Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
File:                     XHOCiOHdRuIcmgORGXJEtHjQqyY.mft (raw, json)
Hash identifier:          172UUF29rhBgXnBMirHQ4vg4bmwncXmo/bkhDfuRV9M=
Subject key identifier:   32:19:A5:7D:B9:B4:11:EE:44:F7:C4:4D:4D:A9:85:86:19:57:FE:B6
Authority key identifier: 5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26
Certificate issuer:       /CN=5c738288e1dd46e21c9a0391197244b478d0ab26
Certificate serial:       019D38667929011C6819484D5BEFC9A8C82D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:02:12 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:12 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:12 +0000
Files and hashes:         1: XHOCiOHdRuIcmgORGXJEtHjQqyY.crl (hash: FU+IDlwZ2SMfsBNyqs+Fl4ozzxRYrUuyYeoEGEuUUTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:79:29:01:1c:68:19:48:4d:5b:ef:c9:a8:c8:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c738288e1dd46e21c9a0391197244b478d0ab26
        Validity
            Not Before: Mar 29 07:02:12 2026 GMT
            Not After : Mar 30 07:02:12 2026 GMT
        Subject: CN=3219a57db9b411ee44f7c44d4da985861957feb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:88:5f:00:c0:41:03:b1:70:8b:fb:4b:e1:0a:
                    cc:22:92:63:82:0e:56:83:08:97:f1:80:6d:64:be:
                    8b:99:5c:24:b3:9e:f5:0d:7b:5c:6a:ce:c8:4c:04:
                    97:f5:66:b4:51:83:1b:77:84:a9:5a:60:57:3f:ae:
                    69:d2:6a:25:dc:d2:00:02:4c:f8:74:10:35:d3:d2:
                    61:e9:54:36:d1:65:44:ff:14:4a:3a:2d:1c:d0:b9:
                    92:e0:96:bd:16:bd:91:f9:41:63:41:8d:8d:06:70:
                    45:36:34:1d:d4:7d:10:b2:84:a9:3c:85:fe:fa:8f:
                    87:85:8d:f0:41:47:67:7a:50:cd:b9:9c:73:6d:03:
                    5e:3c:8c:57:f9:db:9a:6b:27:95:ea:be:2e:b9:68:
                    47:11:1a:57:0f:b3:30:21:73:04:e2:dc:83:67:d3:
                    a0:4c:2a:91:91:7c:40:a1:e4:e3:22:ce:28:18:11:
                    c1:76:96:db:90:d1:3f:73:85:4b:99:d5:d9:8a:9a:
                    3c:54:f0:ac:6a:9c:15:42:20:84:6f:c4:fc:40:d4:
                    b4:b8:04:b4:e4:d0:ba:54:ba:a7:9c:b2:b0:96:56:
                    c1:7d:e4:09:d3:db:49:26:dd:b9:7f:aa:f6:f1:2e:
                    d8:10:76:3b:e8:18:b0:34:a3:59:84:f1:f1:02:d2:
                    34:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:19:A5:7D:B9:B4:11:EE:44:F7:C4:4D:4D:A9:85:86:19:57:FE:B6
            X509v3 Authority Key Identifier:
                keyid:5C:73:82:88:E1:DD:46:E2:1C:9A:03:91:19:72:44:B4:78:D0:AB:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHOCiOHdRuIcmgORGXJEtHjQqyY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e35121-9d16-4a26-a7b7-50140c681aca/1/XHOCiOHdRuIcmgORGXJEtHjQqyY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:07:db:00:62:b3:ae:ad:8b:4a:ef:b3:92:18:d4:5b:ae:08:
         10:cb:8e:73:3a:39:90:82:62:6a:d9:52:6e:af:eb:ea:1f:c0:
         7b:d6:f3:8d:f2:e1:2d:70:e7:83:18:3f:74:0c:88:53:12:28:
         0c:44:45:58:07:41:b7:94:14:45:4d:4a:63:49:3f:b7:ba:b5:
         a4:37:67:bc:2a:9f:66:40:27:b3:15:10:8b:60:ac:51:38:2a:
         eb:75:83:bf:7a:03:92:f2:2a:40:03:f4:14:d5:10:e5:14:74:
         c0:26:63:d1:1e:3c:0a:e5:39:01:6e:5f:38:95:95:31:e2:6d:
         c2:8e:27:e3:ff:5d:9b:bf:93:f3:1f:b4:dc:ee:09:e4:35:48:
         dc:75:1c:2a:c4:10:1a:cb:1f:ff:c4:d8:f5:9f:10:33:72:d4:
         c0:9d:47:b0:ce:40:d3:15:da:e5:1b:7b:1e:3b:bf:16:5a:f7:
         b9:10:63:9d:1d:6f:56:5e:f5:79:77:94:b9:d1:2c:e0:d2:a9:
         fc:32:ad:ce:e2:49:48:9e:b5:d2:a5:e9:6f:7b:a4:0e:66:a3:
         fb:e4:61:4c:d0:51:b4:8b:56:15:a7:f2:31:df:d5:4a:c1:3d:
         3c:68:13:9b:41:97:b0:dd:33:68:52:a7:78:79:b3:68:f3:ea:
         c6:d9:73:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZnkpARxoGUhNW+/JqMgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzM4Mjg4ZTFkZDQ2ZTIxYzlhMDM5MTE5NzI0NGI0Nzhk
MGFiMjYwHhcNMjYwMzI5MDcwMjEyWhcNMjYwMzMwMDcwMjEyWjAzMTEwLwYDVQQD
EygzMjE5YTU3ZGI5YjQxMWVlNDRmN2M0NGQ0ZGE5ODU4NjE5NTdmZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYhfAMBBA7Fwi/tL4QrMIpJjgg5W
gwiX8YBtZL6LmVwks571DXtcas7ITASX9Wa0UYMbd4SpWmBXP65p0mol3NIAAkz4
dBA109Jh6VQ20WVE/xRKOi0c0LmS4Ja9Fr2R+UFjQY2NBnBFNjQd1H0QsoSpPIX+
+o+HhY3wQUdnelDNuZxzbQNePIxX+duaayeV6r4uuWhHERpXD7MwIXME4tyDZ9Og
TCqRkXxAoeTjIs4oGBHBdpbbkNE/c4VLmdXZipo8VPCsapwVQiCEb8T8QNS0uAS0
5NC6VLqnnLKwllbBfeQJ09tJJt25f6r28S7YEHY76BiwNKNZhPHxAtI0SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIZpX25tBHuRPfETU2phYYZV/62MB8GA1UdIwQY
MBaAFFxzgojh3UbiHJoDkRlyRLR40KsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3Yjct
NTAxNDBjNjgxYWNhLzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9lMzUxMjEtOWQxNi00YTI2LWE3YjctNTAxNDBjNjgxYWNh
LzEvWEhPQ2lPSGRSdUljbWdPUkdYSkV0SGpRcXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhwfbAGKz
rq2LSu+zkhjUW64IEMuOczo5kIJiatlSbq/r6h/Ae9bzjfLhLXDngxg/dAyIUxIo
DERFWAdBt5QURU1KY0k/t7q1pDdnvCqfZkAnsxUQi2CsUTgq63WDv3oDkvIqQAP0
FNUQ5RR0wCZj0R48CuU5AW5fOJWVMeJtwo4n4/9dm7+T8x+03O4J5DVI3HUcKsQQ
Gssf/8TY9Z8QM3LUwJ1HsM5A0xXa5Rt7Hju/Flr3uRBjnR1vVl71eXeUudEs4NKp
/DKtzuJJSJ610qXpb3ukDmaj++RhTNBRtItWFafyMd/VSsE9PGgTm0GXsN0zaFKn
eHmzaPPqxtlzCg==
-----END CERTIFICATE-----