Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          tRQzmgPJEjRqHPQiHCe68wdPfg/clY8zwRnxhUhzU6I=
Subject key identifier:   21:7B:4B:66:E2:A2:34:8F:FA:53:D1:3B:24:3B:BF:CF:0B:EE:52:56
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       019D38D3B6D3B1ED6D5E8109C11C983D9D66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:01:32 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:32 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:32 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: kFvxteL4NOrJyksdNF89o5W6zoCusHHtDPYcX2Ehpic=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:b6:d3:b1:ed:6d:5e:81:09:c1:1c:98:3d:9d:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: Mar 29 09:01:32 2026 GMT
            Not After : Mar 30 09:01:32 2026 GMT
        Subject: CN=217b4b66e2a2348ffa53d13b243bbfcf0bee5256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f5:be:8e:d8:e8:f5:1e:f0:68:a9:50:3a:5c:
                    c1:5c:44:e7:8a:26:7b:63:6f:c0:94:1a:f7:37:95:
                    1b:bf:ef:c6:f4:d2:94:f6:df:8b:62:6c:f0:3f:40:
                    10:cf:76:9f:9c:68:91:32:61:24:d7:99:22:04:df:
                    93:59:3f:c2:8e:5a:4a:5d:37:11:23:b4:40:08:ae:
                    ea:c0:34:97:a4:ca:7d:df:9c:f3:68:9b:5e:6c:9c:
                    d4:80:61:8c:ea:fb:7e:74:e3:b5:bc:ef:2e:ff:7d:
                    c0:85:83:22:da:56:77:8b:3c:12:89:03:a8:b9:3c:
                    63:44:ad:38:ad:8e:59:0b:b1:ab:65:13:01:df:d9:
                    81:dd:7e:08:22:37:46:17:27:75:2b:a4:d0:9d:53:
                    98:fb:a2:41:13:a5:a8:14:3c:bb:d7:87:dc:82:93:
                    c9:47:fc:e8:2c:e3:39:68:58:18:77:8c:84:cb:71:
                    34:93:4c:20:dd:1d:a0:79:2b:36:90:a9:02:05:cb:
                    7e:df:ca:76:58:00:38:69:c6:37:f5:b5:7f:46:11:
                    d3:ac:bd:48:08:28:02:a9:11:46:18:63:99:f5:cc:
                    4b:6a:93:22:10:9a:35:cd:bc:32:49:f0:57:4b:60:
                    bf:5a:6c:e8:8b:5a:d1:d9:6c:d8:82:2a:b0:a9:dd:
                    0a:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:7B:4B:66:E2:A2:34:8F:FA:53:D1:3B:24:3B:BF:CF:0B:EE:52:56
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:66:f4:8d:47:ec:68:45:6d:c7:90:b4:16:e8:25:61:b6:6b:
         c3:c1:91:6a:a3:8a:bc:6f:de:46:82:d0:16:62:27:6a:dd:23:
         52:e1:2c:d5:07:03:c7:b3:02:9f:fc:ec:0b:89:44:28:34:d9:
         a6:7e:e8:64:e4:3f:22:d9:0c:98:66:54:94:59:a9:de:95:80:
         cf:67:0c:d8:7c:6b:3d:07:48:0e:30:f8:f2:0b:cd:63:8b:84:
         b8:71:b6:b5:f6:c5:d1:3d:0f:09:6f:f5:58:1e:f4:b6:1b:b3:
         cf:51:14:20:ce:25:e4:9d:45:74:8c:55:fe:fe:01:e9:36:d1:
         2f:d9:67:d0:fb:8a:90:7e:c4:26:50:7c:63:62:ea:4b:f1:58:
         93:99:92:f0:c8:1a:ae:72:9f:14:63:e5:9c:84:1e:f1:81:23:
         35:ad:76:8e:2f:3d:77:43:25:10:60:06:c3:67:5b:59:c2:ba:
         f6:90:b8:04:c8:89:ca:a4:dd:ea:83:dc:8d:58:cd:d5:37:e9:
         2b:f6:9d:14:31:c7:4a:e1:cf:3b:d7:de:ed:7a:29:11:45:39:
         65:85:40:f7:bc:8d:aa:45:61:aa:c5:91:df:dc:d2:ed:16:d1:
         78:26:6f:c6:ad:41:ab:27:00:ad:b8:7f:b8:b1:f2:63:a3:9b:
         f0:53:42:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407bTse1tXoEJwRyYPZ1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjYwMzI5MDkwMTMyWhcNMjYwMzMwMDkwMTMyWjAzMTEwLwYDVQQD
EygyMTdiNGI2NmUyYTIzNDhmZmE1M2QxM2IyNDNiYmZjZjBiZWU1MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvW+jtjo9R7waKlQOlzBXETniiZ7
Y2/AlBr3N5Ubv+/G9NKU9t+LYmzwP0AQz3afnGiRMmEk15kiBN+TWT/CjlpKXTcR
I7RACK7qwDSXpMp935zzaJtebJzUgGGM6vt+dOO1vO8u/33AhYMi2lZ3izwSiQOo
uTxjRK04rY5ZC7GrZRMB39mB3X4IIjdGFyd1K6TQnVOY+6JBE6WoFDy714fcgpPJ
R/zoLOM5aFgYd4yEy3E0k0wg3R2geSs2kKkCBct+38p2WAA4acY39bV/RhHTrL1I
CCgCqRFGGGOZ9cxLapMiEJo1zbwySfBXS2C/Wmzoi1rR2WzYgiqwqd0KVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF7S2biojSP+lPROyQ7v88L7lJWMB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYmb0jUfs
aEVtx5C0FuglYbZrw8GRaqOKvG/eRoLQFmInat0jUuEs1QcDx7MCn/zsC4lEKDTZ
pn7oZOQ/ItkMmGZUlFmp3pWAz2cM2HxrPQdIDjD48gvNY4uEuHG2tfbF0T0PCW/1
WB70thuzz1EUIM4l5J1FdIxV/v4B6TbRL9ln0PuKkH7EJlB8Y2LqS/FYk5mS8Mga
rnKfFGPlnIQe8YEjNa12ji89d0MlEGAGw2dbWcK69pC4BMiJyqTd6oPcjVjN1Tfp
K/adFDHHSuHPO9fe7XopEUU5ZYVA97yNqkVhqsWR39zS7RbReCZvxq1BqycArbh/
uLHyY6Ob8FNC1Q==
-----END CERTIFICATE-----