Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
File:                     cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft (raw, json)
Hash identifier:          /CZJ1l5OVpFr7cMzBjTH2J36R/OefvgJgBuvgVUfqH8=
Subject key identifier:   8E:60:71:33:56:82:6B:01:08:0D:1A:7A:E8:26:04:8B:CB:D2:F1:8E
Authority key identifier: 72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6
Certificate issuer:       /CN=726f9448a910d2574157a30403f46c1172aeedb6
Certificate serial:       019D37C00D03EA8622AEEE9D132C09725A43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 04:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:26 +0000
Files and hashes:         1: cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl (hash: A4VXqcsYnZ0kXN3PyVTxeigy1f3dCsiCEfXFiE4e1GM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:0d:03:ea:86:22:ae:ee:9d:13:2c:09:72:5a:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=726f9448a910d2574157a30403f46c1172aeedb6
        Validity
            Not Before: Mar 29 04:00:26 2026 GMT
            Not After : Mar 30 04:00:26 2026 GMT
        Subject: CN=8e60713356826b01080d1a7ae826048bcbd2f18e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:83:e5:2a:7a:f4:58:b0:33:9d:20:d1:ef:7d:
                    a4:39:d8:e4:dc:dc:2f:90:f0:64:f7:6e:9b:ec:5a:
                    91:8b:12:d0:ee:89:24:3c:b6:51:1f:1f:aa:4b:b7:
                    f4:2e:77:42:1d:b7:4a:9e:51:eb:a5:94:02:80:5b:
                    a8:3d:62:f9:06:2b:c9:4b:c7:95:87:a1:ad:96:50:
                    2e:f3:0f:da:ee:95:a2:a9:57:87:fb:11:71:a7:77:
                    f7:1d:f0:04:4a:c4:99:ce:8d:7d:e7:e0:0f:3b:e1:
                    3d:d3:05:a5:ca:9e:58:48:0f:6b:58:2e:54:d2:14:
                    5a:52:44:3f:6f:75:9d:93:82:74:2d:51:1d:8b:15:
                    18:b1:ff:24:63:60:11:a0:89:5c:47:41:6d:52:bd:
                    ae:e7:69:cd:ff:10:f0:b3:34:62:48:5b:0e:00:c0:
                    11:c9:47:07:e3:b9:81:5e:0d:50:f5:72:86:06:66:
                    8a:f7:2a:c7:a0:54:f9:ac:06:90:bb:93:1e:13:28:
                    28:84:09:82:1c:8a:64:ca:ec:3f:81:a6:ee:7a:f1:
                    da:af:51:c6:56:d9:d0:58:d3:f3:21:5c:61:31:44:
                    53:60:43:1f:03:62:ba:bd:26:45:6c:9a:73:8d:8e:
                    25:71:09:79:32:e0:74:ea:ef:2c:5c:c8:b2:2a:7c:
                    8f:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:60:71:33:56:82:6B:01:08:0D:1A:7A:E8:26:04:8B:CB:D2:F1:8E
            X509v3 Authority Key Identifier:
                keyid:72:6F:94:48:A9:10:D2:57:41:57:A3:04:03:F4:6C:11:72:AE:ED:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cm-USKkQ0ldBV6MEA_RsEXKu7bY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/e7e36e-a323-4f47-a776-66b141194fd2/1/cm-USKkQ0ldBV6MEA_RsEXKu7bY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:86:f6:15:ab:e6:c0:7e:e5:63:76:db:3a:1c:03:a7:bf:d4:
         7f:52:8c:84:c4:b0:db:5a:2d:31:0d:63:11:cd:49:40:dd:8e:
         cb:56:73:87:48:bd:75:ff:bd:dd:d3:de:69:ec:42:6a:1c:15:
         c2:41:44:d1:16:88:82:8c:0d:53:f3:ef:6c:e5:0f:e2:ac:96:
         7a:5d:81:ac:27:83:53:20:c0:76:99:b4:30:22:2e:b1:a5:2d:
         c2:e9:74:b9:0c:d9:f4:44:df:5b:7b:f7:ed:22:58:72:20:95:
         1e:63:22:8f:c6:a2:f1:a4:15:2a:f4:db:b5:6a:fa:9d:dd:63:
         e1:65:e5:74:6b:a7:c5:b7:a3:d8:ab:8c:80:4b:80:05:b2:0a:
         b8:76:74:ce:00:7c:4d:32:c0:03:51:fd:de:73:6d:b1:43:b4:
         a9:d6:fd:3e:e0:4a:26:ed:9e:25:86:36:4c:b2:9d:7f:dc:dd:
         84:37:a5:8b:8e:c0:94:be:1c:12:39:d3:7b:30:4d:65:16:ed:
         8e:96:13:b4:0b:27:c0:71:01:66:01:29:bb:55:cc:6b:d9:83:
         c9:87:36:a5:ea:e4:28:dd:28:91:05:c2:78:94:1c:fd:3a:85:
         31:1e:26:ab:13:d2:b1:e3:a9:2d:95:56:67:43:7d:9e:aa:9f:
         33:89:cd:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wA0D6oYiru6dEywJclpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNmY5NDQ4YTkxMGQyNTc0MTU3YTMwNDAzZjQ2YzExNzJh
ZWVkYjYwHhcNMjYwMzI5MDQwMDI2WhcNMjYwMzMwMDQwMDI2WjAzMTEwLwYDVQQD
Eyg4ZTYwNzEzMzU2ODI2YjAxMDgwZDFhN2FlODI2MDQ4YmNiZDJmMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44PlKnr0WLAznSDR732kOdjk3Nwv
kPBk926b7FqRixLQ7okkPLZRHx+qS7f0LndCHbdKnlHrpZQCgFuoPWL5BivJS8eV
h6GtllAu8w/a7pWiqVeH+xFxp3f3HfAESsSZzo195+APO+E90wWlyp5YSA9rWC5U
0hRaUkQ/b3Wdk4J0LVEdixUYsf8kY2ARoIlcR0FtUr2u52nN/xDwszRiSFsOAMAR
yUcH47mBXg1Q9XKGBmaK9yrHoFT5rAaQu5MeEygohAmCHIpkyuw/gabuevHar1HG
VtnQWNPzIVxhMURTYEMfA2K6vSZFbJpzjY4lcQl5MuB06u8sXMiyKnyP1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5gcTNWgmsBCA0aeugmBIvL0vGOMB8GA1UdIwQY
MBaAFHJvlEipENJXQVejBAP0bBFyru22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYt
NjZiMTQxMTk0ZmQyLzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9lN2UzNmUtYTMyMy00ZjQ3LWE3NzYtNjZiMTQxMTk0ZmQy
LzEvY20tVVNLa1EwbGRCVjZNRUFfUnNFWEt1N2JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB4b2Favm
wH7lY3bbOhwDp7/Uf1KMhMSw21otMQ1jEc1JQN2Oy1Zzh0i9df+93dPeaexCahwV
wkFE0RaIgowNU/PvbOUP4qyWel2BrCeDUyDAdpm0MCIusaUtwul0uQzZ9ETfW3v3
7SJYciCVHmMij8ai8aQVKvTbtWr6nd1j4WXldGunxbej2KuMgEuABbIKuHZ0zgB8
TTLAA1H93nNtsUO0qdb9PuBKJu2eJYY2TLKdf9zdhDeli47AlL4cEjnTezBNZRbt
jpYTtAsnwHEBZgEpu1XMa9mDyYc2perkKN0okQXCeJQc/TqFMR4mqxPSseOpLZVW
Z0N9nqqfM4nNhA==
-----END CERTIFICATE-----