Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
File:                     iFeQ87X0pUUjTzIwv4lmOFbge8c.mft (raw, json)
Hash identifier:          BA0nKKOJlUhSMKUd+qwHuchvjIz2ud8LhuzzvLRT4bw=
Subject key identifier:   81:84:62:49:90:5F:02:B4:36:72:24:4F:94:77:BA:30:46:C6:B8:8F
Authority key identifier: 88:57:90:F3:B5:F4:A5:45:23:4F:32:30:BF:89:66:38:56:E0:7B:C7
Certificate issuer:       /CN=885790f3b5f4a545234f3230bf89663856e07bc7
Certificate serial:       019D38658791F909E1E27C78C5FDD1C1090C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:11 +0000
Files and hashes:         1: iFeQ87X0pUUjTzIwv4lmOFbge8c.crl (hash: OObp1JPZYWsxTd2dCroKZ691DZSTkKFgAsZxNn9e/AE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:87:91:f9:09:e1:e2:7c:78:c5:fd:d1:c1:09:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885790f3b5f4a545234f3230bf89663856e07bc7
        Validity
            Not Before: Mar 29 07:01:11 2026 GMT
            Not After : Mar 30 07:01:11 2026 GMT
        Subject: CN=81846249905f02b43672244f9477ba3046c6b88f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:01:87:5d:e3:bc:93:aa:73:e2:f7:ec:22:1f:
                    b2:4e:30:ed:0f:6d:d0:8d:a8:61:32:46:b4:c0:b0:
                    2a:ae:84:d8:7a:a8:bc:b0:ae:c5:32:c0:f2:86:e8:
                    eb:e7:f7:1e:71:1e:d6:9e:31:5f:cd:43:09:a9:28:
                    9f:c1:48:72:96:32:7d:1c:27:77:49:57:99:12:2d:
                    d7:95:fb:0b:52:5c:bd:03:6b:14:fa:e0:ec:26:36:
                    4a:4e:80:4d:c3:58:e9:ba:9f:cf:b0:a1:be:0e:9e:
                    ed:a5:8d:a2:50:b9:1f:43:cf:3a:12:6a:28:17:27:
                    69:8a:51:4d:7b:63:8a:29:2a:3a:e2:fe:c1:ef:73:
                    b6:0f:aa:03:d9:4c:b5:6d:77:70:2a:dd:cb:68:70:
                    14:19:5f:18:0c:1a:1a:a9:8b:47:2a:2f:14:7b:b0:
                    1f:cc:d5:e2:87:59:4d:7e:8f:09:b6:b5:cb:cd:d9:
                    52:5f:05:9b:d9:4b:d8:31:b9:b7:07:03:ae:1b:d4:
                    60:7e:46:49:ec:b7:9b:1f:77:f1:a2:d2:a8:f6:a9:
                    3f:df:17:8d:78:3e:cb:03:3d:13:5f:ba:99:30:e0:
                    8e:1e:22:7e:95:1d:5d:17:68:50:85:1f:47:47:48:
                    6a:a7:86:ec:89:33:4c:ad:7f:8b:91:20:92:81:01:
                    33:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:84:62:49:90:5F:02:B4:36:72:24:4F:94:77:BA:30:46:C6:B8:8F
            X509v3 Authority Key Identifier:
                keyid:88:57:90:F3:B5:F4:A5:45:23:4F:32:30:BF:89:66:38:56:E0:7B:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFeQ87X0pUUjTzIwv4lmOFbge8c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a40bbb-556a-40c5-b97c-32b2be06222c/1/iFeQ87X0pUUjTzIwv4lmOFbge8c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:f7:8d:61:77:3c:ec:f7:a2:49:a0:af:ef:48:82:dc:95:0c:
         a9:81:f8:e2:f7:33:5e:4d:d3:f0:2b:55:0f:85:9d:30:79:25:
         a6:63:14:8d:fa:8f:b9:90:71:15:50:38:6d:e3:13:04:aa:65:
         af:4e:e9:10:1d:53:27:d9:3e:43:28:74:8e:81:6a:38:da:9a:
         69:eb:fa:08:bf:f9:44:d0:3d:df:00:ea:17:66:aa:8c:43:8e:
         81:06:b4:a3:64:72:4c:34:31:12:2a:46:90:7a:24:e0:dd:e5:
         1b:4d:48:b8:72:18:93:80:e8:d5:c5:e9:25:85:62:1b:ac:80:
         1c:b8:8c:99:cb:91:e3:60:ee:7f:dc:1b:45:9e:82:a2:3b:61:
         8e:f6:1b:12:8e:eb:a6:53:c9:80:47:3d:3f:c6:17:33:6f:46:
         4e:01:f2:56:0e:f0:05:d9:c1:70:b0:75:f7:e1:b6:0f:28:65:
         32:8b:de:68:cc:42:e8:5d:e5:9e:d6:04:ca:93:62:4f:5f:72:
         4f:9e:21:b2:b1:53:63:82:d5:72:57:a2:c0:95:fe:d8:1c:cc:
         e6:b5:d1:34:9d:27:5b:82:6f:42:82:1e:e1:94:0d:c2:2f:11:
         dd:16:16:8f:c3:1a:4f:0b:78:b9:bd:63:c0:79:e4:da:3c:c2:
         65:48:c5:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYeR+Qnh4nx4xf3RwQkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NTc5MGYzYjVmNGE1NDUyMzRmMzIzMGJmODk2NjM4NTZl
MDdiYzcwHhcNMjYwMzI5MDcwMTExWhcNMjYwMzMwMDcwMTExWjAzMTEwLwYDVQQD
Eyg4MTg0NjI0OTkwNWYwMmI0MzY3MjI0NGY5NDc3YmEzMDQ2YzZiODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAGHXeO8k6pz4vfsIh+yTjDtD23Q
jahhMka0wLAqroTYeqi8sK7FMsDyhujr5/cecR7WnjFfzUMJqSifwUhyljJ9HCd3
SVeZEi3XlfsLUly9A2sU+uDsJjZKToBNw1jpup/PsKG+Dp7tpY2iULkfQ886Emoo
FydpilFNe2OKKSo64v7B73O2D6oD2Uy1bXdwKt3LaHAUGV8YDBoaqYtHKi8Ue7Af
zNXih1lNfo8JtrXLzdlSXwWb2UvYMbm3BwOuG9RgfkZJ7LebH3fxotKo9qk/3xeN
eD7LAz0TX7qZMOCOHiJ+lR1dF2hQhR9HR0hqp4bsiTNMrX+LkSCSgQEzDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGEYkmQXwK0NnIkT5R3ujBGxriPMB8GA1UdIwQY
MBaAFIhXkPO19KVFI08yML+JZjhW4HvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNDBiYmItNTU2YS00MGM1LWI5N2Mt
MzJiMmJlMDYyMjJjLzEvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNDBiYmItNTU2YS00MGM1LWI5N2MtMzJiMmJlMDYyMjJj
LzEvaUZlUTg3WDBwVVVqVHpJd3Y0bG1PRmJnZThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD/eNYXc8
7PeiSaCv70iC3JUMqYH44vczXk3T8CtVD4WdMHklpmMUjfqPuZBxFVA4beMTBKpl
r07pEB1TJ9k+Qyh0joFqONqaaev6CL/5RNA93wDqF2aqjEOOgQa0o2RyTDQxEipG
kHok4N3lG01IuHIYk4Do1cXpJYViG6yAHLiMmcuR42Duf9wbRZ6CojthjvYbEo7r
plPJgEc9P8YXM29GTgHyVg7wBdnBcLB19+G2DyhlMoveaMxC6F3lntYEypNiT19y
T54hsrFTY4LVcleiwJX+2BzM5rXRNJ0nW4JvQoIe4ZQNwi8R3RYWj8MaTwt4ub1j
wHnk2jzCZUjFbQ==
-----END CERTIFICATE-----