Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          i8n0PHoRI4O4GEyf5WOY0GiYdI5KF5ivUpWEhiqUYV0=
Subject key identifier:   57:1D:04:B2:AC:4D:2B:0E:BD:FA:DE:D9:22:93:83:F5:4C:68:BB:5E
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019D3909D95233A3A7B20D3AFD2ED993DC8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 10:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:39 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: 71lR3yyKaZUg+V/ygkSx/xebqpccE6hDrBPQ+m/8u8o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:d9:52:33:a3:a7:b2:0d:3a:fd:2e:d9:93:dc:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Mar 29 10:00:39 2026 GMT
            Not After : Mar 30 10:00:39 2026 GMT
        Subject: CN=571d04b2ac4d2b0ebdfaded9229383f54c68bb5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:06:99:cf:5d:f7:bc:76:1a:6c:ca:77:f7:e9:
                    23:d5:46:82:75:10:8a:b7:47:aa:9a:ca:bf:13:07:
                    87:a8:73:8b:b9:4e:f2:85:15:1b:23:fd:e2:78:7b:
                    f6:64:ba:b8:90:7d:2c:dd:c8:47:50:6f:8d:60:fe:
                    86:b5:45:5e:bd:50:fa:d3:fd:be:6c:b2:3d:3d:46:
                    9f:a0:9b:2d:79:ae:86:a9:36:6d:f7:2f:4e:b7:c9:
                    7b:49:23:39:e7:91:38:a0:30:e6:18:8c:1f:51:06:
                    e1:47:e5:86:de:b3:75:0c:4b:8d:b5:e5:0e:ca:39:
                    c2:5a:da:a3:b5:98:23:71:b8:1b:9a:a3:aa:08:62:
                    bc:ce:8c:24:98:57:b6:98:be:5f:94:bc:84:95:5d:
                    e8:0a:af:8c:97:0e:f9:a2:3c:1d:08:09:24:24:38:
                    9d:55:82:23:44:95:db:a9:ab:36:24:94:c7:9e:73:
                    92:98:65:42:95:aa:36:ec:ee:6a:c8:82:9a:78:25:
                    04:40:23:25:68:3d:6e:64:54:73:83:e3:5d:6a:a7:
                    78:4a:4f:88:b9:92:33:d2:ac:ab:bf:a6:b1:cf:28:
                    f9:73:35:8e:03:65:99:ad:b1:90:62:0b:67:c9:ca:
                    de:85:40:c7:2c:be:72:8c:b2:4f:3d:f5:bf:e5:ae:
                    7f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:1D:04:B2:AC:4D:2B:0E:BD:FA:DE:D9:22:93:83:F5:4C:68:BB:5E
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:aa:07:f5:29:0e:a4:15:fc:c2:c0:47:d9:56:9d:0c:67:3d:
         8f:40:e7:90:bf:83:23:30:79:9d:3a:c1:33:cd:13:b6:b5:77:
         bc:65:f4:94:48:64:d5:2b:56:46:1b:0d:20:c0:b4:5b:9d:63:
         de:1d:4c:8f:a3:62:9f:32:7e:f5:a1:87:b9:13:0c:09:39:ed:
         72:1f:e4:f5:46:3d:84:ea:66:5a:09:49:3e:76:a1:8d:b7:5c:
         bd:1f:02:c9:47:8d:7c:06:55:9c:71:c9:08:34:cf:42:a3:c5:
         6a:51:e7:86:54:c5:02:bb:e9:d3:4f:02:92:8c:28:10:6a:5f:
         45:87:0e:7e:d7:3d:a6:1c:ba:42:7f:02:73:84:c4:82:63:69:
         64:d9:98:d6:e7:53:65:2a:cf:25:da:b8:4f:6f:0c:a4:58:b4:
         41:08:e4:50:55:3b:97:46:ee:87:2b:eb:2b:cb:33:b8:b7:9b:
         1b:e2:cf:e9:27:b4:b9:08:01:31:bf:ed:91:fc:0e:8a:23:8c:
         cf:c9:65:db:93:e0:ff:c5:ac:da:b2:36:6f:bc:a1:4d:62:a7:
         f3:70:8f:c3:e6:07:56:bb:db:ef:6b:f2:88:cc:79:dd:ab:37:
         69:f8:c8:59:cd:e8:0e:14:77:66:5d:07:2a:61:41:01:d8:bf:
         11:52:79:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CdlSM6Onsg06/S7Zk9yNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjYwMzI5MTAwMDM5WhcNMjYwMzMwMTAwMDM5WjAzMTEwLwYDVQQD
Eyg1NzFkMDRiMmFjNGQyYjBlYmRmYWRlZDkyMjkzODNmNTRjNjhiYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAaZz133vHYabMp39+kj1UaCdRCK
t0eqmsq/EweHqHOLuU7yhRUbI/3ieHv2ZLq4kH0s3chHUG+NYP6GtUVevVD60/2+
bLI9PUafoJstea6GqTZt9y9Ot8l7SSM555E4oDDmGIwfUQbhR+WG3rN1DEuNteUO
yjnCWtqjtZgjcbgbmqOqCGK8zowkmFe2mL5flLyElV3oCq+Mlw75ojwdCAkkJDid
VYIjRJXbqas2JJTHnnOSmGVClao27O5qyIKaeCUEQCMlaD1uZFRzg+Ndaqd4Sk+I
uZIz0qyrv6axzyj5czWOA2WZrbGQYgtnycrehUDHLL5yjLJPPfW/5a5/DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFcdBLKsTSsOvfre2SKTg/VMaLteMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArKoH9SkO
pBX8wsBH2VadDGc9j0DnkL+DIzB5nTrBM80TtrV3vGX0lEhk1StWRhsNIMC0W51j
3h1Mj6NinzJ+9aGHuRMMCTntch/k9UY9hOpmWglJPnahjbdcvR8CyUeNfAZVnHHJ
CDTPQqPFalHnhlTFArvp008CkowoEGpfRYcOftc9phy6Qn8Cc4TEgmNpZNmY1udT
ZSrPJdq4T28MpFi0QQjkUFU7l0buhyvrK8szuLebG+LP6Se0uQgBMb/tkfwOiiOM
z8ll25Pg/8Ws2rI2b7yhTWKn83CPw+YHVrvb72vyiMx53as3afjIWc3oDhR3Zl0H
KmFBAdi/EVJ5EA==
-----END CERTIFICATE-----