Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
File:                     1OXVJHHqh0idSKBiCEem1VbxY9s.mft (raw, json)
Hash identifier:          hekdFXSTRGtCrP8xupECimUjq6GZWolANUVodTSPf90=
Subject key identifier:   D0:9B:6F:81:9A:0C:3D:22:4E:A1:79:B7:9F:49:CF:D9:1F:F2:58:E2
Authority key identifier: D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB
Certificate issuer:       /CN=d4e5d52471ea87489d48a0620847a6d556f163db
Certificate serial:       019D37C110632060F1C865CA60C9B3314CD0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
Manifest number:          181D
Signing time:             Sun 29 Mar 2026 04:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:32 +0000
Files and hashes:         1: 1OXVJHHqh0idSKBiCEem1VbxY9s.crl (hash: J41uUMd6mR89DJWISEoZSHZCHWbbKUB8RIop8mlJC14=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:10:63:20:60:f1:c8:65:ca:60:c9:b3:31:4c:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e5d52471ea87489d48a0620847a6d556f163db
        Validity
            Not Before: Mar 29 04:01:32 2026 GMT
            Not After : Mar 30 04:01:32 2026 GMT
        Subject: CN=d09b6f819a0c3d224ea179b79f49cfd91ff258e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:d1:b1:e6:2c:88:42:fd:dd:95:c4:5f:90:4c:
                    51:f0:9f:22:b5:dc:d0:c7:2a:a7:36:0b:c2:f2:1d:
                    e8:9b:83:e1:4a:63:e0:a7:1d:e4:4a:7f:3d:49:9b:
                    6b:1d:bb:ae:44:d7:66:48:cf:65:2f:88:7c:5f:98:
                    f8:f5:db:23:19:5f:c2:a1:6f:1a:25:58:9d:6f:54:
                    10:24:da:07:f0:3e:03:b5:f9:19:50:3d:98:e7:68:
                    66:26:6e:97:3c:98:5c:6a:17:3e:b2:a1:ae:65:5d:
                    06:a9:f0:a0:32:6b:7c:8e:bf:39:9f:94:21:1a:f7:
                    aa:15:c4:a6:28:74:6b:4e:df:a0:32:4a:16:4b:ed:
                    c6:3f:87:53:28:bc:dc:31:63:da:04:28:39:dc:32:
                    ef:1f:f1:a6:13:f6:cb:9a:3b:b9:00:98:00:db:af:
                    41:71:4d:38:e9:2c:97:37:e6:81:22:e2:c0:32:08:
                    42:70:8b:de:5a:3b:de:54:78:a1:5e:26:28:e2:af:
                    f3:35:b0:d8:6c:19:e6:22:af:a5:16:32:98:f5:9c:
                    66:7f:e5:f4:dd:0c:43:71:e2:59:53:80:01:5b:0b:
                    5c:6d:a7:2e:ba:8a:e6:28:e4:bd:c7:3a:17:1e:6a:
                    1f:9b:bf:a5:88:2c:1e:34:d4:7a:41:a6:ad:49:ba:
                    e4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:9B:6F:81:9A:0C:3D:22:4E:A1:79:B7:9F:49:CF:D9:1F:F2:58:E2
            X509v3 Authority Key Identifier:
                keyid:D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:b1:00:0d:24:78:d3:1b:7d:bb:a6:de:cb:f1:88:24:67:49:
         9c:bf:dc:68:31:d1:f9:ca:f5:9b:10:30:e0:27:13:27:86:f3:
         9c:f2:0b:57:b2:d4:08:9c:e9:86:fa:bb:ac:5f:fc:a9:88:90:
         2d:4f:a9:ba:41:50:36:fe:05:9d:44:24:8f:9a:cb:b6:b2:29:
         4f:3a:06:4f:c9:53:8d:70:d0:8a:4a:0e:6f:0c:71:59:d0:fb:
         67:88:9f:60:f9:de:a4:27:18:b0:d2:f0:fd:80:96:d0:49:da:
         41:fe:80:1e:60:c2:28:6a:9b:80:96:f0:ce:aa:a6:ea:89:c6:
         0a:3b:28:22:27:1a:8f:77:8a:5a:31:70:88:1c:b9:ec:18:6e:
         e8:e2:cd:e7:65:df:fc:99:4e:a9:e0:0e:f6:b5:8f:ca:4d:cc:
         67:01:4a:f2:f0:fd:72:23:d8:7f:47:5a:42:0f:0d:c7:a1:b6:
         0c:eb:b6:7c:e3:c8:db:66:40:5c:ba:2d:06:01:9f:48:cd:1c:
         9b:7b:10:af:6c:65:13:e3:1e:05:cd:b3:3a:9e:29:ec:39:40:
         d9:ad:f9:65:81:dd:c2:b2:31:12:87:a4:d2:ca:bd:8a:08:85:
         66:ee:56:7f:57:2f:e7:32:92:22:6c:cb:e0:a9:92:e9:05:db:
         21:2b:20:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wRBjIGDxyGXKYMmzMUzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTVkNTI0NzFlYTg3NDg5ZDQ4YTA2MjA4NDdhNmQ1NTZm
MTYzZGIwHhcNMjYwMzI5MDQwMTMyWhcNMjYwMzMwMDQwMTMyWjAzMTEwLwYDVQQD
EyhkMDliNmY4MTlhMGMzZDIyNGVhMTc5Yjc5ZjQ5Y2ZkOTFmZjI1OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntGx5iyIQv3dlcRfkExR8J8itdzQ
xyqnNgvC8h3om4PhSmPgpx3kSn89SZtrHbuuRNdmSM9lL4h8X5j49dsjGV/CoW8a
JVidb1QQJNoH8D4DtfkZUD2Y52hmJm6XPJhcahc+sqGuZV0GqfCgMmt8jr85n5Qh
GveqFcSmKHRrTt+gMkoWS+3GP4dTKLzcMWPaBCg53DLvH/GmE/bLmju5AJgA269B
cU046SyXN+aBIuLAMghCcIveWjveVHihXiYo4q/zNbDYbBnmIq+lFjKY9Zxmf+X0
3QxDceJZU4ABWwtcbacuuormKOS9xzoXHmofm7+liCweNNR6QaatSbrkGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCbb4GaDD0iTqF5t59Jz9kf8ljiMB8GA1UdIwQY
MBaAFNTl1SRx6odInUigYghHptVW8WPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMt
MDE4MmNiMDJjODAwLzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMtMDE4MmNiMDJjODAw
LzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALEADSR4
0xt9u6bey/GIJGdJnL/caDHR+cr1mxAw4CcTJ4bznPILV7LUCJzphvq7rF/8qYiQ
LU+pukFQNv4FnUQkj5rLtrIpTzoGT8lTjXDQikoObwxxWdD7Z4ifYPnepCcYsNLw
/YCW0EnaQf6AHmDCKGqbgJbwzqqm6onGCjsoIicaj3eKWjFwiBy57Bhu6OLN52Xf
/JlOqeAO9rWPyk3MZwFK8vD9ciPYf0daQg8Nx6G2DOu2fOPI22ZAXLotBgGfSM0c
m3sQr2xlE+MeBc2zOp4p7DlA2a35ZYHdwrIxEoek0sq9igiFZu5Wf1cv5zKSImzL
4KmS6QXbISsgIg==
-----END CERTIFICATE-----