Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
File:                     xLxp1Co7FePOy5HHcrpkM8URvpk.mft (raw, json)
Hash identifier:          qtZtiTHwQUqbSqIiY5q6OFkasFA4TZ32/M+TuU8XznU=
Subject key identifier:   32:CE:FC:5F:5A:ED:67:A0:08:DA:08:42:01:9E:D3:BA:26:E8:F8:EE
Authority key identifier: C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99
Certificate issuer:       /CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
Certificate serial:       019D37891D1F225F112841C96BF1B3246E3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 03:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:25 +0000
Files and hashes:         1: xLxp1Co7FePOy5HHcrpkM8URvpk.crl (hash: nLxoI+4SlMDH4AdKkDkfsXu8AMfXWfgE3vs1AG384c4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:1d:1f:22:5f:11:28:41:c9:6b:f1:b3:24:6e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4bc69d42a3b15e3cecb91c772ba6433c511be99
        Validity
            Not Before: Mar 29 03:00:25 2026 GMT
            Not After : Mar 30 03:00:25 2026 GMT
        Subject: CN=32cefc5f5aed67a008da0842019ed3ba26e8f8ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:cc:06:73:b6:aa:59:a2:06:fc:80:43:44:86:
                    24:99:9f:d9:7f:b1:c6:02:56:2c:84:ad:69:c4:4d:
                    45:15:89:44:16:c7:7f:8b:aa:fc:52:33:c6:ef:6e:
                    f2:4a:2d:e5:2d:a4:a3:09:5a:ce:04:95:4d:a5:42:
                    90:19:08:e1:7c:d2:20:fa:b7:61:fe:d4:47:80:2d:
                    b2:e6:b0:1a:52:c7:ed:d1:2e:07:e3:f7:b6:6c:df:
                    9e:54:49:fe:50:32:49:b6:3a:d8:7f:08:75:1c:12:
                    a0:8c:2e:c8:20:53:89:b4:fd:de:d7:d2:c6:fc:58:
                    84:a9:41:a3:e4:c1:97:a9:a4:83:9a:9c:c0:65:c9:
                    34:dd:de:67:2b:e3:c6:2f:31:df:81:9a:b7:3e:d4:
                    01:51:cf:a0:16:0d:20:02:eb:3a:1c:50:7d:2d:98:
                    29:67:35:26:57:a7:95:5e:61:cc:92:24:16:0a:91:
                    a6:11:56:1b:51:ea:ac:01:34:c3:38:0a:29:53:bb:
                    6d:ed:86:6a:98:9c:6f:26:27:e2:b8:71:76:28:59:
                    86:5e:6f:b0:60:2d:4b:a4:d0:e0:11:3a:af:7f:6e:
                    6f:33:7f:0d:e5:b0:38:29:33:ad:a9:1e:72:f6:7b:
                    52:4d:61:e7:c1:40:e3:68:d9:a4:ca:1d:b2:5d:a8:
                    ed:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CE:FC:5F:5A:ED:67:A0:08:DA:08:42:01:9E:D3:BA:26:E8:F8:EE
            X509v3 Authority Key Identifier:
                keyid:C4:BC:69:D4:2A:3B:15:E3:CE:CB:91:C7:72:BA:64:33:C5:11:BE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLxp1Co7FePOy5HHcrpkM8URvpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/d8c21b-fe36-4a2e-ac2e-d17f98114070/1/xLxp1Co7FePOy5HHcrpkM8URvpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:a9:cd:99:31:5a:5f:39:9f:f9:dd:7a:39:71:da:0c:de:3a:
         b7:34:5b:4e:95:ea:3d:3d:ab:39:a2:10:f7:74:2d:45:8e:b7:
         05:43:d1:70:25:6d:13:14:cf:81:9e:e2:2e:98:0a:d6:63:f5:
         d5:8b:d0:f3:27:d8:1d:40:cb:51:a4:61:1e:e1:d2:da:ee:e2:
         86:1b:e2:56:38:52:0c:fe:1a:21:c0:59:07:dd:05:ff:ed:26:
         36:3a:bf:be:a5:2d:48:15:a9:97:b2:d5:12:12:6a:e2:fc:ef:
         ec:9e:f5:3c:7c:27:20:37:cc:61:d3:1c:c6:2a:16:a8:a5:69:
         12:f1:46:dc:cc:92:15:17:f6:38:50:6c:fe:ef:3e:8a:be:a5:
         96:4b:28:3d:5b:e0:e9:81:6d:7c:33:69:12:34:6b:06:0b:59:
         67:e2:ee:f5:07:dd:03:cf:26:ef:af:ea:f9:aa:9a:43:1e:e4:
         2f:1e:a1:08:b1:0e:c6:2a:83:c6:19:12:90:31:41:cd:a7:26:
         17:8f:40:84:f7:6e:48:18:94:86:2f:86:43:9b:28:87:9d:a1:
         22:d9:b0:dd:de:c1:33:32:40:35:0a:ab:38:c0:33:68:57:90:
         59:0f:aa:3c:a1:7c:87:7d:07:e5:e2:86:da:74:83:f0:b7:b6:
         4e:15:f2:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iR0fIl8RKEHJa/GzJG46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YmM2OWQ0MmEzYjE1ZTNjZWNiOTFjNzcyYmE2NDMzYzUx
MWJlOTkwHhcNMjYwMzI5MDMwMDI1WhcNMjYwMzMwMDMwMDI1WjAzMTEwLwYDVQQD
EygzMmNlZmM1ZjVhZWQ2N2EwMDhkYTA4NDIwMTllZDNiYTI2ZThmOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcwGc7aqWaIG/IBDRIYkmZ/Zf7HG
AlYshK1pxE1FFYlEFsd/i6r8UjPG727ySi3lLaSjCVrOBJVNpUKQGQjhfNIg+rdh
/tRHgC2y5rAaUsft0S4H4/e2bN+eVEn+UDJJtjrYfwh1HBKgjC7IIFOJtP3e19LG
/FiEqUGj5MGXqaSDmpzAZck03d5nK+PGLzHfgZq3PtQBUc+gFg0gAus6HFB9LZgp
ZzUmV6eVXmHMkiQWCpGmEVYbUeqsATTDOAopU7tt7YZqmJxvJifiuHF2KFmGXm+w
YC1LpNDgETqvf25vM38N5bA4KTOtqR5y9ntSTWHnwUDjaNmkyh2yXajtbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLO/F9a7WegCNoIQgGe07om6PjuMB8GA1UdIwQY
MBaAFMS8adQqOxXjzsuRx3K6ZDPFEb6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUt
ZDE3Zjk4MTE0MDcwLzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9kOGMyMWItZmUzNi00YTJlLWFjMmUtZDE3Zjk4MTE0MDcw
LzEveEx4cDFDbzdGZVBPeTVISGNycGtNOFVSdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqanNmTFa
Xzmf+d16OXHaDN46tzRbTpXqPT2rOaIQ93QtRY63BUPRcCVtExTPgZ7iLpgK1mP1
1YvQ8yfYHUDLUaRhHuHS2u7ihhviVjhSDP4aIcBZB90F/+0mNjq/vqUtSBWpl7LV
EhJq4vzv7J71PHwnIDfMYdMcxioWqKVpEvFG3MySFRf2OFBs/u8+ir6llksoPVvg
6YFtfDNpEjRrBgtZZ+Lu9QfdA88m76/q+aqaQx7kLx6hCLEOxiqDxhkSkDFBzacm
F49AhPduSBiUhi+GQ5soh52hItmw3d7BMzJANQqrOMAzaFeQWQ+qPKF8h30H5eKG
2nSD8Le2ThXytw==
-----END CERTIFICATE-----