Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
File:                     4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft (raw, json)
Hash identifier:          j+wAbqqvnIPXBZ8NO60FgCxKADU8NfLneb3h70RAFgc=
Subject key identifier:   90:72:1A:50:7E:DE:27:DB:9E:BF:B9:C8:90:74:34:79:D6:A9:6C:9F
Authority key identifier: E2:AE:E5:A5:92:B3:A7:EC:73:B5:49:44:24:99:6F:7E:BE:C6:8F:BC
Certificate issuer:       /CN=e2aee5a592b3a7ec73b5494424996f7ebec68fbc
Certificate serial:       019D3865C753E55E555BA29E5CBE8824FF70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:27 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:27 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:27 +0000
Files and hashes:         1: 4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl (hash: /NGAld8rLFV2s6s2bC0bZSM2+MKWaasNwpacU80nJMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:c7:53:e5:5e:55:5b:a2:9e:5c:be:88:24:ff:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2aee5a592b3a7ec73b5494424996f7ebec68fbc
        Validity
            Not Before: Mar 29 07:01:27 2026 GMT
            Not After : Mar 30 07:01:27 2026 GMT
        Subject: CN=90721a507ede27db9ebfb9c890743479d6a96c9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:04:2d:ff:9f:22:98:9e:90:be:32:fc:43:10:
                    4d:a5:b1:46:7c:fd:c0:19:e2:c3:11:f8:c3:95:67:
                    46:e6:14:1c:10:40:91:13:17:3a:1f:5c:68:fb:9e:
                    e9:c7:d0:83:c2:d9:a4:ef:b6:5c:94:bc:4c:62:37:
                    3b:0d:04:8d:e0:52:ac:fc:5a:1c:6a:a1:2a:46:72:
                    34:87:34:af:d6:11:b7:41:fa:b6:1c:08:7a:55:94:
                    d1:a1:be:f5:bb:07:ab:69:92:b4:49:5b:29:13:30:
                    76:34:9d:da:ed:f7:f8:30:06:e8:74:b7:b1:14:2c:
                    6f:96:71:92:f4:e0:54:fa:41:56:23:8e:1f:b7:bc:
                    16:d6:45:2e:6e:1d:b9:11:66:fb:b0:10:d7:4a:e6:
                    c1:ae:6e:c3:fe:9c:c5:76:14:a0:10:38:fb:95:9c:
                    fa:7d:3b:3a:e4:54:45:c7:b3:72:76:2c:a0:46:65:
                    b1:a0:83:ff:80:6f:3e:8c:ea:25:50:14:c5:67:31:
                    b3:70:f5:2e:cf:d2:0e:5c:84:73:96:4d:0f:a9:0c:
                    6f:dc:a6:35:42:3a:e1:f3:a3:77:b4:8b:ee:ef:ee:
                    69:1f:45:e7:e8:cc:d1:48:b4:58:48:16:2d:a8:76:
                    0b:f7:47:bd:05:cb:29:43:aa:d4:36:4b:2a:f2:b3:
                    c6:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:72:1A:50:7E:DE:27:DB:9E:BF:B9:C8:90:74:34:79:D6:A9:6C:9F
            X509v3 Authority Key Identifier:
                keyid:E2:AE:E5:A5:92:B3:A7:EC:73:B5:49:44:24:99:6F:7E:BE:C6:8F:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4q7lpZKzp-xztUlEJJlvfr7Gj7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17e936-1630-4a85-a93b-3955e0786092/1/4q7lpZKzp-xztUlEJJlvfr7Gj7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:e2:c1:6a:8b:1f:bd:96:33:85:2f:4e:34:16:48:8a:fc:38:
         10:fc:b9:6a:54:8b:08:51:62:b7:26:2a:3a:f3:d7:b9:09:fc:
         d1:62:ab:d4:21:21:df:cd:a7:0e:48:03:d1:c8:7d:78:9d:e4:
         92:62:7f:50:71:ac:6c:bb:df:eb:ee:c6:5c:7c:3b:8f:d8:71:
         8a:fb:df:06:5b:70:27:66:a6:e6:38:86:7d:0b:61:04:6e:79:
         24:84:be:1a:05:c3:92:e1:5f:f9:e9:7f:a4:19:1e:42:06:e6:
         6d:48:d0:b5:a9:d9:c4:15:41:b6:18:90:0d:34:ee:fe:e9:2a:
         27:5f:78:e1:a8:8b:c7:a5:44:11:af:02:f6:e0:4a:16:0f:42:
         8d:3c:d2:15:ad:06:0c:96:05:83:31:dd:2f:32:b2:09:18:f1:
         58:8b:bb:14:09:e0:f3:11:40:e5:55:69:07:02:55:cf:cb:63:
         e4:af:ce:ef:ea:4d:71:e5:2c:0c:a7:48:6f:b6:46:76:34:fa:
         24:3c:d0:ee:ab:12:e2:99:3a:a2:15:13:34:5a:75:f6:ff:6a:
         02:58:7e:36:28:0d:d5:70:95:df:eb:9d:b0:80:0c:35:17:a9:
         ba:3d:00:5e:20:f9:6b:a6:e6:f9:82:71:4e:af:41:f0:43:2c:
         ab:a2:b2:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcdT5V5VW6KeXL6IJP9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYWVlNWE1OTJiM2E3ZWM3M2I1NDk0NDI0OTk2ZjdlYmVj
NjhmYmMwHhcNMjYwMzI5MDcwMTI3WhcNMjYwMzMwMDcwMTI3WjAzMTEwLwYDVQQD
Eyg5MDcyMWE1MDdlZGUyN2RiOWViZmI5Yzg5MDc0MzQ3OWQ2YTk2YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgQt/58imJ6QvjL8QxBNpbFGfP3A
GeLDEfjDlWdG5hQcEECRExc6H1xo+57px9CDwtmk77ZclLxMYjc7DQSN4FKs/Foc
aqEqRnI0hzSv1hG3Qfq2HAh6VZTRob71uweraZK0SVspEzB2NJ3a7ff4MAbodLex
FCxvlnGS9OBU+kFWI44ft7wW1kUubh25EWb7sBDXSubBrm7D/pzFdhSgEDj7lZz6
fTs65FRFx7NydiygRmWxoIP/gG8+jOolUBTFZzGzcPUuz9IOXIRzlk0PqQxv3KY1
Qjrh86N3tIvu7+5pH0Xn6MzRSLRYSBYtqHYL90e9BcspQ6rUNksq8rPGDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJByGlB+3ifbnr+5yJB0NHnWqWyfMB8GA1UdIwQY
MBaAFOKu5aWSs6fsc7VJRCSZb36+xo+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xN2U5MzYtMTYzMC00YTg1LWE5M2It
Mzk1NWUwNzg2MDkyLzEvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xN2U5MzYtMTYzMC00YTg1LWE5M2ItMzk1NWUwNzg2MDky
LzEvNHE3bHBaS3pwLXh6dFVsRUpKbHZmcjdHajd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmuLBaosf
vZYzhS9ONBZIivw4EPy5alSLCFFityYqOvPXuQn80WKr1CEh382nDkgD0ch9eJ3k
kmJ/UHGsbLvf6+7GXHw7j9hxivvfBltwJ2am5jiGfQthBG55JIS+GgXDkuFf+el/
pBkeQgbmbUjQtanZxBVBthiQDTTu/ukqJ1944aiLx6VEEa8C9uBKFg9CjTzSFa0G
DJYFgzHdLzKyCRjxWIu7FAng8xFA5VVpBwJVz8tj5K/O7+pNceUsDKdIb7ZGdjT6
JDzQ7qsS4pk6ohUTNFp19v9qAlh+NigN1XCV3+udsIAMNRepuj0AXiD5a6bm+YJx
Tq9B8EMsq6Ky/Q==
-----END CERTIFICATE-----