Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          FUVx9owLbGg3yjpoQ6EKYXWNWqXQkshC+4krRjAdPR0=
Subject key identifier:   21:48:10:60:B2:4A:A3:68:AF:DC:1A:1D:88:17:E7:6B:00:0E:F2:34
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       019D382E8DE6911ADCAD65DF379BB5F18492
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 06:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 06:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 06:01:08 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: aXMi4DccrFJFkW9WSO5WSVf9l9Bf5GPHEi7DIWshFQs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:8d:e6:91:1a:dc:ad:65:df:37:9b:b5:f1:84:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Mar 29 06:01:08 2026 GMT
            Not After : Mar 30 06:01:08 2026 GMT
        Subject: CN=21481060b24aa368afdc1a1d8817e76b000ef234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:97:98:bb:85:1a:d0:b9:6a:ed:b0:a2:21:9d:
                    89:06:bc:30:f5:bd:33:94:16:5a:3a:f9:cf:fd:79:
                    28:4d:a6:41:2a:d3:2b:a9:24:64:1c:67:be:86:a1:
                    5d:57:da:9a:7c:d2:41:88:08:31:0b:04:c3:c6:7f:
                    0d:d6:72:72:76:43:a8:19:e4:01:15:5f:85:6c:12:
                    cd:6d:28:a0:a5:0a:65:f6:b0:c7:0c:ac:46:6b:de:
                    e4:be:0b:d5:9c:ae:12:59:4d:43:1e:ad:a7:1c:3c:
                    e7:01:b4:5e:64:b1:9d:5f:57:ce:be:d3:92:91:30:
                    62:42:00:43:53:bc:d1:d3:57:db:3e:87:49:eb:ca:
                    98:da:14:19:bd:eb:31:10:63:57:c4:19:78:83:ec:
                    e9:ea:38:65:79:0f:bd:f6:01:a3:7e:8b:e7:e1:7e:
                    99:82:c1:5f:9e:fe:f7:e1:c2:ad:82:10:96:17:11:
                    3b:eb:fb:46:67:48:f4:44:25:96:b5:60:80:4f:90:
                    2a:ca:08:af:76:18:6b:3f:93:56:10:f1:30:7c:05:
                    3b:a6:30:11:1e:25:59:99:c5:87:10:79:7d:29:d1:
                    75:42:b7:99:4e:50:fc:8f:08:94:a0:02:d4:e5:cf:
                    de:69:3b:f7:68:91:22:9e:62:97:fb:3b:51:02:61:
                    08:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:48:10:60:B2:4A:A3:68:AF:DC:1A:1D:88:17:E7:6B:00:0E:F2:34
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:bb:aa:f2:5e:89:63:73:dc:f1:46:a0:b6:2f:47:c0:36:df:
         bb:e6:ad:57:17:5f:7f:59:40:96:5b:8e:3d:66:12:db:a1:56:
         ac:4c:23:86:4c:87:9d:ea:ba:6a:ae:17:ac:58:33:bf:cc:33:
         2d:42:9f:9b:27:b4:02:c9:7b:7a:39:65:98:ea:64:5a:c1:5c:
         f1:f1:8c:34:d9:3a:7b:8a:a6:5c:08:af:46:93:05:73:20:07:
         08:65:c2:a6:e8:ad:99:3a:5c:b8:f1:b1:9e:22:7b:43:21:70:
         82:0f:ae:aa:0d:fe:db:5b:aa:3c:b4:8e:d8:92:73:af:db:cd:
         78:70:79:65:2d:18:cd:e1:12:b4:c5:d4:d7:47:64:77:ff:af:
         48:92:74:23:79:8b:81:ca:2b:89:00:2a:44:25:96:da:d3:4c:
         b8:89:7b:fe:5d:9c:bb:5f:44:1d:ff:68:05:59:72:cf:3b:f3:
         50:53:24:13:a2:99:bb:b6:cb:4c:3c:21:8e:a9:d7:ff:9e:61:
         d9:fc:59:3e:55:ae:f1:e6:c0:55:ea:7d:8c:79:a4:d5:37:26:
         67:27:37:f7:0f:dc:82:77:e4:a1:ea:34:d5:30:85:4e:ce:2b:
         19:30:63:84:1a:e5:ab:a0:90:78:32:c9:2a:4e:c0:bb:eb:94:
         df:03:81:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lo3mkRrcrWXfN5u18YSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjYwMzI5MDYwMTA4WhcNMjYwMzMwMDYwMTA4WjAzMTEwLwYDVQQD
EygyMTQ4MTA2MGIyNGFhMzY4YWZkYzFhMWQ4ODE3ZTc2YjAwMGVmMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJeYu4Ua0Llq7bCiIZ2JBrww9b0z
lBZaOvnP/XkoTaZBKtMrqSRkHGe+hqFdV9qafNJBiAgxCwTDxn8N1nJydkOoGeQB
FV+FbBLNbSigpQpl9rDHDKxGa97kvgvVnK4SWU1DHq2nHDznAbReZLGdX1fOvtOS
kTBiQgBDU7zR01fbPodJ68qY2hQZvesxEGNXxBl4g+zp6jhleQ+99gGjfovn4X6Z
gsFfnv734cKtghCWFxE76/tGZ0j0RCWWtWCAT5AqygivdhhrP5NWEPEwfAU7pjAR
HiVZmcWHEHl9KdF1QreZTlD8jwiUoALU5c/eaTv3aJEinmKX+ztRAmEIdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFIEGCySqNor9waHYgX52sADvI0MB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjruq8l6J
Y3Pc8Uagti9HwDbfu+atVxdff1lAlluOPWYS26FWrEwjhkyHneq6aq4XrFgzv8wz
LUKfmye0Asl7ejllmOpkWsFc8fGMNNk6e4qmXAivRpMFcyAHCGXCpuitmTpcuPGx
niJ7QyFwgg+uqg3+21uqPLSO2JJzr9vNeHB5ZS0YzeEStMXU10dkd/+vSJJ0I3mL
gcoriQAqRCWW2tNMuIl7/l2cu19EHf9oBVlyzzvzUFMkE6KZu7bLTDwhjqnX/55h
2fxZPlWu8ebAVep9jHmk1TcmZyc39w/cgnfkoeo01TCFTs4rGTBjhBrlq6CQeDLJ
Kk7Au+uU3wOB5w==
-----END CERTIFICATE-----