Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          pNN5TnxpLkzikyJOjCBeqorNI9qqwqXAL6hpXGItqH0=
Subject key identifier:   C2:A5:50:AA:B3:52:A0:1B:6D:14:AE:7E:6E:19:30:41:1D:A7:D6:42
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       019D38D3D617C7FDF449B4E491E1541B671C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 09:01:40 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:40 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:40 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: 0EWOkUSn+NMyYTBQhgTBnsEkcyxFOfFLtf/zzxHOAww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:d6:17:c7:fd:f4:49:b4:e4:91:e1:54:1b:67:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Mar 29 09:01:40 2026 GMT
            Not After : Mar 30 09:01:40 2026 GMT
        Subject: CN=c2a550aab352a01b6d14ae7e6e1930411da7d642
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6a:dc:d8:b7:9d:d2:39:61:6e:65:a4:02:61:
                    50:af:78:aa:4a:f5:86:04:62:98:79:49:75:4c:5b:
                    0d:35:b9:fd:dd:26:99:33:fa:03:f5:c9:80:06:1c:
                    6a:a0:e6:bc:2d:60:2c:c5:43:2e:eb:1e:eb:22:3d:
                    80:86:a4:9e:3c:1a:ed:ed:0a:13:1e:d5:cc:8d:2c:
                    94:7a:2a:37:ea:0e:e3:19:3b:c9:ec:d0:4a:8e:52:
                    45:43:f7:59:a3:91:e6:26:a1:aa:ec:fb:fd:c6:81:
                    3b:25:2d:77:e9:d6:2c:bb:5d:23:5f:c7:65:26:e5:
                    27:2d:c9:63:15:28:0f:64:c1:1c:19:bd:8b:3c:a4:
                    e6:a5:8a:39:3a:76:c8:ff:97:36:57:2a:e3:b2:5d:
                    b1:2d:9f:bf:11:88:eb:4a:29:b7:ae:00:3e:a4:99:
                    1d:98:f9:2a:86:f5:c2:a6:4f:88:7b:8d:28:16:41:
                    d6:5c:d1:c0:fd:04:29:9f:db:0e:b8:32:f5:62:25:
                    c9:37:15:96:30:7d:43:ab:62:a9:72:86:a0:50:9f:
                    46:df:88:0f:ef:b1:f9:84:d8:7a:30:d9:6d:ca:82:
                    b6:66:58:eb:6a:73:82:24:fa:03:27:9f:7b:ae:d3:
                    5a:f8:70:ee:be:81:d8:8a:d6:36:6b:9b:32:cf:35:
                    e7:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:A5:50:AA:B3:52:A0:1B:6D:14:AE:7E:6E:19:30:41:1D:A7:D6:42
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:7e:0d:81:ad:b6:d8:5d:9d:ad:99:af:68:8d:03:cc:33:45:
         13:0e:ae:59:df:41:39:f1:fc:e2:f6:f8:99:f5:d5:5d:8b:28:
         e5:81:97:a4:3c:24:4c:de:16:ef:30:c8:82:3f:e7:d9:28:d0:
         3f:3c:78:a3:a3:50:4b:8e:4f:e3:ba:2f:22:1e:c7:fd:5e:65:
         80:e1:78:7d:3f:c8:f6:45:56:ad:5b:36:58:a7:fb:26:55:46:
         f0:40:47:18:12:60:01:1f:67:d1:52:31:3a:92:42:82:fd:8c:
         ab:ac:d7:ae:fa:67:a7:ed:f3:03:d7:0f:2a:f1:ce:cd:b5:97:
         8e:b3:d9:2f:32:7e:f7:54:94:6b:e2:44:53:63:75:86:18:7a:
         fb:75:2f:d9:f9:14:3c:db:bb:55:c1:5f:a9:04:d2:e0:31:ca:
         2a:97:70:a1:f7:cd:52:06:3f:24:54:e8:50:9a:f2:12:f2:3c:
         ca:80:91:d7:ec:a5:af:72:6e:6b:d5:4b:e7:be:97:1d:8f:12:
         1c:b1:ab:9e:48:25:be:7a:8a:70:5a:b1:2c:2a:2b:f5:99:23:
         96:82:c9:27:57:74:7e:91:f3:7f:8a:b9:e1:7e:5f:13:d0:7b:
         00:e1:e2:93:40:6d:b0:81:60:d6:f0:f4:7d:07:95:7e:dd:8e:
         8d:50:c0:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0409YXx/30SbTkkeFUG2ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjYwMzI5MDkwMTQwWhcNMjYwMzMwMDkwMTQwWjAzMTEwLwYDVQQD
EyhjMmE1NTBhYWIzNTJhMDFiNmQxNGFlN2U2ZTE5MzA0MTFkYTdkNjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2rc2Led0jlhbmWkAmFQr3iqSvWG
BGKYeUl1TFsNNbn93SaZM/oD9cmABhxqoOa8LWAsxUMu6x7rIj2AhqSePBrt7QoT
HtXMjSyUeio36g7jGTvJ7NBKjlJFQ/dZo5HmJqGq7Pv9xoE7JS136dYsu10jX8dl
JuUnLcljFSgPZMEcGb2LPKTmpYo5OnbI/5c2Vyrjsl2xLZ+/EYjrSim3rgA+pJkd
mPkqhvXCpk+Ie40oFkHWXNHA/QQpn9sOuDL1YiXJNxWWMH1Dq2KpcoagUJ9G34gP
77H5hNh6MNltyoK2ZljranOCJPoDJ597rtNa+HDuvoHYitY2a5syzzXnPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKlUKqzUqAbbRSufm4ZMEEdp9ZCMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHH4Nga22
2F2drZmvaI0DzDNFEw6uWd9BOfH84vb4mfXVXYso5YGXpDwkTN4W7zDIgj/n2SjQ
Pzx4o6NQS45P47ovIh7H/V5lgOF4fT/I9kVWrVs2WKf7JlVG8EBHGBJgAR9n0VIx
OpJCgv2Mq6zXrvpnp+3zA9cPKvHOzbWXjrPZLzJ+91SUa+JEU2N1hhh6+3Uv2fkU
PNu7VcFfqQTS4DHKKpdwoffNUgY/JFToUJryEvI8yoCR1+ylr3Jua9VL576XHY8S
HLGrnkglvnqKcFqxLCor9ZkjloLJJ1d0fpHzf4q54X5fE9B7AOHik0BtsIFg1vD0
fQeVft2OjVDAfA==
-----END CERTIFICATE-----