Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
File:                     XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft (raw, json)
Hash identifier:          yScZ/U18HHs0c135d9kcdThthxZTbkwGDb1u6ghoAwY=
Subject key identifier:   45:78:1F:E7:4B:11:52:66:44:51:52:6F:4C:86:A4:F9:6A:17:8D:50
Authority key identifier: 5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2
Certificate issuer:       /CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
Certificate serial:       019D37C05CAB32269E71FA6E9E1B3C0C7C9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 04:00:46 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:46 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:46 +0000
Files and hashes:         1: XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl (hash: 73dnbmdG+EE+jkPShycHhDbYkhcVS18Z8eee5Rs8EvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:5c:ab:32:26:9e:71:fa:6e:9e:1b:3c:0c:7c:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea85f1dd4d0346480f009874a8f5670e31085c2
        Validity
            Not Before: Mar 29 04:00:46 2026 GMT
            Not After : Mar 30 04:00:46 2026 GMT
        Subject: CN=45781fe74b1152664451526f4c86a4f96a178d50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:17:30:c2:ed:3f:d2:1d:07:71:d4:90:ca:aa:
                    52:f2:8e:59:0f:7a:0f:6d:b1:f3:32:b6:86:fd:76:
                    56:c0:e2:0d:35:73:b3:96:94:e5:1e:33:03:3b:be:
                    71:ed:39:fe:51:57:91:6f:5f:07:92:2d:45:3f:76:
                    01:ab:6a:8e:11:4b:a5:59:fd:16:f8:76:38:af:75:
                    b9:25:10:c3:7b:37:fd:76:fa:a6:7d:a8:87:c9:e7:
                    ad:5d:7e:0a:44:34:7d:89:dd:12:5b:7c:97:da:a3:
                    4f:ef:db:99:7e:6b:8a:c8:f5:91:d8:2c:86:7b:5d:
                    dc:95:78:cd:dc:cb:ca:cc:0e:72:28:c4:8b:70:b6:
                    0a:ed:79:1e:03:f2:e5:ad:7b:a3:3a:69:e7:0a:36:
                    56:25:8b:78:e4:94:ae:f1:f0:23:1b:01:f2:dc:1b:
                    fd:ca:ab:e8:f1:6f:3d:03:4a:c1:1f:41:26:06:b8:
                    44:85:7a:4c:41:cd:0d:31:8e:b0:57:41:7c:ea:99:
                    1a:5c:f9:e8:8b:98:b8:cd:4b:f5:a8:ef:ae:b6:b8:
                    50:fc:17:77:37:03:60:fb:77:64:22:9b:47:69:f0:
                    20:56:29:3e:97:ff:a4:dc:d3:2d:c0:04:56:56:80:
                    07:9a:e3:1f:6f:db:2d:db:31:d5:e6:6c:60:49:1e:
                    fc:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:78:1F:E7:4B:11:52:66:44:51:52:6F:4C:86:A4:F9:6A:17:8D:50
            X509v3 Authority Key Identifier:
                keyid:5E:A8:5F:1D:D4:D0:34:64:80:F0:09:87:4A:8F:56:70:E3:10:85:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XqhfHdTQNGSA8AmHSo9WcOMQhcI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ef7808-122b-4b89-9358-590c5f1b01b3/1/XqhfHdTQNGSA8AmHSo9WcOMQhcI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:ae:6f:52:a7:cb:29:cc:11:88:96:8e:14:8b:4e:9f:39:da:
         df:20:7f:ff:17:43:8a:e5:97:52:63:71:2e:59:5d:e3:c6:f6:
         52:76:d1:b2:ce:e3:50:c5:af:5e:72:c7:5c:f4:b0:9b:bc:88:
         28:ab:9e:4a:c9:e0:44:ca:f2:fd:02:d4:86:0e:ac:08:c9:a1:
         e1:ac:b3:ef:ca:ab:cc:01:85:47:c0:a4:4b:c0:c9:1f:47:b3:
         ce:47:53:37:46:8c:92:bc:d0:a5:2f:22:43:79:ca:61:47:58:
         a8:c1:29:93:92:9c:f2:34:30:6c:cb:b9:76:a6:4b:0d:c3:16:
         ba:85:c8:f3:ff:57:30:ad:aa:0a:1a:b2:94:fb:5e:65:60:c5:
         8e:47:23:4d:6e:10:b7:96:54:04:bd:27:5e:31:31:18:95:68:
         29:2c:78:ef:29:5b:23:35:07:6c:3a:cd:af:6f:63:b4:e1:99:
         60:52:fc:13:2c:af:dd:13:9a:e9:a8:78:c1:f2:8c:3d:ef:eb:
         0e:79:72:9e:53:c5:c7:8c:43:62:dc:b3:1b:04:8f:bc:bd:1d:
         49:9e:9d:63:a4:3c:c1:9e:6f:16:fb:76:3b:37:47:53:58:da:
         82:11:85:e9:c2:96:50:4b:c5:b6:02:45:71:fb:7a:22:1e:95:
         5e:e4:4f:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wFyrMiaecfpunhs8DHybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg1ZjFkZDRkMDM0NjQ4MGYwMDk4NzRhOGY1NjcwZTMx
MDg1YzIwHhcNMjYwMzI5MDQwMDQ2WhcNMjYwMzMwMDQwMDQ2WjAzMTEwLwYDVQQD
Eyg0NTc4MWZlNzRiMTE1MjY2NDQ1MTUyNmY0Yzg2YTRmOTZhMTc4ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBcwwu0/0h0HcdSQyqpS8o5ZD3oP
bbHzMraG/XZWwOINNXOzlpTlHjMDO75x7Tn+UVeRb18Hki1FP3YBq2qOEUulWf0W
+HY4r3W5JRDDezf9dvqmfaiHyeetXX4KRDR9id0SW3yX2qNP79uZfmuKyPWR2CyG
e13clXjN3MvKzA5yKMSLcLYK7XkeA/LlrXujOmnnCjZWJYt45JSu8fAjGwHy3Bv9
yqvo8W89A0rBH0EmBrhEhXpMQc0NMY6wV0F86pkaXPnoi5i4zUv1qO+utrhQ/Bd3
NwNg+3dkIptHafAgVik+l/+k3NMtwARWVoAHmuMfb9st2zHV5mxgSR78uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEV4H+dLEVJmRFFSb0yGpPlqF41QMB8GA1UdIwQY
MBaAFF6oXx3U0DRkgPAJh0qPVnDjEIXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgt
NTkwYzVmMWIwMWIzLzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9lZjc4MDgtMTIyYi00Yjg5LTkzNTgtNTkwYzVmMWIwMWIz
LzEvWHFoZkhkVFFOR1NBOEFtSFNvOVdjT01RaGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYa5vUqfL
KcwRiJaOFItOnzna3yB//xdDiuWXUmNxLlld48b2UnbRss7jUMWvXnLHXPSwm7yI
KKueSsngRMry/QLUhg6sCMmh4ayz78qrzAGFR8CkS8DJH0ezzkdTN0aMkrzQpS8i
Q3nKYUdYqMEpk5Kc8jQwbMu5dqZLDcMWuoXI8/9XMK2qChqylPteZWDFjkcjTW4Q
t5ZUBL0nXjExGJVoKSx47ylbIzUHbDrNr29jtOGZYFL8Eyyv3ROa6ah4wfKMPe/r
DnlynlPFx4xDYtyzGwSPvL0dSZ6dY6Q8wZ5vFvt2OzdHU1jaghGF6cKWUEvFtgJF
cft6Ih6VXuRPTg==
-----END CERTIFICATE-----