Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
File:                     _1VJGZMcZ70mUPxODHPC-z4ijZU.mft (raw, json)
Hash identifier:          QE4PKhhFZCFstagYP3LQBnXWIyI7my7ekIj/kIB2Fdk=
Subject key identifier:   00:D4:64:7A:49:06:B8:7A:19:DF:1F:BB:45:31:27:1F:74:4C:B3:6B
Authority key identifier: FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95
Certificate issuer:       /CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
Certificate serial:       019D3AF8495388AD180BD052737A0D19DCE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 19:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 19:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 19:00:43 +0000
Files and hashes:         1: _1VJGZMcZ70mUPxODHPC-z4ijZU.crl (hash: tYFr9MgcRNVKXJVf5WkxYxiSLygfDziDxEM4alMGd7A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f8:49:53:88:ad:18:0b:d0:52:73:7a:0d:19:dc:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
        Validity
            Not Before: Mar 29 19:00:43 2026 GMT
            Not After : Mar 30 19:00:43 2026 GMT
        Subject: CN=00d4647a4906b87a19df1fbb4531271f744cb36b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:40:f0:fe:c5:8e:50:75:78:f5:83:e9:eb:25:
                    68:cf:f1:29:86:74:73:3b:1b:fc:8b:56:69:9f:66:
                    8b:00:8b:98:be:3e:4d:f5:65:ff:db:34:1a:2d:56:
                    6e:28:67:d8:66:14:d2:a2:9f:72:13:12:9a:cf:58:
                    a0:33:3d:ab:07:2d:c3:0f:ac:8d:0d:05:db:d8:28:
                    ae:cb:30:47:51:b6:96:3f:cc:15:47:12:67:84:e9:
                    cf:08:a7:6a:64:70:62:9d:22:56:cd:a6:ce:46:55:
                    68:a6:6c:a1:dd:c9:07:27:2c:0e:cc:71:a8:f3:9b:
                    fd:ca:20:18:65:7a:b2:a0:83:e0:e8:11:24:77:83:
                    46:9f:82:87:25:75:36:87:31:9c:59:c9:18:3f:0a:
                    eb:95:1b:33:73:43:ec:d8:68:18:de:2f:a5:00:79:
                    8c:c8:2e:6f:96:08:e9:63:e2:dc:28:02:84:f8:21:
                    74:45:de:32:b5:01:43:d1:e8:f5:bb:7b:16:f5:35:
                    d2:e1:b9:fc:24:57:42:91:43:e6:1b:74:66:9d:17:
                    e3:d9:30:94:b3:48:de:d9:3a:4b:4a:da:ab:7f:2b:
                    d9:c4:78:27:34:d4:60:3a:e7:fe:3c:f7:77:de:f9:
                    e4:c8:0a:ed:09:ac:47:12:ad:d1:5b:23:37:7a:09:
                    91:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:D4:64:7A:49:06:B8:7A:19:DF:1F:BB:45:31:27:1F:74:4C:B3:6B
            X509v3 Authority Key Identifier:
                keyid:FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:bf:6f:b4:54:ef:b0:24:b6:d4:af:57:6a:0d:41:54:b4:95:
         a3:45:dd:58:db:22:cb:66:6b:51:d7:18:4b:eb:bf:06:68:bb:
         04:4a:63:4e:48:91:82:cd:d5:60:c2:48:93:22:83:3b:57:57:
         5c:de:17:a8:52:17:2f:49:29:cc:b0:73:d2:9b:1d:16:0e:7f:
         4d:0e:92:8a:c7:c0:92:9c:e2:e2:ba:c0:f8:f9:18:f7:10:ef:
         23:fd:df:41:80:b5:ac:30:91:49:3c:31:1b:53:01:f1:95:a6:
         7e:af:07:c5:c7:80:38:dc:49:e9:25:5b:cd:c4:7b:02:c7:7c:
         31:a0:9a:d5:6b:d9:62:a9:23:73:63:eb:0c:38:a1:e8:09:24:
         da:55:fe:0d:32:4f:ed:e9:01:cb:f2:ad:8b:29:0c:7f:a2:bf:
         ec:20:2c:5f:e0:4e:14:b1:1c:1e:5c:15:58:82:43:89:ed:89:
         83:58:d7:a2:95:a6:9c:8e:c3:37:65:8b:5a:30:a9:9b:79:f2:
         0a:37:2d:3c:21:70:e7:40:b7:26:e2:34:f0:96:11:04:40:ea:
         f8:51:f4:a3:64:50:8b:f0:6d:8c:32:c7:35:32:a7:80:62:de:
         d4:65:81:16:29:f0:24:f4:14:13:85:94:a2:e3:59:b4:8b:a6:
         61:19:7f:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+ElTiK0YC9BSc3oNGdziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTU0OTE5OTMxYzY3YmQyNjUwZmM0ZTBjNzNjMmZiM2Uy
MjhkOTUwHhcNMjYwMzI5MTkwMDQzWhcNMjYwMzMwMTkwMDQzWjAzMTEwLwYDVQQD
EygwMGQ0NjQ3YTQ5MDZiODdhMTlkZjFmYmI0NTMxMjcxZjc0NGNiMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUDw/sWOUHV49YPp6yVoz/EphnRz
Oxv8i1Zpn2aLAIuYvj5N9WX/2zQaLVZuKGfYZhTSop9yExKaz1igMz2rBy3DD6yN
DQXb2CiuyzBHUbaWP8wVRxJnhOnPCKdqZHBinSJWzabORlVopmyh3ckHJywOzHGo
85v9yiAYZXqyoIPg6BEkd4NGn4KHJXU2hzGcWckYPwrrlRszc0Ps2GgY3i+lAHmM
yC5vlgjpY+LcKAKE+CF0Rd4ytQFD0ej1u3sW9TXS4bn8JFdCkUPmG3RmnRfj2TCU
s0je2TpLStqrfyvZxHgnNNRgOuf+PPd33vnkyArtCaxHEq3RWyM3egmRnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADUZHpJBrh6Gd8fu0UxJx90TLNrMB8GA1UdIwQY
MBaAFP9VSRmTHGe9JlD8Tgxzwvs+Io2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMt
MjkwYWE0MzE4Y2FhLzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMtMjkwYWE0MzE4Y2Fh
LzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO79vtFTv
sCS21K9Xag1BVLSVo0XdWNsiy2ZrUdcYS+u/Bmi7BEpjTkiRgs3VYMJIkyKDO1dX
XN4XqFIXL0kpzLBz0psdFg5/TQ6SisfAkpzi4rrA+PkY9xDvI/3fQYC1rDCRSTwx
G1MB8ZWmfq8HxceAONxJ6SVbzcR7Asd8MaCa1WvZYqkjc2PrDDih6Akk2lX+DTJP
7ekBy/KtiykMf6K/7CAsX+BOFLEcHlwVWIJDie2Jg1jXopWmnI7DN2WLWjCpm3ny
CjctPCFw50C3JuI08JYRBEDq+FH0o2RQi/BtjDLHNTKngGLe1GWBFinwJPQUE4WU
ouNZtIumYRl/+g==
-----END CERTIFICATE-----