Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
File:                     cRcdWnbTurk3KszJJz66ffHFnPI.mft (raw, json)
Hash identifier:          42oXpvhcaDFIoWq5Gyn6p1aq6Jz2JZbib1GRkodhY/4=
Subject key identifier:   78:2F:86:13:59:18:B0:E8:40:D9:DF:25:8A:9B:28:30:19:3A:CB:73
Authority key identifier: 71:17:1D:5A:76:D3:BA:B9:37:2A:CC:C9:27:3E:BA:7D:F1:C5:9C:F2
Certificate issuer:       /CN=71171d5a76d3bab9372accc9273eba7df1c59cf2
Certificate serial:       019D3A53BBEF0A41AF51BD9CABB5B6F5E40E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 16:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:59 +0000
Files and hashes:         1: cRcdWnbTurk3KszJJz66ffHFnPI.crl (hash: CC6f59pXJaHn+ISoqk2gtJljCDluGYv+/Y82wRyVIMM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:bb:ef:0a:41:af:51:bd:9c:ab:b5:b6:f5:e4:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71171d5a76d3bab9372accc9273eba7df1c59cf2
        Validity
            Not Before: Mar 29 16:00:59 2026 GMT
            Not After : Mar 30 16:00:59 2026 GMT
        Subject: CN=782f86135918b0e840d9df258a9b2830193acb73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:38:33:df:17:a4:37:bd:f6:b1:f6:05:53:d7:
                    27:d3:81:64:b2:30:ab:db:0e:2a:fe:fe:51:7c:83:
                    ea:0c:c9:43:78:29:d7:31:40:ab:cf:2c:39:73:9b:
                    1c:e6:20:ae:b2:11:e1:7d:39:73:d5:92:f3:83:31:
                    9e:54:0b:a6:c9:30:f2:0a:ae:a1:d8:d3:f7:a4:57:
                    3a:ed:e1:10:b7:dc:7f:f2:48:f6:a9:5e:66:54:0c:
                    a5:93:e1:2d:c9:74:cb:77:9e:21:73:47:08:99:5f:
                    45:0d:8e:7c:bf:93:e2:57:98:d3:11:c0:d3:fb:09:
                    7d:ba:e9:16:8e:cd:9d:a2:29:e8:6b:5f:89:f7:48:
                    cc:56:e8:09:d4:3a:66:38:06:cf:ad:cc:a4:e9:5d:
                    ec:a3:9b:80:7b:5a:f3:83:3a:71:6f:08:f5:b0:73:
                    db:32:37:84:66:97:5e:25:77:41:c7:bd:4d:74:95:
                    2f:e1:d4:76:56:c4:5a:4e:c9:2b:a4:6a:51:01:b8:
                    18:84:59:d5:22:49:39:9a:56:5f:19:e5:3f:68:8d:
                    91:ed:d1:12:72:ce:e8:7f:0e:b7:af:bd:f1:75:2f:
                    43:e3:ed:5c:9b:1b:23:89:eb:82:66:37:b9:95:da:
                    52:fa:a0:f1:62:b0:57:af:19:69:79:7a:ff:cd:c9:
                    b5:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:2F:86:13:59:18:B0:E8:40:D9:DF:25:8A:9B:28:30:19:3A:CB:73
            X509v3 Authority Key Identifier:
                keyid:71:17:1D:5A:76:D3:BA:B9:37:2A:CC:C9:27:3E:BA:7D:F1:C5:9C:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:61:39:a5:b2:a9:a2:8c:f8:48:27:05:a3:86:98:5c:d5:61:
         8d:ef:a5:4c:63:93:d5:45:23:f5:fd:e7:8a:5f:7f:3d:5c:c2:
         85:cc:7c:31:d5:e3:3a:4d:6c:10:1b:b1:be:69:bf:3d:bc:e3:
         91:e7:44:f8:e5:ae:b8:53:36:4d:49:29:a0:32:a5:aa:17:19:
         54:18:71:81:a7:bb:b5:17:2c:2c:2c:8a:13:02:14:fd:b8:9b:
         18:5e:c9:4f:72:10:e0:29:5d:05:ad:e6:0e:2b:ff:59:35:b8:
         e0:ab:81:04:f4:2f:0b:79:e8:91:24:3c:78:3d:eb:05:93:0a:
         7a:07:04:98:31:d0:a2:d9:9e:c7:c7:8b:2c:d6:f8:42:9b:d9:
         6b:f2:1e:6b:b1:65:97:5f:a3:e0:ff:01:63:c6:62:79:9e:30:
         b9:9f:7e:52:d1:f6:ee:54:ee:9e:db:84:f5:76:9c:2a:88:db:
         1d:cf:e1:18:60:60:cc:f0:8e:59:c5:41:5b:b6:36:13:7e:90:
         25:29:9b:e7:2d:56:8e:90:1e:c4:a2:a4:7c:41:46:ae:43:c7:
         b6:9b:0e:72:08:b2:b6:0f:4f:9b:a4:ba:9b:9b:45:e8:b2:c6:
         6d:cc:83:c0:4e:87:55:56:ff:1f:24:69:1c:b1:c3:13:0c:f1:
         20:63:81:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U7vvCkGvUb2cq7W29eQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMTcxZDVhNzZkM2JhYjkzNzJhY2NjOTI3M2ViYTdkZjFj
NTljZjIwHhcNMjYwMzI5MTYwMDU5WhcNMjYwMzMwMTYwMDU5WjAzMTEwLwYDVQQD
Eyg3ODJmODYxMzU5MThiMGU4NDBkOWRmMjU4YTliMjgzMDE5M2FjYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jgz3xekN732sfYFU9cn04FksjCr
2w4q/v5RfIPqDMlDeCnXMUCrzyw5c5sc5iCushHhfTlz1ZLzgzGeVAumyTDyCq6h
2NP3pFc67eEQt9x/8kj2qV5mVAylk+EtyXTLd54hc0cImV9FDY58v5PiV5jTEcDT
+wl9uukWjs2doinoa1+J90jMVugJ1DpmOAbPrcyk6V3so5uAe1rzgzpxbwj1sHPb
MjeEZpdeJXdBx71NdJUv4dR2VsRaTskrpGpRAbgYhFnVIkk5mlZfGeU/aI2R7dES
cs7ofw63r73xdS9D4+1cmxsjieuCZje5ldpS+qDxYrBXrxlpeXr/zcm1NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgvhhNZGLDoQNnfJYqbKDAZOstzMB8GA1UdIwQY
MBaAFHEXHVp207q5NyrMySc+un3xxZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZWU4YjktYzMwMC00NWViLTg5ZTEt
ODA2OTk1MjljY2ViLzEvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZWU4YjktYzMwMC00NWViLTg5ZTEtODA2OTk1MjljY2Vi
LzEvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbWE5pbKp
ooz4SCcFo4aYXNVhje+lTGOT1UUj9f3nil9/PVzChcx8MdXjOk1sEBuxvmm/Pbzj
kedE+OWuuFM2TUkpoDKlqhcZVBhxgae7tRcsLCyKEwIU/bibGF7JT3IQ4CldBa3m
Div/WTW44KuBBPQvC3nokSQ8eD3rBZMKegcEmDHQotmex8eLLNb4QpvZa/Iea7Fl
l1+j4P8BY8ZieZ4wuZ9+UtH27lTuntuE9XacKojbHc/hGGBgzPCOWcVBW7Y2E36Q
JSmb5y1WjpAexKKkfEFGrkPHtpsOcgiytg9Pm6S6m5tF6LLGbcyDwE6HVVb/HyRp
HLHDEwzxIGOB9Q==
-----END CERTIFICATE-----