Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
File:                     a-5EwhI0JTYYsNeza5Djy1xA3tE.mft (raw, json)
Hash identifier:          509qZlsk+zO8lQ+o5p86MIDFyPpzCekuCjYQbMl9jUA=
Subject key identifier:   30:69:82:A3:88:4A:AD:05:26:28:64:7A:9E:1C:AB:AE:C9:14:46:E9
Authority key identifier: 6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1
Certificate issuer:       /CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1
Certificate serial:       019D389BA6B73FEC0F7388E36ABB6A0282A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 08:00:17 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:17 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:17 +0000
Files and hashes:         1: a-5EwhI0JTYYsNeza5Djy1xA3tE.crl (hash: fXMzJEapno0FcXtpUYEXAvDUKdZuVovcIesI1wT+2uY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:a6:b7:3f:ec:0f:73:88:e3:6a:bb:6a:02:82:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bee44c21234253618b0d7b36b90e3cb5c40ded1
        Validity
            Not Before: Mar 29 08:00:17 2026 GMT
            Not After : Mar 30 08:00:17 2026 GMT
        Subject: CN=306982a3884aad052628647a9e1cabaec91446e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:62:e5:4b:c5:d4:5c:67:f4:b5:3b:ce:72:a8:
                    f9:0b:86:9a:21:1a:19:a8:1f:9e:7e:34:bc:53:db:
                    38:3f:fb:c9:51:94:43:60:9e:86:f0:ce:cc:f8:2b:
                    b5:b6:4c:73:e8:0a:f0:d9:f1:e1:00:9f:8c:2d:6f:
                    c1:85:5e:66:b7:c2:73:58:c9:19:9d:94:dc:2a:4d:
                    15:0d:08:af:2f:05:95:0a:33:77:6f:6d:e0:c9:5b:
                    97:3c:4e:ac:6f:4c:a9:19:57:a4:b9:e7:ed:71:2f:
                    51:49:fd:16:10:bd:fc:58:0b:c5:2b:0b:19:04:a0:
                    b9:79:bf:ea:08:23:33:1c:68:3c:7b:ea:70:fc:09:
                    3f:f7:c0:a3:8a:4c:49:13:cb:5c:25:d6:9b:b4:ae:
                    6c:e3:46:1b:19:2f:8b:b0:aa:9e:2d:0d:0d:a2:88:
                    e4:c1:d5:6a:2e:b6:a2:5d:79:77:e4:76:47:73:9b:
                    47:39:53:c1:99:90:8f:a1:97:50:d2:51:68:3e:19:
                    8d:97:be:7a:93:13:11:9f:eb:ba:0f:92:68:7c:7d:
                    32:af:81:0f:ca:40:0b:6d:6f:c9:c4:8f:7b:b5:d1:
                    4c:c6:13:f9:2c:23:c3:dc:da:37:aa:27:5b:33:f4:
                    11:b4:27:ad:f4:2b:ae:c6:57:9c:dc:d8:b6:be:4a:
                    6f:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:69:82:A3:88:4A:AD:05:26:28:64:7A:9E:1C:AB:AE:C9:14:46:E9
            X509v3 Authority Key Identifier:
                keyid:6B:EE:44:C2:12:34:25:36:18:B0:D7:B3:6B:90:E3:CB:5C:40:DE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-5EwhI0JTYYsNeza5Djy1xA3tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0a710a-c800-4eae-a35b-769b3fc2664b/1/a-5EwhI0JTYYsNeza5Djy1xA3tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:dd:ec:7e:b9:cf:b3:43:e3:a0:8f:ef:02:60:68:9d:18:d5:
         fd:65:58:d6:a6:07:ca:e0:07:17:3b:90:fe:5a:a6:3a:e3:f5:
         cb:f0:22:be:26:7b:82:6c:1e:bb:9a:dd:39:d4:c3:56:e8:77:
         e6:ac:f6:26:04:d6:9e:c7:23:78:e1:84:88:de:58:e0:56:b6:
         42:98:9d:c7:aa:6c:4f:0c:4c:54:88:7e:e6:99:0a:02:15:0f:
         b4:12:52:62:16:19:36:ad:5a:e4:03:0d:bd:cf:11:26:3d:fb:
         ce:a3:2c:a6:df:3e:c9:e1:55:b3:8b:a6:60:4b:7d:29:48:85:
         6d:91:52:b0:44:9f:d7:aa:15:a5:91:f0:fb:72:99:20:16:5d:
         c6:18:cb:ff:61:51:b7:bf:2f:ad:07:c7:5d:3a:19:d8:89:69:
         60:1b:02:4b:e5:6c:84:fc:6f:a3:1f:c1:33:0b:db:6e:01:f3:
         04:dc:44:6f:f1:72:32:07:0a:ea:33:e8:fd:e3:83:47:74:42:
         f7:f4:a5:ce:b0:90:00:67:4d:7a:9a:7f:0c:3b:69:29:b7:e4:
         46:75:6c:b3:3a:20:e5:1a:4c:60:06:7e:17:33:5c:f5:a1:34:
         21:8b:e6:c5:b2:f7:7e:09:47:49:36:1c:1f:20:3f:91:92:7f:
         8c:2c:a9:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m6a3P+wPc4jjartqAoKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWU0NGMyMTIzNDI1MzYxOGIwZDdiMzZiOTBlM2NiNWM0
MGRlZDEwHhcNMjYwMzI5MDgwMDE3WhcNMjYwMzMwMDgwMDE3WjAzMTEwLwYDVQQD
EygzMDY5ODJhMzg4NGFhZDA1MjYyODY0N2E5ZTFjYWJhZWM5MTQ0NmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWLlS8XUXGf0tTvOcqj5C4aaIRoZ
qB+efjS8U9s4P/vJUZRDYJ6G8M7M+Cu1tkxz6Arw2fHhAJ+MLW/BhV5mt8JzWMkZ
nZTcKk0VDQivLwWVCjN3b23gyVuXPE6sb0ypGVekueftcS9RSf0WEL38WAvFKwsZ
BKC5eb/qCCMzHGg8e+pw/Ak/98CjikxJE8tcJdabtK5s40YbGS+LsKqeLQ0Noojk
wdVqLraiXXl35HZHc5tHOVPBmZCPoZdQ0lFoPhmNl756kxMRn+u6D5JofH0yr4EP
ykALbW/JxI97tdFMxhP5LCPD3No3qidbM/QRtCet9Cuuxlec3Ni2vkpvUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBpgqOISq0FJihkep4cq67JFEbpMB8GA1UdIwQY
MBaAFGvuRMISNCU2GLDXs2uQ48tcQN7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWIt
NzY5YjNmYzI2NjRiLzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8wYTcxMGEtYzgwMC00ZWFlLWEzNWItNzY5YjNmYzI2NjRi
LzEvYS01RXdoSTBKVFlZc05lemE1RGp5MXhBM3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABN3sfrnP
s0PjoI/vAmBonRjV/WVY1qYHyuAHFzuQ/lqmOuP1y/AiviZ7gmweu5rdOdTDVuh3
5qz2JgTWnscjeOGEiN5Y4Fa2Qpidx6psTwxMVIh+5pkKAhUPtBJSYhYZNq1a5AMN
vc8RJj37zqMspt8+yeFVs4umYEt9KUiFbZFSsESf16oVpZHw+3KZIBZdxhjL/2FR
t78vrQfHXToZ2IlpYBsCS+VshPxvox/BMwvbbgHzBNxEb/FyMgcK6jPo/eODR3RC
9/SlzrCQAGdNepp/DDtpKbfkRnVsszog5RpMYAZ+FzNc9aE0IYvmxbL3fglHSTYc
HyA/kZJ/jCypug==
-----END CERTIFICATE-----