Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
File:                     EDfew086MutlAvFmKoKiD4teohw.mft (raw, json)
Hash identifier:          5FZvzhhCo3rZWfjWfG4x9mc0jAUm+fwgkeY17kBryZo=
Subject key identifier:   FF:D2:1E:72:88:14:E0:EE:CF:2A:EB:A1:D0:F2:B0:62:BC:D7:EE:A6
Authority key identifier: 10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C
Certificate issuer:       /CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
Certificate serial:       019D38D3829B541BB4F50AB2014828EA53FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 09:01:18 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:18 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:18 +0000
Files and hashes:         1: EDfew086MutlAvFmKoKiD4teohw.crl (hash: Ex3C/zvTDT/Q8Va2C86iY0HTfQ3Qgt2+uiXKyFYOaks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 09:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:82:9b:54:1b:b4:f5:0a:b2:01:48:28:ea:53:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1037dec34f3a32eb6502f1662a82a20f8b5ea21c
        Validity
            Not Before: Mar 29 09:01:18 2026 GMT
            Not After : Mar 30 09:01:18 2026 GMT
        Subject: CN=ffd21e728814e0eecf2aeba1d0f2b062bcd7eea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0b:ea:cf:72:d1:43:a3:21:47:f3:af:96:b9:
                    98:e5:7f:fe:90:0b:d7:11:29:36:18:91:ea:47:c7:
                    5f:96:f0:f9:9c:00:13:78:92:58:ee:9c:6d:6f:b5:
                    af:9e:fb:0d:70:d0:cb:e7:7b:45:d0:0f:25:fd:11:
                    33:10:af:37:80:c5:e1:92:6a:ba:6a:f6:70:33:4a:
                    03:5c:a2:db:10:55:30:60:bb:f8:93:ce:3e:ac:26:
                    2d:4a:48:ac:30:25:c3:33:b9:1d:75:1d:9f:2e:7e:
                    0f:88:d0:3c:c5:f2:62:23:6e:76:16:40:3d:9a:be:
                    c0:cd:a6:92:15:67:de:55:3a:46:0c:ba:f6:5b:81:
                    8c:3b:5a:eb:c2:44:86:e1:31:6d:c2:4d:42:b2:3a:
                    7a:f5:28:43:74:00:1c:cf:43:1a:ce:f8:69:27:05:
                    52:0a:44:4f:c5:89:bc:ef:02:96:c1:a5:3c:17:67:
                    32:1d:23:e3:56:76:a4:23:4c:13:11:5e:33:78:0b:
                    7e:2a:27:08:08:55:4e:25:49:b7:3f:02:69:6b:55:
                    3a:17:53:ed:11:0d:1c:09:ae:6f:b3:fc:f8:68:15:
                    31:76:85:d6:eb:a7:e3:1c:5c:2c:20:25:be:4f:63:
                    81:4d:c7:fa:67:9b:63:77:47:99:9a:c4:eb:7d:ef:
                    27:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:D2:1E:72:88:14:E0:EE:CF:2A:EB:A1:D0:F2:B0:62:BC:D7:EE:A6
            X509v3 Authority Key Identifier:
                keyid:10:37:DE:C3:4F:3A:32:EB:65:02:F1:66:2A:82:A2:0F:8B:5E:A2:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EDfew086MutlAvFmKoKiD4teohw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b680af-d5ab-4b2f-a837-0d41a64e90ec/1/EDfew086MutlAvFmKoKiD4teohw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:36:52:01:0c:83:9a:3d:0a:fd:62:8a:15:e6:66:26:3f:00:
         55:6e:3b:80:ab:6e:5c:1b:b8:03:e5:88:0e:b1:c6:3a:01:ef:
         6f:d1:e2:de:84:47:bd:19:7c:51:1b:1c:27:ee:44:63:ec:fc:
         d9:cb:2d:0c:ae:c4:9c:15:72:79:bd:37:64:42:c5:aa:43:91:
         3f:b6:83:23:3e:06:b0:2d:02:d2:cc:13:b7:c8:bb:10:5a:39:
         cc:0a:3b:93:2e:f0:f1:b6:d9:28:ad:15:9e:e6:9b:68:b2:d1:
         33:14:b6:40:85:2b:d7:6b:09:a6:cb:bd:d9:e1:6e:2b:68:4b:
         9b:4d:42:a5:39:1a:05:f3:fd:22:ae:8d:68:33:98:0c:c4:9b:
         85:03:68:90:ff:17:ac:0c:40:5a:1d:36:a4:b7:0f:62:7b:0f:
         98:4b:95:40:06:ac:ea:61:d8:42:63:a2:94:30:f7:ac:98:2c:
         dd:16:da:d9:5d:e1:0d:6c:3b:0d:e6:c2:f4:70:39:00:41:d3:
         33:2b:8e:a6:b4:f6:87:52:91:12:75:57:5e:63:0d:d4:6c:a6:
         6c:ab:a7:53:5c:ea:2f:8b:ff:3f:35:97:20:73:09:5b:ec:88:
         ca:ed:ca:c8:c2:62:5f:99:92:93:78:3e:43:80:58:16:86:99:
         38:62:67:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404KbVBu09QqyAUgo6lP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMzdkZWMzNGYzYTMyZWI2NTAyZjE2NjJhODJhMjBmOGI1
ZWEyMWMwHhcNMjYwMzI5MDkwMTE4WhcNMjYwMzMwMDkwMTE4WjAzMTEwLwYDVQQD
EyhmZmQyMWU3Mjg4MTRlMGVlY2YyYWViYTFkMGYyYjA2MmJjZDdlZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwvqz3LRQ6MhR/OvlrmY5X/+kAvX
ESk2GJHqR8dflvD5nAATeJJY7pxtb7WvnvsNcNDL53tF0A8l/REzEK83gMXhkmq6
avZwM0oDXKLbEFUwYLv4k84+rCYtSkisMCXDM7kddR2fLn4PiNA8xfJiI252FkA9
mr7AzaaSFWfeVTpGDLr2W4GMO1rrwkSG4TFtwk1Csjp69ShDdAAcz0MazvhpJwVS
CkRPxYm87wKWwaU8F2cyHSPjVnakI0wTEV4zeAt+KicICFVOJUm3PwJpa1U6F1Pt
EQ0cCa5vs/z4aBUxdoXW66fjHFwsICW+T2OBTcf6Z5tjd0eZmsTrfe8nKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP/SHnKIFODuzyrrodDysGK81+6mMB8GA1UdIwQY
MBaAFBA33sNPOjLrZQLxZiqCog+LXqIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4Mzct
MGQ0MWE2NGU5MGVjLzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iNjgwYWYtZDVhYi00YjJmLWE4MzctMGQ0MWE2NGU5MGVj
LzEvRURmZXcwODZNdXRsQXZGbUtvS2lENHRlb2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHzZSAQyD
mj0K/WKKFeZmJj8AVW47gKtuXBu4A+WIDrHGOgHvb9Hi3oRHvRl8URscJ+5EY+z8
2cstDK7EnBVyeb03ZELFqkORP7aDIz4GsC0C0swTt8i7EFo5zAo7ky7w8bbZKK0V
nuabaLLRMxS2QIUr12sJpsu92eFuK2hLm01CpTkaBfP9Iq6NaDOYDMSbhQNokP8X
rAxAWh02pLcPYnsPmEuVQAas6mHYQmOilDD3rJgs3Rba2V3hDWw7DebC9HA5AEHT
MyuOprT2h1KREnVXXmMN1GymbKunU1zqL4v/PzWXIHMJW+yIyu3KyMJiX5mSk3g+
Q4BYFoaZOGJn9g==
-----END CERTIFICATE-----