Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          hzKYwIksFPbwop5OaAj52uvYAMwNvL1F974+pKANh5M=
Subject key identifier:   A0:01:EA:BC:8C:C1:74:F0:4E:31:C4:45:27:03:57:8A:BF:B4:29:B1
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       019D38657B8E9B603AA749E5986E9B9FC854
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:07 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: 1vMb17rvvcRpowaIoUW1gg+AowJT+rR9UUQzT40ax7o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:7b:8e:9b:60:3a:a7:49:e5:98:6e:9b:9f:c8:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Mar 29 07:01:07 2026 GMT
            Not After : Mar 30 07:01:07 2026 GMT
        Subject: CN=a001eabc8cc174f04e31c4452703578abfb429b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:d6:b5:fc:8e:2e:c9:da:9c:5e:1a:06:04:2b:
                    87:b1:79:d5:0e:ae:cf:b3:39:1c:c9:df:ac:99:64:
                    1b:f7:54:f3:2b:70:4c:63:5b:34:54:18:2e:bf:e8:
                    02:2f:8d:ea:13:af:70:be:43:0f:dc:cc:8a:6e:3d:
                    1a:ae:d1:26:56:86:cb:d9:78:08:4a:24:db:67:ad:
                    6e:9b:2c:50:04:5f:5d:c5:da:a4:ec:91:84:29:5b:
                    fc:6d:76:d3:bd:b5:f6:55:a4:7b:42:85:83:4d:f4:
                    42:fb:05:a3:d3:c9:e4:5b:7c:e9:42:5f:f6:d1:18:
                    ab:4b:1a:68:d9:de:42:38:0c:4b:e8:3b:58:55:b2:
                    7d:59:8e:30:47:88:95:db:7c:95:1b:18:61:e6:e4:
                    04:c9:f8:96:6f:63:e0:b9:0b:68:42:56:95:09:98:
                    22:bf:4f:7b:62:b4:7b:3e:f8:47:dd:6c:b5:ae:cf:
                    e4:76:0c:da:4c:71:68:5c:a7:2f:1c:ce:e0:8d:ef:
                    5c:9c:49:f3:4c:fb:93:ba:4c:64:99:b8:00:ea:4d:
                    d2:24:d2:d2:fa:bc:83:09:c4:aa:c9:45:8b:ee:5e:
                    80:3e:42:f6:a0:93:59:31:6f:15:d3:a1:31:3c:c6:
                    bc:5d:4f:9a:5e:86:a2:44:92:28:fd:46:86:73:48:
                    c0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:01:EA:BC:8C:C1:74:F0:4E:31:C4:45:27:03:57:8A:BF:B4:29:B1
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:1d:37:98:7c:9b:80:97:c1:e6:4b:bf:7e:69:86:c0:b5:98:
         35:41:f2:50:89:98:9c:6b:f8:4d:ab:60:ac:eb:63:c9:d1:b4:
         48:95:79:cc:02:94:c3:c6:c9:cc:a8:10:a7:58:fe:13:f5:9d:
         46:4f:b5:5f:6d:90:4d:a2:15:8a:66:c0:a5:6e:3e:db:c1:f3:
         97:5d:2a:94:8f:62:1e:e9:1e:0d:2c:a0:37:46:ab:55:44:84:
         7f:1e:08:66:d9:08:ea:40:65:06:26:b6:dc:b5:aa:8a:ea:06:
         3a:8b:06:4c:fe:c8:c7:94:09:d2:ab:0f:47:79:5d:ed:5a:f3:
         c0:7f:ac:82:df:76:6e:83:cd:e4:10:09:bb:8e:69:07:e6:84:
         36:0c:9f:c0:d0:cf:08:15:e9:8b:ca:89:63:d7:8f:df:c5:76:
         d4:be:bb:4d:15:cb:e9:c9:c4:2e:22:e5:5a:e2:42:87:2b:f1:
         68:1f:49:4c:cf:76:02:3c:8d:c7:b1:81:79:da:9a:bd:ef:a6:
         28:f1:ea:1f:e5:41:ef:24:4e:4b:38:41:5a:21:07:0e:89:16:
         ca:9f:45:7f:d7:99:67:3a:2c:fc:6c:fe:f4:59:7c:cd:aa:dc:
         77:62:5a:80:09:f2:e9:39:0c:76:4a:85:71:13:5d:3b:21:66:
         ca:5b:06:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXuOm2A6p0nlmG6bn8hUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjYwMzI5MDcwMTA3WhcNMjYwMzMwMDcwMTA3WjAzMTEwLwYDVQQD
EyhhMDAxZWFiYzhjYzE3NGYwNGUzMWM0NDUyNzAzNTc4YWJmYjQyOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAida1/I4uydqcXhoGBCuHsXnVDq7P
szkcyd+smWQb91TzK3BMY1s0VBguv+gCL43qE69wvkMP3MyKbj0artEmVobL2XgI
SiTbZ61umyxQBF9dxdqk7JGEKVv8bXbTvbX2VaR7QoWDTfRC+wWj08nkW3zpQl/2
0RirSxpo2d5COAxL6DtYVbJ9WY4wR4iV23yVGxhh5uQEyfiWb2PguQtoQlaVCZgi
v097YrR7PvhH3Wy1rs/kdgzaTHFoXKcvHM7gje9cnEnzTPuTukxkmbgA6k3SJNLS
+ryDCcSqyUWL7l6APkL2oJNZMW8V06ExPMa8XU+aXoaiRJIo/UaGc0jAywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAB6ryMwXTwTjHERScDV4q/tCmxMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARR03mHyb
gJfB5ku/fmmGwLWYNUHyUImYnGv4TatgrOtjydG0SJV5zAKUw8bJzKgQp1j+E/Wd
Rk+1X22QTaIVimbApW4+28Hzl10qlI9iHukeDSygN0arVUSEfx4IZtkI6kBlBia2
3LWqiuoGOosGTP7Ix5QJ0qsPR3ld7VrzwH+sgt92boPN5BAJu45pB+aENgyfwNDP
CBXpi8qJY9eP38V21L67TRXL6cnELiLlWuJChyvxaB9JTM92AjyNx7GBedqave+m
KPHqH+VB7yROSzhBWiEHDokWyp9Ff9eZZzos/Gz+9Fl8zarcd2JagAny6TkMdkqF
cRNdOyFmylsGSw==
-----END CERTIFICATE-----