Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
File:                     OneLgrqpeIoayvLsNothmB71HfI.mft (raw, json)
Hash identifier:          Aw8JBzLbwcqJvvDx+J9wVEUgl+rbVQkg2EL5Bu0oTlc=
Subject key identifier:   05:34:95:FB:9A:C3:9E:D3:FE:35:84:0C:FB:09:D2:A7:96:AF:FD:78
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Certificate issuer:       /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial:       019D27A9313059137A6487BCD1BE2DAF9E3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
Manifest number:          188C
Signing time:             Thu 26 Mar 2026 01:01:32 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:32 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:32 +0000
Files and hashes:         1: OneLgrqpeIoayvLsNothmB71HfI.crl (hash: f32IbFQYSTxINoMonckg+LieG9lNvq95Vnm8ydyIB2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:31:30:59:13:7a:64:87:bc:d1:be:2d:af:9e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
        Validity
            Not Before: Mar 26 01:01:32 2026 GMT
            Not After : Mar 27 01:01:32 2026 GMT
        Subject: CN=053495fb9ac39ed3fe35840cfb09d2a796affd78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:68:bd:4b:b6:ec:3e:6f:1f:19:6e:37:e6:b5:
                    bf:10:42:b7:2b:b9:d9:cf:64:b5:6a:6d:55:ea:cb:
                    69:83:2e:2c:5d:e3:31:1f:fd:47:2d:c3:50:4c:04:
                    91:fa:dd:f7:a1:8b:cc:80:29:78:b5:8b:4c:e5:cb:
                    5c:95:2f:fe:1f:ff:dd:73:6d:48:1c:70:e5:08:23:
                    6f:6a:57:40:2b:df:83:4c:9a:d4:29:7c:d4:83:44:
                    6f:0a:bf:88:81:68:e9:14:f9:fe:c0:7c:8b:7f:e2:
                    a4:6f:1d:9f:0d:fa:88:8a:98:70:63:66:fe:b3:50:
                    63:b0:53:3b:48:83:31:cb:56:16:ca:fb:d8:1e:51:
                    ab:7b:c4:7c:02:f4:83:ac:35:7e:5a:6c:5e:bf:f3:
                    dd:05:57:e6:94:3f:93:a2:23:37:c4:64:f2:76:3e:
                    24:8c:83:72:71:01:54:9c:cc:88:79:8d:e4:f5:38:
                    ed:e1:e6:cf:05:1f:3c:ca:73:82:9b:eb:a5:2c:95:
                    c5:13:d7:ff:14:a7:17:62:1a:8d:5c:a3:a5:9c:89:
                    7f:42:45:c0:3b:da:2c:a3:93:4c:af:9a:8a:9c:02:
                    15:e1:a6:0c:9e:4c:16:5a:58:6b:31:b2:e9:88:14:
                    ac:82:df:11:ea:c2:c2:30:9b:2f:04:ed:3d:0e:29:
                    c3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:34:95:FB:9A:C3:9E:D3:FE:35:84:0C:FB:09:D2:A7:96:AF:FD:78
            X509v3 Authority Key Identifier:
                keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:89:2d:05:1e:04:45:22:83:99:a3:dd:7b:3d:4b:c7:ef:80:
         38:7c:76:9e:b6:11:ba:63:49:4f:48:52:d1:3d:c8:92:19:de:
         cb:97:59:70:a8:ae:bf:7b:ca:58:12:b2:dd:d7:34:63:b1:f6:
         c1:d6:00:91:83:10:3e:bc:9b:4c:a3:c2:66:5c:3e:ba:d0:61:
         2c:b8:26:b0:3c:c2:31:22:81:fb:e2:50:f7:35:86:00:e9:d8:
         13:05:d2:41:f8:bd:53:1a:7a:3a:6e:af:e8:ad:29:c9:ee:d8:
         f1:4f:43:79:66:8c:91:62:93:32:83:30:8f:c5:ac:f7:f3:1d:
         24:88:27:00:99:41:6b:cf:e2:9e:f4:b4:41:89:6b:c7:ea:2c:
         5b:6a:5e:f7:f2:f1:23:4d:e2:92:a8:fd:c9:17:e7:13:ce:c6:
         ed:20:42:d8:3c:1b:e3:69:45:be:eb:12:a4:91:c5:72:eb:7d:
         68:87:16:de:b3:fd:ec:11:29:7c:52:aa:1a:a3:84:17:ef:69:
         42:a0:0e:30:d5:53:e5:29:dd:dc:1c:03:d7:16:63:ec:f5:cb:
         d0:4c:e3:72:e0:dc:72:63:9d:3c:f8:fa:b2:ad:39:dd:34:1a:
         72:17:de:07:8c:b5:aa:b6:d6:1a:b3:55:c8:31:73:4d:33:7e:
         97:60:c7:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqTEwWRN6ZIe80b4tr549MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjYwMzI2MDEwMTMyWhcNMjYwMzI3MDEwMTMyWjAzMTEwLwYDVQQD
EygwNTM0OTVmYjlhYzM5ZWQzZmUzNTg0MGNmYjA5ZDJhNzk2YWZmZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmi9S7bsPm8fGW435rW/EEK3K7nZ
z2S1am1V6stpgy4sXeMxH/1HLcNQTASR+t33oYvMgCl4tYtM5ctclS/+H//dc21I
HHDlCCNvaldAK9+DTJrUKXzUg0RvCr+IgWjpFPn+wHyLf+Kkbx2fDfqIiphwY2b+
s1BjsFM7SIMxy1YWyvvYHlGre8R8AvSDrDV+Wmxev/PdBVfmlD+ToiM3xGTydj4k
jINycQFUnMyIeY3k9Tjt4ebPBR88ynOCm+ulLJXFE9f/FKcXYhqNXKOlnIl/QkXA
O9oso5NMr5qKnAIV4aYMnkwWWlhrMbLpiBSsgt8R6sLCMJsvBO09DinDtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAU0lfuaw57T/jWEDPsJ0qeWr/14MB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIoktBR4E
RSKDmaPdez1Lx++AOHx2nrYRumNJT0hS0T3Ikhney5dZcKiuv3vKWBKy3dc0Y7H2
wdYAkYMQPrybTKPCZlw+utBhLLgmsDzCMSKB++JQ9zWGAOnYEwXSQfi9Uxp6Om6v
6K0pye7Y8U9DeWaMkWKTMoMwj8Ws9/MdJIgnAJlBa8/invS0QYlrx+osW2pe9/Lx
I03ikqj9yRfnE87G7SBC2Dwb42lFvusSpJHFcut9aIcW3rP97BEpfFKqGqOEF+9p
QqAOMNVT5Snd3BwD1xZj7PXL0EzjcuDccmOdPPj6sq053TQachfeB4y1qrbWGrNV
yDFzTTN+l2DHTQ==
-----END CERTIFICATE-----