Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
File:                     AVkheESIrdmgVmH_EXh-x1TmBeU.mft (raw, json)
Hash identifier:          N5wUqyd3aH32SBIYU9c9HeYqZQ16jrdT+j15Fnm0/Sg=
Subject key identifier:   6E:71:94:7B:37:66:3A:18:5D:AC:7C:70:6F:38:F7:8F:EE:B6:77:94
Authority key identifier: 01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5
Certificate issuer:       /CN=015921784488add9a05661ff11787ec754e605e5
Certificate serial:       019D3865F08E84BF7FC3B793B25692A839F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:37 +0000
Files and hashes:         1: AVkheESIrdmgVmH_EXh-x1TmBeU.crl (hash: 5Tf10YwDVDFxKaNr3bSBHZ2Yznwd0PYvnpUmnPtmBUc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f0:8e:84:bf:7f:c3:b7:93:b2:56:92:a8:39:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015921784488add9a05661ff11787ec754e605e5
        Validity
            Not Before: Mar 29 07:01:37 2026 GMT
            Not After : Mar 30 07:01:37 2026 GMT
        Subject: CN=6e71947b37663a185dac7c706f38f78feeb67794
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:35:ba:2d:fe:9e:5e:a5:fe:0f:bf:c0:4d:55:
                    93:c1:97:83:79:64:4a:fb:d2:6c:33:e3:9d:6e:e4:
                    40:4a:bb:a8:9f:ec:9e:d6:cc:19:5a:10:b8:04:42:
                    c4:02:4e:a9:4f:cb:5b:89:8b:14:ab:e0:57:e0:8a:
                    bc:47:ec:40:85:4e:a7:72:2a:50:c8:4c:52:72:e3:
                    56:5c:0d:69:4f:1e:67:5f:db:05:2e:64:09:79:77:
                    67:c2:b5:ed:ba:89:1d:9a:b1:7a:7a:29:c4:ec:ce:
                    43:b1:5d:ab:0b:23:2e:c6:30:c7:a2:8d:6e:54:eb:
                    ae:f1:25:da:27:d8:69:c2:44:f1:76:d8:c7:2c:5b:
                    0b:dc:04:b4:cf:e6:38:c2:4a:15:2c:68:f0:12:0f:
                    b5:64:a2:5f:ec:54:4f:ea:6a:26:f7:1c:82:dc:40:
                    77:bf:26:c8:33:08:a4:c3:d7:c4:e4:b8:dc:76:b2:
                    c9:08:6f:b9:06:b5:e6:48:53:38:a0:08:f5:4e:bf:
                    0b:16:49:c6:d2:2f:7a:38:fd:f6:b4:00:b4:6b:38:
                    b0:dc:d1:43:00:49:23:49:8e:f6:42:77:51:1e:8c:
                    02:04:38:5f:28:23:c3:bf:57:0f:c2:ae:48:c8:a3:
                    e6:57:a4:11:30:25:a1:55:96:72:44:e3:4c:fc:b5:
                    ed:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:71:94:7B:37:66:3A:18:5D:AC:7C:70:6F:38:F7:8F:EE:B6:77:94
            X509v3 Authority Key Identifier:
                keyid:01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:c8:42:fe:ec:a3:6d:21:e3:ee:97:e3:8b:40:af:b8:81:9d:
         75:ba:43:77:cb:05:33:9a:26:5d:9b:ae:29:a2:95:16:db:9d:
         cd:34:ca:85:ff:99:14:44:35:93:b2:4b:04:c0:5f:48:da:14:
         a9:8f:0d:68:e2:7f:40:77:4e:f6:2e:96:d2:40:5a:f9:d1:2a:
         fb:5a:be:56:7c:d1:ae:fc:cd:58:b0:ca:9a:ec:ef:38:e3:51:
         5f:7a:a0:5c:ea:9e:78:41:49:e2:73:92:76:be:85:b8:7d:1c:
         2c:37:2d:f0:45:3a:12:84:f8:61:e4:c3:ab:6c:7b:8c:94:30:
         95:64:b1:c4:5f:e3:d7:94:e7:95:d7:f8:b0:0a:c3:d0:c8:fa:
         1a:b3:06:ff:10:99:32:4e:06:0f:0c:cd:44:92:c3:80:85:44:
         86:31:46:e2:10:f8:dc:7e:6d:d6:1a:50:77:8c:a2:b1:95:98:
         bf:71:64:ed:6f:6f:b3:e3:c1:34:65:eb:5f:92:c4:0b:66:1c:
         37:37:bb:63:df:b1:1a:01:2d:4e:07:2d:b8:c2:14:85:69:c4:
         0f:67:5f:80:dd:a3:ab:2d:b2:85:9c:53:59:f6:63:03:8c:e3:
         91:43:9b:82:47:fa:73:1c:51:92:ad:e3:5a:dc:ff:fd:70:38:
         2c:33:97:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfCOhL9/w7eTslaSqDnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTkyMTc4NDQ4OGFkZDlhMDU2NjFmZjExNzg3ZWM3NTRl
NjA1ZTUwHhcNMjYwMzI5MDcwMTM3WhcNMjYwMzMwMDcwMTM3WjAzMTEwLwYDVQQD
Eyg2ZTcxOTQ3YjM3NjYzYTE4NWRhYzdjNzA2ZjM4Zjc4ZmVlYjY3Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljW6Lf6eXqX+D7/ATVWTwZeDeWRK
+9JsM+OdbuRASruon+ye1swZWhC4BELEAk6pT8tbiYsUq+BX4Iq8R+xAhU6ncipQ
yExScuNWXA1pTx5nX9sFLmQJeXdnwrXtuokdmrF6einE7M5DsV2rCyMuxjDHoo1u
VOuu8SXaJ9hpwkTxdtjHLFsL3AS0z+Y4wkoVLGjwEg+1ZKJf7FRP6mom9xyC3EB3
vybIMwikw9fE5LjcdrLJCG+5BrXmSFM4oAj1Tr8LFknG0i96OP32tAC0aziw3NFD
AEkjSY72QndRHowCBDhfKCPDv1cPwq5IyKPmV6QRMCWhVZZyRONM/LXtbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG5xlHs3ZjoYXax8cG8494/utneUMB8GA1UdIwQY
MBaAFAFZIXhEiK3ZoFZh/xF4fsdU5gXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDkt
OGE5MTg0MDBmMjYwLzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDktOGE5MTg0MDBmMjYw
LzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEchC/uyj
bSHj7pfji0CvuIGddbpDd8sFM5omXZuuKaKVFtudzTTKhf+ZFEQ1k7JLBMBfSNoU
qY8NaOJ/QHdO9i6W0kBa+dEq+1q+VnzRrvzNWLDKmuzvOONRX3qgXOqeeEFJ4nOS
dr6FuH0cLDct8EU6EoT4YeTDq2x7jJQwlWSxxF/j15Tnldf4sArD0Mj6GrMG/xCZ
Mk4GDwzNRJLDgIVEhjFG4hD43H5t1hpQd4yisZWYv3Fk7W9vs+PBNGXrX5LEC2Yc
Nze7Y9+xGgEtTgctuMIUhWnED2dfgN2jqy2yhZxTWfZjA4zjkUObgkf6cxxRkq3j
Wtz//XA4LDOXLw==
-----END CERTIFICATE-----