Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          s6qFzfqBomkpiSgXA6fy4EJQSlJF0f8r1M6SvQmQ5D4=
Subject key identifier:   27:55:B7:DA:4C:41:C7:61:FA:EC:01:49:B1:AA:53:04:16:8D:FF:9B
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       019D38D366CCF6B140AC1447AEAEA8D4F850
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          181F
Signing time:             Sun 29 Mar 2026 09:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:11 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: LR76kiR25a07oITx+xK9Q6Pmg0stcWIxjkQCxmwzglA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:66:cc:f6:b1:40:ac:14:47:ae:ae:a8:d4:f8:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Mar 29 09:01:11 2026 GMT
            Not After : Mar 30 09:01:11 2026 GMT
        Subject: CN=2755b7da4c41c761faec0149b1aa5304168dff9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:f1:d3:03:c2:30:63:2d:27:a0:d0:45:10:2d:
                    43:ad:a3:a6:1b:65:35:49:d4:71:82:18:08:30:94:
                    1f:a9:a8:7a:8c:16:2f:e9:f3:2e:16:0b:60:ed:12:
                    c6:df:af:52:b4:fa:4b:e3:88:bd:d9:e2:ee:d1:7f:
                    a1:0c:6a:92:3b:66:d0:0c:7f:d2:0f:13:b6:55:7a:
                    0a:dc:60:fd:ca:a8:fa:f9:42:96:83:08:7a:78:a8:
                    3d:45:31:2e:8b:6e:d1:b4:b9:cf:b6:eb:8d:50:7e:
                    39:f5:15:71:18:82:e1:ea:c8:d7:ec:46:8b:56:ee:
                    6b:93:01:26:4b:8e:22:75:6b:97:42:d3:75:77:4a:
                    dd:82:e4:0b:e0:3a:63:b8:42:a9:9c:ef:a5:6b:b1:
                    a3:86:2b:88:b8:f4:53:4f:59:ba:45:55:3a:96:6f:
                    78:e4:93:3c:7f:77:e5:84:95:8e:08:9d:36:af:c4:
                    2e:4a:f9:16:dc:de:dc:d0:69:60:ce:3a:6b:a2:f0:
                    4a:06:d3:13:9b:3e:db:5b:ca:6c:c1:f3:6b:bd:9c:
                    1a:1b:bf:0e:92:7f:1b:e0:34:1f:0a:2b:73:31:f9:
                    10:e9:c2:8c:49:8f:2b:95:e2:c3:5a:97:5b:f7:81:
                    49:89:47:44:62:35:7a:ca:13:c4:77:25:de:e8:ff:
                    cc:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:55:B7:DA:4C:41:C7:61:FA:EC:01:49:B1:AA:53:04:16:8D:FF:9B
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:56:ca:75:d4:76:75:1e:b6:0b:5c:da:f1:d4:71:85:aa:eb:
         eb:b5:2c:83:0f:76:f2:14:56:93:61:ef:af:5d:b0:fa:a7:bf:
         0d:23:b4:b5:fd:f5:a3:2c:cb:32:cd:d5:e9:86:8d:e4:1f:76:
         d9:15:0d:80:0a:5e:5e:ec:a3:4c:87:fc:59:04:7d:0a:df:bc:
         27:54:95:01:bd:a6:c3:a5:de:2d:73:d4:f6:22:60:97:a0:34:
         65:6d:93:9a:82:d6:04:0b:3a:d3:e7:c5:b1:16:82:82:8b:93:
         ef:02:66:10:d3:4c:1a:04:ae:7e:08:2b:d4:11:84:a4:fc:83:
         15:66:23:1b:59:16:04:4a:3f:bc:43:9e:39:17:fa:59:e1:dc:
         6a:3e:27:27:3a:af:3c:61:f5:65:25:46:30:6d:e8:47:93:29:
         e4:2a:c4:90:61:57:3f:99:49:70:d8:fe:69:19:6b:4d:b7:32:
         91:bc:17:2d:e5:27:b6:7c:ba:f1:72:68:71:64:56:03:36:e1:
         de:5d:df:4d:c8:fa:73:86:53:82:9e:f5:16:9e:1b:3e:bd:17:
         62:dc:c9:09:ca:69:74:a7:61:d0:8c:88:dc:0b:7b:b1:0b:de:
         33:de:98:a1:71:85:15:a8:44:e8:71:4b:aa:5a:d4:d3:49:cf:
         72:71:7e:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0402bM9rFArBRHrq6o1PhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjYwMzI5MDkwMTExWhcNMjYwMzMwMDkwMTExWjAzMTEwLwYDVQQD
EygyNzU1YjdkYTRjNDFjNzYxZmFlYzAxNDliMWFhNTMwNDE2OGRmZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/HTA8IwYy0noNBFEC1DraOmG2U1
SdRxghgIMJQfqah6jBYv6fMuFgtg7RLG369StPpL44i92eLu0X+hDGqSO2bQDH/S
DxO2VXoK3GD9yqj6+UKWgwh6eKg9RTEui27RtLnPtuuNUH459RVxGILh6sjX7EaL
Vu5rkwEmS44idWuXQtN1d0rdguQL4DpjuEKpnO+la7GjhiuIuPRTT1m6RVU6lm94
5JM8f3flhJWOCJ02r8QuSvkW3N7c0GlgzjprovBKBtMTmz7bW8pswfNrvZwaG78O
kn8b4DQfCitzMfkQ6cKMSY8rleLDWpdb94FJiUdEYjV6yhPEdyXe6P/MaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdVt9pMQcdh+uwBSbGqUwQWjf+bMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ1bKddR2
dR62C1za8dRxharr67Usgw928hRWk2Hvr12w+qe/DSO0tf31oyzLMs3V6YaN5B92
2RUNgApeXuyjTIf8WQR9Ct+8J1SVAb2mw6XeLXPU9iJgl6A0ZW2TmoLWBAs60+fF
sRaCgouT7wJmENNMGgSufggr1BGEpPyDFWYjG1kWBEo/vEOeORf6WeHcaj4nJzqv
PGH1ZSVGMG3oR5Mp5CrEkGFXP5lJcNj+aRlrTbcykbwXLeUntny68XJocWRWAzbh
3l3fTcj6c4ZTgp71Fp4bPr0XYtzJCcppdKdh0IyI3At7sQveM96YoXGFFahE6HFL
qlrU00nPcnF+iA==
-----END CERTIFICATE-----