Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
File:                     owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json)
Hash identifier:          I6a7WHY8DBKSOdqlGr81qrebd5EyTZR4LuiTohNIzy4=
Subject key identifier:   14:67:B4:EB:72:90:21:D6:F5:E4:8A:00:8D:14:CD:97:95:09:21:FC
Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E
Certificate issuer:       /CN=a3055f07bd47a86478c3bf47392573acd53d636e
Certificate serial:       019D38D31DDF760F3F69BACF58636E5F5E6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:00:52 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:52 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:52 +0000
Files and hashes:         1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: GMRtsi5MmLwQ62wVvkNM21KJ7B0olU8xfIGOrqbdTMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:1d:df:76:0f:3f:69:ba:cf:58:63:6e:5f:5e:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e
        Validity
            Not Before: Mar 29 09:00:52 2026 GMT
            Not After : Mar 30 09:00:52 2026 GMT
        Subject: CN=1467b4eb729021d6f5e48a008d14cd97950921fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:63:35:55:1e:3b:2a:97:d5:d6:96:93:ed:0a:
                    c2:0a:cb:10:b5:4a:75:19:a8:e4:10:1f:5e:c7:ff:
                    f3:1b:c3:66:17:68:ea:42:23:bd:2e:f0:b9:cb:77:
                    d2:24:fb:75:bc:5c:92:37:b2:8b:32:26:2b:69:e0:
                    7b:1b:b9:82:31:cd:c8:dd:08:8a:58:56:4a:fe:27:
                    7f:64:61:42:ce:63:ca:f7:81:e8:d2:fa:d1:42:6e:
                    e5:13:b7:71:5d:50:90:03:30:5b:b6:53:fc:63:28:
                    86:21:29:72:8c:a8:4d:d3:72:17:c0:80:fc:6a:22:
                    f4:39:4c:bf:61:2f:83:8e:96:82:d3:0b:2a:d7:cb:
                    e9:5c:34:8b:51:ce:71:29:0d:5c:b1:7e:c2:52:e2:
                    31:c1:e4:11:ef:ab:a2:f9:7a:6a:a8:27:5a:ca:5f:
                    34:ca:80:cd:e2:71:3a:86:01:aa:19:8d:17:1d:1e:
                    d7:c6:8b:5b:8c:5c:58:38:e5:bf:35:1f:61:12:cc:
                    1c:2a:67:b8:6c:b4:0a:fc:9f:2c:7c:a8:e8:bf:54:
                    62:1e:ca:79:8f:2b:9c:37:f5:08:ef:53:53:a1:5f:
                    43:43:fe:d1:74:b0:93:da:9c:cb:b5:f7:3a:0a:de:
                    f2:ac:1e:38:dc:5e:da:62:1f:dd:c6:64:c3:84:7e:
                    0b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:67:B4:EB:72:90:21:D6:F5:E4:8A:00:8D:14:CD:97:95:09:21:FC
            X509v3 Authority Key Identifier:
                keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:5e:1e:14:05:5c:ca:ed:9e:a4:d6:a8:2d:4d:ef:8e:17:ab:
         43:c4:b1:9f:9a:cc:23:5a:5e:18:4e:01:b6:b2:1c:2e:a7:55:
         ea:55:0f:f6:7d:50:51:58:7a:57:d2:45:fa:42:79:a2:8b:13:
         af:86:69:0b:d1:45:3c:34:21:89:28:e5:14:b5:7c:bc:b4:38:
         8a:d9:20:eb:83:0d:fd:03:48:01:e9:9f:06:12:ee:86:58:a6:
         21:12:94:a5:91:46:9b:02:88:c2:e9:1e:de:c3:04:10:09:bb:
         54:94:1d:8a:1e:31:e3:33:28:92:7b:2b:51:c8:f9:75:47:50:
         69:58:7e:45:11:21:6c:64:91:29:a9:7e:65:3d:86:04:c2:18:
         dc:55:c7:5f:b2:4b:ca:1b:37:6b:ee:7c:ce:bd:97:a6:c3:78:
         ca:21:43:fb:ef:9d:de:ec:92:3a:55:e4:69:21:47:8a:71:7b:
         97:fe:93:eb:8c:80:ca:7b:71:e5:7a:d5:4c:9e:2e:1a:b0:29:
         4a:65:ab:7d:b0:85:f0:c6:90:fa:e6:c9:45:de:62:dc:e0:1d:
         56:52:9c:21:8b:03:1a:7a:1b:76:85:c9:40:9d:c8:fc:4c:7b:
         31:05:3a:60:76:18:7b:7b:be:d8:37:a3:16:aa:2b:63:f2:98:
         b2:dc:ab:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040x3fdg8/abrPWGNuX15vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz
ZDYzNmUwHhcNMjYwMzI5MDkwMDUyWhcNMjYwMzMwMDkwMDUyWjAzMTEwLwYDVQQD
EygxNDY3YjRlYjcyOTAyMWQ2ZjVlNDhhMDA4ZDE0Y2Q5Nzk1MDkyMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWM1VR47KpfV1paT7QrCCssQtUp1
GajkEB9ex//zG8NmF2jqQiO9LvC5y3fSJPt1vFySN7KLMiYraeB7G7mCMc3I3QiK
WFZK/id/ZGFCzmPK94Ho0vrRQm7lE7dxXVCQAzBbtlP8YyiGISlyjKhN03IXwID8
aiL0OUy/YS+DjpaC0wsq18vpXDSLUc5xKQ1csX7CUuIxweQR76ui+XpqqCdayl80
yoDN4nE6hgGqGY0XHR7XxotbjFxYOOW/NR9hEswcKme4bLQK/J8sfKjov1RiHsp5
jyucN/UI71NToV9DQ/7RdLCT2pzLtfc6Ct7yrB443F7aYh/dxmTDhH4LDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRntOtykCHW9eSKAI0UzZeVCSH8MB8GA1UdIwQY
MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt
YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0
LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACV4eFAVc
yu2epNaoLU3vjherQ8Sxn5rMI1peGE4BtrIcLqdV6lUP9n1QUVh6V9JF+kJ5oosT
r4ZpC9FFPDQhiSjlFLV8vLQ4itkg64MN/QNIAemfBhLuhlimIRKUpZFGmwKIwuke
3sMEEAm7VJQdih4x4zMoknsrUcj5dUdQaVh+RREhbGSRKal+ZT2GBMIY3FXHX7JL
yhs3a+58zr2XpsN4yiFD+++d3uySOlXkaSFHinF7l/6T64yAyntx5XrVTJ4uGrAp
SmWrfbCF8MaQ+ubJRd5i3OAdVlKcIYsDGnobdoXJQJ3I/Ex7MQU6YHYYe3u+2Dej
FqorY/KYstyrCw==
-----END CERTIFICATE-----