Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
File:                     y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft (raw, json)
Hash identifier:          7JOhDKyd8KOfiBdMp0wr8nruR+LpnJcuZsB/FoXzLnc=
Subject key identifier:   F1:A3:03:7A:CA:8F:0F:68:04:F5:BB:9D:CD:C9:EF:46:70:91:76:53
Authority key identifier: CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42
Certificate issuer:       /CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
Certificate serial:       019D3A542C0970D275F0936AD6ABEAE0B668
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 16:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:27 +0000
Files and hashes:         1: y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl (hash: tLZfhFwX2R+ov1VhAyqYDemFgcnxFOKiCwWlMBWKFbo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:2c:09:70:d2:75:f0:93:6a:d6:ab:ea:e0:b6:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbc2ebda3ab08510ebe9a10e60be23160228a942
        Validity
            Not Before: Mar 29 16:01:27 2026 GMT
            Not After : Mar 30 16:01:27 2026 GMT
        Subject: CN=f1a3037aca8f0f6804f5bb9dcdc9ef4670917653
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:19:78:80:a4:92:99:21:7e:84:aa:34:b7:39:
                    b2:ef:13:0a:ab:c6:67:9f:2e:38:f1:59:3e:e0:49:
                    20:f8:5f:33:85:5f:1e:c9:be:2c:8b:d9:78:6d:f4:
                    8a:1e:4c:05:54:fd:32:91:f9:6e:34:49:82:6d:42:
                    66:02:f9:31:89:06:11:4c:cb:b7:42:49:dd:5d:28:
                    a3:71:f6:1c:ce:3c:8b:94:39:03:ba:a7:bf:65:8d:
                    23:a6:91:c0:2a:95:14:13:d7:97:32:54:99:69:4d:
                    f0:32:55:39:6d:75:0d:6e:95:ce:e5:c4:ab:60:dc:
                    0a:3a:6e:ed:ec:b6:44:d4:ca:f9:96:a7:7b:3d:13:
                    8f:58:ca:c4:c8:57:9b:93:af:2f:42:32:6e:1a:d8:
                    5c:81:dc:4c:f0:52:01:8a:05:5c:ee:4d:9c:0e:e3:
                    f9:1f:e5:04:fc:c0:ad:46:0e:73:3f:46:b9:0f:62:
                    49:76:92:1f:65:1e:93:76:a4:f0:01:62:24:9a:5b:
                    16:29:fa:56:1b:ff:1f:8b:3f:7a:45:5a:bd:ba:1c:
                    64:5c:69:a3:28:53:d0:16:47:1d:3c:cb:7b:6a:21:
                    8b:82:99:1f:4e:ac:92:ac:16:b2:82:92:24:97:e2:
                    d5:9d:6f:00:2c:b7:41:8c:89:e0:67:2c:88:91:48:
                    eb:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:A3:03:7A:CA:8F:0F:68:04:F5:BB:9D:CD:C9:EF:46:70:91:76:53
            X509v3 Authority Key Identifier:
                keyid:CB:C2:EB:DA:3A:B0:85:10:EB:E9:A1:0E:60:BE:23:16:02:28:A9:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/814dd0-09e1-4273-873a-7463815a3f4e/1/y8Lr2jqwhRDr6aEOYL4jFgIoqUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:5f:a0:ed:f9:b4:1d:ce:13:eb:e2:86:22:49:2b:15:46:0e:
         4e:56:5e:22:06:90:98:17:90:42:04:78:c8:c2:4c:75:4f:cf:
         a0:d6:6b:44:2b:d4:b2:08:94:89:b4:23:01:61:c8:ca:8c:e2:
         88:38:53:41:41:08:b7:70:e4:52:00:2d:69:d7:be:b0:73:d9:
         80:98:2f:f3:39:d5:c8:73:d8:e3:16:0e:6e:92:46:e3:a6:cc:
         8f:dd:50:9b:89:97:55:a5:ce:6d:39:8b:ba:8a:07:c4:61:70:
         a0:ea:11:02:54:ff:6f:99:91:5c:ff:2a:93:00:1a:99:19:4d:
         7e:f9:aa:12:8c:7a:dd:ca:71:e3:1d:c3:42:be:95:56:88:96:
         56:a2:11:1d:55:8c:34:60:87:d3:ef:ce:28:30:40:87:36:6a:
         1f:62:22:67:3b:ad:e2:be:02:e4:3f:f3:07:9d:34:d1:2c:80:
         c5:69:e4:8d:e8:ca:44:ce:69:ba:06:35:13:c8:06:78:28:42:
         4e:cb:82:f6:b4:35:5b:1b:12:f4:e2:bf:1a:80:1e:9c:35:00:
         9e:09:1f:c7:30:b7:33:9a:a9:33:54:e7:b1:16:b5:d1:39:52:
         3d:0c:62:e6:39:b0:5f:d2:01:0a:40:e4:26:ed:f1:fd:a4:b2:
         48:0b:f0:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VCwJcNJ18JNq1qvq4LZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYzJlYmRhM2FiMDg1MTBlYmU5YTEwZTYwYmUyMzE2MDIy
OGE5NDIwHhcNMjYwMzI5MTYwMTI3WhcNMjYwMzMwMTYwMTI3WjAzMTEwLwYDVQQD
EyhmMWEzMDM3YWNhOGYwZjY4MDRmNWJiOWRjZGM5ZWY0NjcwOTE3NjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bl4gKSSmSF+hKo0tzmy7xMKq8Zn
ny448Vk+4Ekg+F8zhV8eyb4si9l4bfSKHkwFVP0ykfluNEmCbUJmAvkxiQYRTMu3
QkndXSijcfYczjyLlDkDuqe/ZY0jppHAKpUUE9eXMlSZaU3wMlU5bXUNbpXO5cSr
YNwKOm7t7LZE1Mr5lqd7PROPWMrEyFebk68vQjJuGthcgdxM8FIBigVc7k2cDuP5
H+UE/MCtRg5zP0a5D2JJdpIfZR6TdqTwAWIkmlsWKfpWG/8fiz96RVq9uhxkXGmj
KFPQFkcdPMt7aiGLgpkfTqySrBaygpIkl+LVnW8ALLdBjIngZyyIkUjrdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPGjA3rKjw9oBPW7nc3J70ZwkXZTMB8GA1UdIwQY
MBaAFMvC69o6sIUQ6+mhDmC+IxYCKKlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2Et
NzQ2MzgxNWEzZjRlLzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84MTRkZDAtMDllMS00MjczLTg3M2EtNzQ2MzgxNWEzZjRl
LzEveThMcjJqcXdoUkRyNmFFT1lMNGpGZ0lvcVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgV+g7fm0
Hc4T6+KGIkkrFUYOTlZeIgaQmBeQQgR4yMJMdU/PoNZrRCvUsgiUibQjAWHIyozi
iDhTQUEIt3DkUgAtade+sHPZgJgv8znVyHPY4xYObpJG46bMj91Qm4mXVaXObTmL
uooHxGFwoOoRAlT/b5mRXP8qkwAamRlNfvmqEox63cpx4x3DQr6VVoiWVqIRHVWM
NGCH0+/OKDBAhzZqH2IiZzut4r4C5D/zB5000SyAxWnkjejKRM5pugY1E8gGeChC
TsuC9rQ1WxsS9OK/GoAenDUAngkfxzC3M5qpM1TnsRa10TlSPQxi5jmwX9IBCkDk
Ju3x/aSySAvwPA==
-----END CERTIFICATE-----