Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          mWoCy30Eh2ZU/ex92DkmXlopaO46F8KgfadlEm28Dfc=
Subject key identifier:   22:C6:9C:0F:4D:C4:81:24:1E:F1:F9:5A:CE:7F:EA:90:5C:F1:9F:21
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019D37C0D8B87E89016B7C67CE0DE2C4BA75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 04:01:18 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:18 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:18 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: wXnlQxO9wDYVvvtBF42YiWnXuEyusI2ZRNbCBm2+tJI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:d8:b8:7e:89:01:6b:7c:67:ce:0d:e2:c4:ba:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Mar 29 04:01:18 2026 GMT
            Not After : Mar 30 04:01:18 2026 GMT
        Subject: CN=22c69c0f4dc481241ef1f95ace7fea905cf19f21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:08:70:98:ab:2c:f0:a1:fa:ec:6a:bc:73:06:
                    a7:22:29:5c:4d:1f:85:95:df:fb:e7:63:57:12:6d:
                    30:65:92:70:d2:c2:d2:00:c6:64:a9:a4:7c:c2:15:
                    c3:19:83:37:22:cb:8f:53:05:f8:39:3e:57:50:e6:
                    02:8f:f2:7d:30:de:ca:9b:7b:16:b7:4b:ba:b4:e6:
                    4f:47:29:46:c4:d8:0a:39:d7:cf:7b:f5:21:7f:2a:
                    a8:68:46:9f:16:6f:d4:c0:02:d7:7b:c5:ca:57:8a:
                    a7:01:5c:81:20:1b:d9:56:c4:71:68:c2:3e:64:f3:
                    84:4c:7d:3f:8f:11:3f:2b:c8:c8:fb:91:ec:6d:30:
                    48:ea:63:ce:68:0d:97:31:4f:99:28:45:d5:dd:b6:
                    90:2f:23:14:c3:3f:79:7a:81:e6:06:e4:38:7e:07:
                    86:3d:82:c8:eb:72:79:b7:17:f3:ad:86:f3:fc:0f:
                    c7:21:1c:87:90:dc:5f:76:6b:6b:06:7b:b5:06:33:
                    39:ab:34:2a:dd:72:b6:1a:db:41:cc:94:31:08:62:
                    38:a5:51:20:19:a6:67:82:a2:ca:d3:72:75:05:2a:
                    5c:e5:df:2f:98:99:59:77:81:31:6e:50:78:a0:25:
                    71:67:da:44:0e:e6:f2:02:47:e5:90:c2:e8:2a:ef:
                    7c:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:C6:9C:0F:4D:C4:81:24:1E:F1:F9:5A:CE:7F:EA:90:5C:F1:9F:21
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:6f:21:84:0e:5f:df:8a:81:78:ad:5e:4c:c3:86:01:bf:01:
         43:3a:69:df:72:ec:de:62:82:5d:b1:c1:69:9f:f4:6f:bc:0a:
         8a:f6:9e:81:6f:86:bc:41:05:a7:21:c2:e7:41:32:71:13:f3:
         eb:00:ae:c8:46:34:61:b2:cb:f1:04:b4:2b:53:55:88:16:e1:
         30:06:f0:c5:1c:f9:20:7a:41:26:e0:47:9b:71:1e:e1:a6:28:
         19:6c:2e:9a:f5:2d:ac:64:d6:19:89:7f:4e:f3:df:91:90:e4:
         28:7f:54:7c:ff:4f:b4:1a:1d:7e:dd:5f:f7:07:ef:7a:b4:9d:
         a6:fc:27:47:a1:1f:d8:ba:0d:c4:b4:05:fe:e6:eb:29:f5:1c:
         ae:0e:d2:e0:dc:c6:bb:18:59:c1:36:2b:28:32:9e:9a:45:1e:
         89:e2:26:65:cd:ab:42:80:c9:72:8a:02:8b:45:4a:7b:d6:0e:
         a1:4e:1b:4a:8d:3b:00:a9:87:a5:a5:9d:d9:ec:f6:0f:fc:11:
         39:0b:22:73:23:e3:6e:a5:fd:6b:7a:6a:a6:62:94:6a:3b:43:
         f7:37:d6:51:f9:bd:7c:50:0c:38:73:a1:d6:21:07:36:88:b3:
         57:03:f6:4f:44:2e:2a:9a:45:bf:05:14:bb:82:fc:38:99:4b:
         e8:12:d1:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wNi4fokBa3xnzg3ixLp1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjYwMzI5MDQwMTE4WhcNMjYwMzMwMDQwMTE4WjAzMTEwLwYDVQQD
EygyMmM2OWMwZjRkYzQ4MTI0MWVmMWY5NWFjZTdmZWE5MDVjZjE5ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAhwmKss8KH67Gq8cwanIilcTR+F
ld/752NXEm0wZZJw0sLSAMZkqaR8whXDGYM3IsuPUwX4OT5XUOYCj/J9MN7Km3sW
t0u6tOZPRylGxNgKOdfPe/UhfyqoaEafFm/UwALXe8XKV4qnAVyBIBvZVsRxaMI+
ZPOETH0/jxE/K8jI+5HsbTBI6mPOaA2XMU+ZKEXV3baQLyMUwz95eoHmBuQ4fgeG
PYLI63J5txfzrYbz/A/HIRyHkNxfdmtrBnu1BjM5qzQq3XK2GttBzJQxCGI4pVEg
GaZngqLK03J1BSpc5d8vmJlZd4ExblB4oCVxZ9pEDubyAkflkMLoKu981wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLGnA9NxIEkHvH5Ws5/6pBc8Z8hMB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf28hhA5f
34qBeK1eTMOGAb8BQzpp33Ls3mKCXbHBaZ/0b7wKivaegW+GvEEFpyHC50EycRPz
6wCuyEY0YbLL8QS0K1NViBbhMAbwxRz5IHpBJuBHm3Ee4aYoGWwumvUtrGTWGYl/
TvPfkZDkKH9UfP9PtBodft1f9wfverSdpvwnR6Ef2LoNxLQF/ubrKfUcrg7S4NzG
uxhZwTYrKDKemkUeieImZc2rQoDJcooCi0VKe9YOoU4bSo07AKmHpaWd2ez2D/wR
OQsicyPjbqX9a3pqpmKUajtD9zfWUfm9fFAMOHOh1iEHNoizVwP2T0QuKppFvwUU
u4L8OJlL6BLRpQ==
-----END CERTIFICATE-----