Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
File:                     04G3AXBRkLnOnRsYRTU4TnHKMWU.mft (raw, json)
Hash identifier:          BKoMMCOXqZaUkQzRw3r7kzqzTgWO+sgtjb59OU+9xTw=
Subject key identifier:   EB:36:2F:8C:14:56:4D:76:CA:E1:D8:46:C9:EF:30:64:4D:EA:2B:EE
Authority key identifier: D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65
Certificate issuer:       /CN=d381b701705190b9ce9d1b184535384e71ca3165
Certificate serial:       019D3865D62A9EC5EF6B0047A7A9514DBA01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:31 +0000
Files and hashes:         1: 04G3AXBRkLnOnRsYRTU4TnHKMWU.crl (hash: Euh/6x8sIpqzt/KCKXLk239EZT8Muq7I4lOB3Ntp1Tg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:d6:2a:9e:c5:ef:6b:00:47:a7:a9:51:4d:ba:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d381b701705190b9ce9d1b184535384e71ca3165
        Validity
            Not Before: Mar 29 07:01:31 2026 GMT
            Not After : Mar 30 07:01:31 2026 GMT
        Subject: CN=eb362f8c14564d76cae1d846c9ef30644dea2bee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:08:9b:8a:1d:e6:33:aa:d8:0e:ec:ab:12:db:
                    2b:83:63:e3:f3:6b:3b:b6:82:c3:5b:95:15:77:99:
                    25:2b:b9:0e:d2:4b:41:2c:76:0c:74:00:6b:ac:fc:
                    20:82:e0:a0:34:c3:f7:46:ad:9b:aa:93:b6:73:61:
                    f0:2a:e3:72:6a:9d:2d:66:6c:92:b7:48:36:e5:e4:
                    ac:98:ec:50:76:5e:58:20:17:34:5a:ef:6c:13:38:
                    82:b8:c7:f6:73:13:d4:c5:9a:18:db:3c:c5:c6:ce:
                    7c:7c:79:18:c1:e6:49:1a:77:f7:bc:ee:63:64:44:
                    c0:ee:b9:4e:ca:34:41:6c:d5:83:68:90:23:d9:b1:
                    57:a2:04:0b:27:03:f7:d8:c6:aa:d2:ae:77:91:a9:
                    2d:c5:80:75:c8:f0:85:25:28:89:69:71:70:8f:3b:
                    00:21:92:b7:c5:64:85:60:35:11:3a:4c:2f:d1:72:
                    84:79:f7:cd:61:cd:2a:7d:ec:3d:9e:16:57:12:a7:
                    9e:e1:f8:dc:b2:c9:f3:67:fe:e1:8a:e8:28:ff:37:
                    bc:5d:95:a1:f9:0b:f2:bf:1c:23:a0:06:2b:0a:31:
                    96:2b:7d:50:7e:3a:2d:c4:62:5b:d1:9a:fb:56:6d:
                    07:ad:95:39:9c:76:b3:07:6e:6a:0d:19:0c:b7:75:
                    4b:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:36:2F:8C:14:56:4D:76:CA:E1:D8:46:C9:EF:30:64:4D:EA:2B:EE
            X509v3 Authority Key Identifier:
                keyid:D3:81:B7:01:70:51:90:B9:CE:9D:1B:18:45:35:38:4E:71:CA:31:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04G3AXBRkLnOnRsYRTU4TnHKMWU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/603c58-1002-4069-8917-7054eb2c4c00/1/04G3AXBRkLnOnRsYRTU4TnHKMWU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:c1:e5:92:cc:0c:d5:c7:11:25:d7:bd:50:eb:1f:31:6e:d9:
         6e:da:d5:ee:02:95:1c:22:44:fc:b9:15:f2:57:eb:2f:11:77:
         9b:44:d0:11:87:13:74:b7:f8:85:b5:37:40:9a:ba:75:e7:50:
         4c:06:4a:a7:17:44:37:ad:0a:66:75:85:3f:19:0a:a9:ee:72:
         7d:16:c5:dc:75:91:d2:cd:ab:e5:a4:b4:29:2a:f4:60:45:1e:
         a7:24:44:75:1a:c4:6d:04:fb:17:6d:34:41:44:7a:76:34:dc:
         e0:ee:3a:7b:41:28:5a:22:0f:5d:ba:12:95:45:b6:38:29:02:
         c2:f8:0d:d9:66:4c:90:a9:f3:3e:37:01:d3:de:16:27:65:2f:
         a1:89:c2:57:e7:94:4d:ea:2c:a3:46:57:c6:82:74:a9:b8:8b:
         77:23:61:7e:e7:5b:ce:e3:d3:01:62:ac:1d:db:75:c5:05:52:
         f2:ea:b1:e1:ea:aa:79:26:77:21:29:82:a3:2e:74:ec:06:00:
         82:4e:f5:e3:e0:8e:92:86:2d:6d:59:26:af:3c:d4:08:89:a7:
         59:ce:e9:0d:73:54:e1:c2:2e:17:05:c8:03:b5:c9:44:a3:a3:
         e6:e4:1c:0a:82:47:24:90:74:f6:5e:df:92:69:77:c5:e2:dd:
         42:e1:e8:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdYqnsXvawBHp6lRTboBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODFiNzAxNzA1MTkwYjljZTlkMWIxODQ1MzUzODRlNzFj
YTMxNjUwHhcNMjYwMzI5MDcwMTMxWhcNMjYwMzMwMDcwMTMxWjAzMTEwLwYDVQQD
EyhlYjM2MmY4YzE0NTY0ZDc2Y2FlMWQ4NDZjOWVmMzA2NDRkZWEyYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywibih3mM6rYDuyrEtsrg2Pj82s7
toLDW5UVd5klK7kO0ktBLHYMdABrrPwgguCgNMP3Rq2bqpO2c2HwKuNyap0tZmyS
t0g25eSsmOxQdl5YIBc0Wu9sEziCuMf2cxPUxZoY2zzFxs58fHkYweZJGnf3vO5j
ZETA7rlOyjRBbNWDaJAj2bFXogQLJwP32Maq0q53kaktxYB1yPCFJSiJaXFwjzsA
IZK3xWSFYDUROkwv0XKEeffNYc0qfew9nhZXEqee4fjcssnzZ/7hiugo/ze8XZWh
+QvyvxwjoAYrCjGWK31QfjotxGJb0Zr7Vm0HrZU5nHazB25qDRkMt3VLcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOs2L4wUVk12yuHYRsnvMGRN6ivuMB8GA1UdIwQY
MBaAFNOBtwFwUZC5zp0bGEU1OE5xyjFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTct
NzA1NGViMmM0YzAwLzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82MDNjNTgtMTAwMi00MDY5LTg5MTctNzA1NGViMmM0YzAw
LzEvMDRHM0FYQlJrTG5PblJzWVJUVTRUbkhLTVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQsHlkswM
1ccRJde9UOsfMW7ZbtrV7gKVHCJE/LkV8lfrLxF3m0TQEYcTdLf4hbU3QJq6dedQ
TAZKpxdEN60KZnWFPxkKqe5yfRbF3HWR0s2r5aS0KSr0YEUepyREdRrEbQT7F200
QUR6djTc4O46e0EoWiIPXboSlUW2OCkCwvgN2WZMkKnzPjcB094WJ2UvoYnCV+eU
Teoso0ZXxoJ0qbiLdyNhfudbzuPTAWKsHdt1xQVS8uqx4eqqeSZ3ISmCoy507AYA
gk714+COkoYtbVkmrzzUCImnWc7pDXNU4cIuFwXIA7XJRKOj5uQcCoJHJJB09l7f
kml3xeLdQuHo9g==
-----END CERTIFICATE-----