Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
File:                     y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft (raw, json)
Hash identifier:          lLRAERFGzsm/V5niPj3leGetOghVVMYUqx3OV0bWybk=
Subject key identifier:   6A:FB:25:09:23:BD:85:EC:32:16:14:20:54:52:4A:F5:70:C7:FC:3E
Authority key identifier: CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D
Certificate issuer:       /CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
Certificate serial:       019D382E1C413A6A2E587E3B945C0800D480
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
Manifest number:          188E
Signing time:             Sun 29 Mar 2026 06:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:39 +0000
Files and hashes:         1: y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl (hash: gXYeNOb+19LuXTjMNVoyuyzyVXnCG7/DhTBdx5k5T0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:1c:41:3a:6a:2e:58:7e:3b:94:5c:08:00:d4:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cb83fbfc176cd48ebe2f2cde9f4c01ed253bbb2d
        Validity
            Not Before: Mar 29 06:00:39 2026 GMT
            Not After : Mar 30 06:00:39 2026 GMT
        Subject: CN=6afb250923bd85ec3216142054524af570c7fc3e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:01:12:63:0a:f7:84:11:9a:37:c7:9d:7a:f9:
                    75:49:31:11:1d:3d:a0:79:83:81:81:3a:28:da:10:
                    f7:ac:61:fa:98:dc:08:9c:dd:27:fa:f4:a9:05:d0:
                    6e:af:69:61:39:b3:57:46:1e:89:5d:44:e8:9c:76:
                    18:49:ab:e3:b2:3a:fc:84:2e:f6:72:10:1a:f6:58:
                    7b:71:1a:92:d4:02:89:de:b1:3a:34:8b:c2:2e:6b:
                    f5:1b:2c:f7:ec:1c:dc:28:b2:fc:f4:d4:0b:d4:9f:
                    ae:1d:e3:59:66:8d:6c:ec:16:36:b4:33:b3:a4:9d:
                    a9:f2:eb:2d:8d:2b:91:91:93:6f:49:b8:c0:ac:f6:
                    be:d7:31:43:90:17:47:86:b4:a5:9e:0d:54:58:5a:
                    dc:dc:f7:e1:8c:ce:04:ce:a9:9a:6a:f6:a5:4c:48:
                    f1:4e:51:c0:2b:1e:1d:6e:a4:c2:6f:9c:3e:75:37:
                    e2:1d:54:72:81:7b:2c:ae:68:3e:9c:0e:08:1c:78:
                    a9:ff:d6:3b:bb:22:d6:0b:66:ec:2a:f3:4c:a6:01:
                    8c:0f:4c:c8:62:df:40:15:48:77:ba:3b:d5:84:bc:
                    4b:16:69:92:f7:d8:83:fe:52:65:1f:18:2b:6a:1c:
                    23:b6:15:05:b8:98:3a:1a:09:f7:4b:06:4e:fe:0f:
                    73:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:FB:25:09:23:BD:85:EC:32:16:14:20:54:52:4A:F5:70:C7:FC:3E
            X509v3 Authority Key Identifier:
                keyid:CB:83:FB:FC:17:6C:D4:8E:BE:2F:2C:DE:9F:4C:01:ED:25:3B:BB:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4P7_Bds1I6-Lyzen0wB7SU7uy0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/ea37f1-ce1a-4816-bcb6-4412defede73/1/y4P7_Bds1I6-Lyzen0wB7SU7uy0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:97:aa:d8:3e:65:e4:22:7d:34:27:87:24:62:8a:52:03:5c:
         16:9d:11:4f:e1:17:f5:07:76:7f:01:29:19:19:5b:73:d0:5d:
         1b:51:7d:9e:d2:95:2a:1c:8e:12:95:98:44:32:66:b8:e0:c6:
         65:5e:7b:14:1d:fb:28:74:b7:34:7a:e0:b4:ab:a9:bf:61:95:
         61:8f:99:b9:8a:48:ad:4d:ef:65:e8:79:98:57:2f:13:4a:d0:
         77:e8:8a:19:f3:86:a9:85:76:fb:cf:c1:43:69:48:bb:bf:f2:
         57:74:0f:09:01:1b:1c:d8:0f:4b:c4:20:84:5c:55:a5:58:38:
         79:72:be:e1:c6:4b:1f:34:0b:b2:5e:cf:64:fd:d3:a7:d9:eb:
         3d:db:82:3d:98:1a:ab:09:52:66:71:54:ab:57:a9:2e:db:00:
         aa:5d:91:19:2e:d2:e7:ff:65:6a:fe:e9:d3:51:82:e2:46:e3:
         f9:58:f4:81:77:67:21:b0:13:2f:06:e7:46:e9:eb:33:21:fa:
         05:d4:45:95:55:d1:ac:58:d3:ba:f5:da:17:1a:a1:72:e0:32:
         c9:8d:cb:29:0f:fd:27:ee:8f:15:aa:8b:bb:58:0b:18:8e:63:
         c8:b1:4a:7e:91:44:59:b9:e7:2a:3d:08:ae:db:bf:7d:06:f8:
         fa:2d:3a:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LhxBOmouWH47lFwIANSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODNmYmZjMTc2Y2Q0OGViZTJmMmNkZTlmNGMwMWVkMjUz
YmJiMmQwHhcNMjYwMzI5MDYwMDM5WhcNMjYwMzMwMDYwMDM5WjAzMTEwLwYDVQQD
Eyg2YWZiMjUwOTIzYmQ4NWVjMzIxNjE0MjA1NDUyNGFmNTcwYzdmYzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQESYwr3hBGaN8edevl1STERHT2g
eYOBgToo2hD3rGH6mNwInN0n+vSpBdBur2lhObNXRh6JXUTonHYYSavjsjr8hC72
chAa9lh7cRqS1AKJ3rE6NIvCLmv1Gyz37BzcKLL89NQL1J+uHeNZZo1s7BY2tDOz
pJ2p8ustjSuRkZNvSbjArPa+1zFDkBdHhrSlng1UWFrc3PfhjM4EzqmaavalTEjx
TlHAKx4dbqTCb5w+dTfiHVRygXssrmg+nA4IHHip/9Y7uyLWC2bsKvNMpgGMD0zI
Yt9AFUh3ujvVhLxLFmmS99iD/lJlHxgrahwjthUFuJg6Ggn3SwZO/g9zoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGr7JQkjvYXsMhYUIFRSSvVwx/w+MB8GA1UdIwQY
MBaAFMuD+/wXbNSOvi8s3p9MAe0lO7stMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYt
NDQxMmRlZmVkZTczLzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9lYTM3ZjEtY2UxYS00ODE2LWJjYjYtNDQxMmRlZmVkZTcz
LzEveTRQN19CZHMxSTYtTHl6ZW4wd0I3U1U3dXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbZeq2D5l
5CJ9NCeHJGKKUgNcFp0RT+EX9Qd2fwEpGRlbc9BdG1F9ntKVKhyOEpWYRDJmuODG
ZV57FB37KHS3NHrgtKupv2GVYY+ZuYpIrU3vZeh5mFcvE0rQd+iKGfOGqYV2+8/B
Q2lIu7/yV3QPCQEbHNgPS8QghFxVpVg4eXK+4cZLHzQLsl7PZP3Tp9nrPduCPZga
qwlSZnFUq1epLtsAql2RGS7S5/9lav7p01GC4kbj+Vj0gXdnIbATLwbnRunrMyH6
BdRFlVXRrFjTuvXaFxqhcuAyyY3LKQ/9J+6PFaqLu1gLGI5jyLFKfpFEWbnnKj0I
rtu/fQb4+i06JA==
-----END CERTIFICATE-----