Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
File:                     apc35u85FOD8zAaQI76XGYuRN5E.mft (raw, json)
Hash identifier:          OYWbhehO5ZnCz/i/4Pny3X5Mwuo98tBD3zgyZZDavrQ=
Subject key identifier:   87:03:A7:A1:11:D9:9C:DD:89:39:1F:FA:49:0A:36:DC:D1:C2:C4:76
Authority key identifier: 6A:97:37:E6:EF:39:14:E0:FC:CC:06:90:23:BE:97:19:8B:91:37:91
Certificate issuer:       /CN=6a9737e6ef3914e0fccc069023be97198b913791
Certificate serial:       019D3865D001BBC3D75463D8A6435B08FC3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:29 +0000
Files and hashes:         1: apc35u85FOD8zAaQI76XGYuRN5E.crl (hash: znVJll2Iy1BQxvYWLmymvXI2y7T565LziLBZMzmzJnw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:d0:01:bb:c3:d7:54:63:d8:a6:43:5b:08:fc:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a9737e6ef3914e0fccc069023be97198b913791
        Validity
            Not Before: Mar 29 07:01:29 2026 GMT
            Not After : Mar 30 07:01:29 2026 GMT
        Subject: CN=8703a7a111d99cdd89391ffa490a36dcd1c2c476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:89:1a:fe:d8:3d:6d:5c:51:41:4c:a3:28:11:
                    82:2b:13:cf:9c:c9:37:98:29:30:1a:c5:da:96:41:
                    6c:f6:1b:73:86:c5:b0:4e:b6:f0:89:7c:5b:62:ca:
                    05:ac:b9:46:3a:f8:91:e6:6a:2a:02:11:5f:a9:87:
                    7b:b6:07:6c:5d:55:69:88:41:42:b9:30:46:a8:c8:
                    c4:a5:52:0d:9a:a8:72:71:c5:d4:1a:fc:c2:e9:84:
                    03:5a:95:24:96:dd:bd:79:44:2f:7b:9d:4d:4c:e4:
                    dd:1c:2d:db:90:18:ec:bf:a9:72:c1:4d:7b:c3:41:
                    63:a4:17:ed:fa:28:fc:42:1d:8c:b7:27:a9:89:c7:
                    9a:e1:51:a9:d7:38:76:0c:35:dc:78:94:07:48:93:
                    d9:8a:c3:cf:12:98:08:07:93:03:5b:0f:12:d0:3a:
                    f6:b9:16:20:6f:e1:8b:3b:5e:fd:72:32:3c:fb:11:
                    3a:d9:24:fa:6a:dd:dd:f5:49:67:f2:d2:44:43:13:
                    d7:8f:ef:9e:54:ee:f8:a6:46:72:43:f0:00:90:60:
                    92:90:a9:41:76:cb:cd:83:c5:89:c0:f9:18:8e:dc:
                    91:e7:5f:cd:11:72:c0:71:40:e7:16:ae:ca:5e:af:
                    c5:14:33:79:38:c9:bc:ca:22:5a:eb:e9:16:53:53:
                    1e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:03:A7:A1:11:D9:9C:DD:89:39:1F:FA:49:0A:36:DC:D1:C2:C4:76
            X509v3 Authority Key Identifier:
                keyid:6A:97:37:E6:EF:39:14:E0:FC:CC:06:90:23:BE:97:19:8B:91:37:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:6b:7e:ca:93:74:34:59:c8:10:b6:43:51:51:cd:0c:fa:e6:
         54:3e:fc:7c:95:c9:8d:a7:4a:53:c5:e6:41:f2:6b:fe:b2:9c:
         5e:4f:e1:6e:33:eb:21:09:b2:80:3a:52:12:97:f8:b4:29:ff:
         08:a0:4e:7b:95:d9:36:9a:df:f5:c0:b0:b2:29:36:6a:14:27:
         aa:cb:41:f3:d6:e2:83:8c:9e:92:93:55:bc:27:2c:06:f8:b3:
         b2:dd:ba:60:9a:92:b8:bb:48:0f:52:19:74:10:1f:18:e3:22:
         3a:82:25:ae:67:59:7f:55:ec:5b:73:4d:f6:af:09:4d:81:cf:
         f9:2b:bf:0a:0d:b5:61:a2:52:39:7e:0e:8d:87:a8:5c:52:2e:
         88:2d:2e:e4:e9:b2:b5:0c:59:9b:e0:3a:29:87:e1:78:85:45:
         7b:eb:38:92:58:85:1b:18:b7:4d:29:3d:63:86:a6:ee:36:89:
         69:92:53:fa:ed:d9:1f:7f:42:50:f0:20:a8:f6:25:0f:ce:71:
         14:17:4e:df:c1:93:f5:b1:4e:02:81:df:66:fb:c2:9f:ef:a1:
         0b:2b:1b:39:0b:a7:1b:c3:fc:95:25:55:7e:8a:0b:3a:75:54:
         76:f1:72:23:bc:07:09:cd:6e:83:27:49:b5:cf:c2:ae:2b:17:
         0b:11:ca:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdABu8PXVGPYpkNbCPw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOTczN2U2ZWYzOTE0ZTBmY2NjMDY5MDIzYmU5NzE5OGI5
MTM3OTEwHhcNMjYwMzI5MDcwMTI5WhcNMjYwMzMwMDcwMTI5WjAzMTEwLwYDVQQD
Eyg4NzAzYTdhMTExZDk5Y2RkODkzOTFmZmE0OTBhMzZkY2QxYzJjNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4ka/tg9bVxRQUyjKBGCKxPPnMk3
mCkwGsXalkFs9htzhsWwTrbwiXxbYsoFrLlGOviR5moqAhFfqYd7tgdsXVVpiEFC
uTBGqMjEpVINmqhyccXUGvzC6YQDWpUklt29eUQve51NTOTdHC3bkBjsv6lywU17
w0FjpBft+ij8Qh2Mtyepicea4VGp1zh2DDXceJQHSJPZisPPEpgIB5MDWw8S0Dr2
uRYgb+GLO179cjI8+xE62ST6at3d9Uln8tJEQxPXj++eVO74pkZyQ/AAkGCSkKlB
dsvNg8WJwPkYjtyR51/NEXLAcUDnFq7KXq/FFDN5OMm8yiJa6+kWU1MeYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcDp6ER2ZzdiTkf+kkKNtzRwsR2MB8GA1UdIwQY
MBaAFGqXN+bvORTg/MwGkCO+lxmLkTeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84NDM4ZjUtNmM5Yy00NzAzLTlmZTIt
MDE1ZmRlNDVkMGVhLzEvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84NDM4ZjUtNmM5Yy00NzAzLTlmZTItMDE1ZmRlNDVkMGVh
LzEvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGt+ypN0
NFnIELZDUVHNDPrmVD78fJXJjadKU8XmQfJr/rKcXk/hbjPrIQmygDpSEpf4tCn/
CKBOe5XZNprf9cCwsik2ahQnqstB89big4yekpNVvCcsBvizst26YJqSuLtID1IZ
dBAfGOMiOoIlrmdZf1XsW3NN9q8JTYHP+Su/Cg21YaJSOX4OjYeoXFIuiC0u5Omy
tQxZm+A6KYfheIVFe+s4kliFGxi3TSk9Y4am7jaJaZJT+u3ZH39CUPAgqPYlD85x
FBdO38GT9bFOAoHfZvvCn++hCysbOQunG8P8lSVVfooLOnVUdvFyI7wHCc1ugydJ
tc/CrisXCxHKmg==
-----END CERTIFICATE-----