c0:41:3b:cd:88:dc:d6:43:06:df:34:b5:41:a9:
         49:61:79:91:52:3e:7c:a0:94:57:c6:d9:0c:23:ea:36:8b:a8:
         f9:57:63:2b:84:f7:13:ab:66:e1:53:e5:22:f2:6b:37:b9:6d:
         2d:75:37:09:af:f1:39:0e:d9:42:78:a1:98:b8:99:ac:1e:13:
         8d:9b:48:ce:44:9d:14:12:24:78:cd:89:bf:34:e4:ed:78:74:
         58:78:0e:fc:36:3d:7a:35:29:34:59:4d:2a:f2:13:d2:d4:36:
         be:db:08:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZnAUtZza5vKCByVBWPkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTk0NjhjNTVlNmJlNzE1YzBkYTgwNWNlZmI1YWVjODVk
MzI5MjYwHhcNMjYwMzI5MDcwMjEwWhcNMjYwMzMwMDcwMjEwWjAzMTEwLwYDVQQD
EygxYTY4YjY2MWNhOTU5ODQ1NmM0NTgyZmY4YjA0M2RhYzEwN2FkNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQ1h+O0K6yWuSbEsogufMurhTB6q
bqleOZve3RF74K+/biiXOR/i9OrSAVId66qJB+mBEkdHPNs93MjJGMqXQ1MZucln
29McU2ZvFsznAPd/nwW2RHnQuvIRw30PU8eGPk7eidFB+OZJpPlPkY/q+gFB9kFh
nIXOe86EWEvpGIGeHi+//sg6ga0ZIzPeB9Tht775ANkH3EFnirsTfXJqwD/HIwDB
e8LK2tpwnr9W5+XDvAnFJmuxyNMsEqvt/DDXsmn0g/BvzNzwunk7SuMTr1ARrkbs
LvpTHWnU1hk9sfm745xWzIl50c7zd3Jgne6fBST/C77I9xAFRkWx+1kR8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpotmHKlZhFbEWC/4sEPawQetTwMB8GA1UdIwQY
MBaAFMUZRoxV5r5xXA2oBc77WuyF0ykmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2Ut
NmE3MWI4NDRhZDY2LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8yY2EyYzMtZTIwZi00OTRlLWIxY2UtNmE3MWI4NDRhZDY2
LzEveFJsR2pGWG12bkZjRGFnRnp2dGE3SVhUS1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANW2VdFMA
5HoRhVWnvlJOUmmpa0ZhBN4rAlAoVBBoadgNYL476QRNk2aDYgNfdTa+tafvxXrW
V7E7qkqEjwX6uMzbfOK0vFIa08okkSzQwjHNUwEYRNsPK2uT5GOpd4y+kHr+9Tc8
COYWL+zciSMZfDlafNydbqDJ24cn0vR4IN2DggQ7JpjqS4XvmC5d6vIel7F9qcBB
O82I3NZDBt80tUGpSWF5kVI+fKCUV8bZDCPqNouo+VdjK4T3E6tm4VPlIvJrN7lt
LXU3Ca/xOQ7ZQnihmLiZrB4TjZtIzkSdFBIkeM2JvzTk7Xh0WHgO/DY9ejUpNFlN
KvIT0tQ2vtsICw==
-----END CERTIFICATE-----