Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
File:                     Le43b1HIyKVVUo1MFesfTKOZxJE.mft (raw, json)
Hash identifier:          tUM3ZVHBeNk/lohxKnj8gH1vTvcAl9iziPrZaXtytgQ=
Subject key identifier:   EC:B3:C9:05:D7:A9:B1:78:16:22:27:42:D2:54:2B:82:D4:D6:ED:71
Authority key identifier: 2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91
Certificate issuer:       /CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
Certificate serial:       019D3865AA50F78542A31EF08ABF3127C6EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:19 +0000
Files and hashes:         1: Le43b1HIyKVVUo1MFesfTKOZxJE.crl (hash: TwfJTiWm/VR0f42VztejUuQswjdiIOcN4cU1qcqg6Do=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:aa:50:f7:85:42:a3:1e:f0:8a:bf:31:27:c6:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dee376f51c8c8a555528d4c15eb1f4ca399c491
        Validity
            Not Before: Mar 29 07:01:19 2026 GMT
            Not After : Mar 30 07:01:19 2026 GMT
        Subject: CN=ecb3c905d7a9b17816222742d2542b82d4d6ed71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:a7:13:08:6d:7c:0f:ae:1e:20:cc:1a:65:e6:
                    b4:26:4c:7a:5d:9b:d5:06:ea:e4:64:73:1d:4b:ff:
                    7b:8e:6a:89:45:7a:aa:75:4b:db:15:00:e2:75:91:
                    bd:8c:e5:f6:75:47:dc:b2:27:a2:89:b3:6b:dc:49:
                    9d:26:90:7e:1a:e2:f8:ba:05:0f:71:9c:26:0d:4b:
                    d9:cc:45:8c:cc:ac:35:81:a0:d2:71:3c:7b:c6:9b:
                    45:d2:3a:10:12:83:16:a1:fa:4e:c8:ad:42:47:28:
                    81:0a:ac:80:2d:a0:fe:31:da:f7:3c:35:58:0f:43:
                    fc:95:8e:7d:4f:43:95:46:ec:84:0b:63:9f:9d:e1:
                    ad:f7:64:cb:af:e0:9a:ea:c1:83:31:40:e4:54:fb:
                    0e:91:2e:6e:8e:c0:85:6b:2b:18:1e:f9:1d:cc:1e:
                    9a:a4:ee:b4:97:0b:9c:31:28:bb:aa:42:17:a4:e8:
                    67:ad:30:b3:4b:60:7e:85:ea:fb:16:87:be:72:72:
                    ed:2f:b6:36:b4:6f:98:c5:8a:50:99:ab:d6:5c:2e:
                    ec:32:1f:dd:5d:83:b7:60:8f:41:ae:29:08:de:a6:
                    da:29:11:cb:93:51:6d:48:fa:c0:d5:a5:10:1c:57:
                    94:d8:2b:40:0e:f6:3a:69:34:21:72:bb:2b:5c:a9:
                    bc:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:B3:C9:05:D7:A9:B1:78:16:22:27:42:D2:54:2B:82:D4:D6:ED:71
            X509v3 Authority Key Identifier:
                keyid:2D:EE:37:6F:51:C8:C8:A5:55:52:8D:4C:15:EB:1F:4C:A3:99:C4:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Le43b1HIyKVVUo1MFesfTKOZxJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3be097-28f4-49e8-ad25-ff5cbdac5845/1/Le43b1HIyKVVUo1MFesfTKOZxJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:27:cd:2c:0c:e7:2e:b3:fe:29:be:89:4e:6b:7b:3e:83:99:
         90:3b:18:0c:e1:bb:6a:2e:bd:65:4d:c2:26:c8:2c:d0:53:3c:
         60:52:92:65:76:22:b1:69:c4:33:eb:10:16:bb:40:14:e2:f5:
         41:88:6d:d0:0d:84:b4:13:ce:a7:a3:3d:90:5c:8c:ad:98:93:
         cc:c8:d6:ab:74:88:a0:62:b9:47:c1:36:4e:82:7d:5e:ab:92:
         f1:6a:a6:b9:f1:8b:6f:a2:d0:ad:ce:22:10:78:63:3f:7a:94:
         7d:3f:24:a7:80:e9:f8:bb:41:fc:20:31:9a:aa:1d:83:8a:d1:
         74:fc:f3:e3:2c:da:5c:3e:71:35:f1:a4:55:d6:51:3f:06:05:
         2e:c9:ba:41:ad:1b:2a:ea:ce:e0:46:af:11:51:4a:64:3b:bd:
         8f:1e:5c:f5:ed:46:d0:41:91:57:b1:4d:6d:e8:d1:38:99:14:
         e8:b0:e9:2b:8a:ec:87:e5:76:8f:2d:f2:f7:63:53:b9:17:03:
         7c:40:41:dc:33:61:fa:34:78:92:68:01:a4:82:80:e5:ec:90:
         e7:78:77:23:48:ef:11:5f:f3:55:16:46:1b:45:ad:fb:c0:f3:
         8e:1a:fd:7c:63:af:27:2b:76:0c:89:39:dd:b7:06:c5:76:6c:
         6f:5e:c2:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZapQ94VCox7wir8xJ8buMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZWUzNzZmNTFjOGM4YTU1NTUyOGQ0YzE1ZWIxZjRjYTM5
OWM0OTEwHhcNMjYwMzI5MDcwMTE5WhcNMjYwMzMwMDcwMTE5WjAzMTEwLwYDVQQD
EyhlY2IzYzkwNWQ3YTliMTc4MTYyMjI3NDJkMjU0MmI4MmQ0ZDZlZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6cTCG18D64eIMwaZea0Jkx6XZvV
BurkZHMdS/97jmqJRXqqdUvbFQDidZG9jOX2dUfcsieiibNr3EmdJpB+GuL4ugUP
cZwmDUvZzEWMzKw1gaDScTx7xptF0joQEoMWofpOyK1CRyiBCqyALaD+Mdr3PDVY
D0P8lY59T0OVRuyEC2OfneGt92TLr+Ca6sGDMUDkVPsOkS5ujsCFaysYHvkdzB6a
pO60lwucMSi7qkIXpOhnrTCzS2B+her7Foe+cnLtL7Y2tG+YxYpQmavWXC7sMh/d
XYO3YI9BrikI3qbaKRHLk1FtSPrA1aUQHFeU2CtADvY6aTQhcrsrXKm8NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOyzyQXXqbF4FiInQtJUK4LU1u1xMB8GA1UdIwQY
MBaAFC3uN29RyMilVVKNTBXrH0yjmcSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUt
ZmY1Y2JkYWM1ODQ1LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8zYmUwOTctMjhmNC00OWU4LWFkMjUtZmY1Y2JkYWM1ODQ1
LzEvTGU0M2IxSEl5S1ZWVW8xTUZlc2ZUS09aeEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARifNLAzn
LrP+Kb6JTmt7PoOZkDsYDOG7ai69ZU3CJsgs0FM8YFKSZXYisWnEM+sQFrtAFOL1
QYht0A2EtBPOp6M9kFyMrZiTzMjWq3SIoGK5R8E2ToJ9XquS8WqmufGLb6LQrc4i
EHhjP3qUfT8kp4Dp+LtB/CAxmqodg4rRdPzz4yzaXD5xNfGkVdZRPwYFLsm6Qa0b
KurO4EavEVFKZDu9jx5c9e1G0EGRV7FNbejROJkU6LDpK4rsh+V2jy3y92NTuRcD
fEBB3DNh+jR4kmgBpIKA5eyQ53h3I0jvEV/zVRZGG0Wt+8Dzjhr9fGOvJyt2DIk5
3bcGxXZsb17CYA==
-----END CERTIFICATE-----