Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
File:                     7bKno-y66qV0GCMdsLYkq797pkU.mft (raw, json)
Hash identifier:          JAocyN6mJBTQAyOT8skGczWRsuVWsYnis08fha5yz/k=
Subject key identifier:   F6:12:21:2A:49:05:08:F2:FB:F3:73:BE:EF:A6:B3:9B:83:23:46:93
Authority key identifier: ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45
Certificate issuer:       /CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
Certificate serial:       019D3AC10D59851D64ED978360912C015B7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 18:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 18:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 18:00:23 +0000
Files and hashes:         1: 7bKno-y66qV0GCMdsLYkq797pkU.crl (hash: hf8YPUOLh82pBB38bTBX76BoXKKJ+v3Z+oBMNzVFgz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:c1:0d:59:85:1d:64:ed:97:83:60:91:2c:01:5b:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edb2a7a3ecbaeaa57418231db0b624abbf7ba645
        Validity
            Not Before: Mar 29 18:00:23 2026 GMT
            Not After : Mar 30 18:00:23 2026 GMT
        Subject: CN=f612212a490508f2fbf373beefa6b39b83234693
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:76:fe:13:ee:f3:3d:1b:81:85:f7:75:d0:f3:
                    bf:68:2a:f7:2e:1f:02:f9:b3:29:99:ab:f6:ac:49:
                    0b:c1:39:f4:bf:42:33:3a:32:52:18:a1:c7:05:dc:
                    2f:d9:f5:97:d9:67:55:e9:cb:d6:c6:e2:cd:c9:87:
                    1c:37:47:a1:5c:c7:35:48:f0:a7:09:83:37:8a:01:
                    87:ce:ae:de:a8:bf:4c:00:70:b4:f9:f2:38:22:f5:
                    08:e1:80:b2:35:8c:1b:46:06:8a:09:6f:46:11:3d:
                    2a:dd:8a:08:d3:d0:36:d6:20:3a:2f:49:bb:25:4d:
                    87:a1:c0:e2:7b:53:22:25:9b:aa:8d:92:cd:38:29:
                    0a:2e:18:39:bc:64:2c:80:b5:a1:3b:5f:94:bf:a5:
                    d1:e6:f2:ea:ab:da:ea:f0:46:25:5d:47:71:4b:fd:
                    a3:2e:16:e8:43:93:f2:89:ef:19:2f:75:7a:e3:e7:
                    26:de:4d:93:37:c5:42:59:f7:05:3d:68:e4:f3:c6:
                    82:14:9c:6b:fc:5d:fd:ca:19:d3:29:11:f6:9d:a0:
                    dc:13:a8:24:c8:64:00:08:90:83:d7:f0:60:74:66:
                    f4:ec:c5:02:f5:41:cc:95:d5:67:39:9e:05:a3:19:
                    5f:e4:a7:97:d3:9c:73:9e:ff:5f:c4:7f:de:97:69:
                    82:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:12:21:2A:49:05:08:F2:FB:F3:73:BE:EF:A6:B3:9B:83:23:46:93
            X509v3 Authority Key Identifier:
                keyid:ED:B2:A7:A3:EC:BA:EA:A5:74:18:23:1D:B0:B6:24:AB:BF:7B:A6:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bKno-y66qV0GCMdsLYkq797pkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/43ed1c-ff50-42e0-b7d4-af254ce3fe69/1/7bKno-y66qV0GCMdsLYkq797pkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c7:96:58:ec:73:8c:6d:fe:cc:5f:39:33:d1:5a:c9:52:c9:03:
         8b:e6:f6:5f:77:8d:7e:c5:e4:85:af:de:d2:68:ad:98:86:85:
         03:26:a3:f1:90:73:37:db:2b:ff:d6:75:a1:2f:30:88:35:7c:
         16:bb:a5:4e:b1:9a:06:f2:f4:03:12:e7:9d:b7:99:ca:8a:37:
         31:aa:3b:49:4b:59:54:32:cd:db:8f:ef:d5:74:47:56:b2:34:
         4e:1f:80:fe:f6:7f:7a:ff:16:55:9b:a2:5c:5d:57:74:35:54:
         9e:41:a8:6b:04:c2:5e:a6:c9:9c:2e:bb:63:20:3a:d8:92:22:
         79:fe:82:ab:3f:01:98:99:1e:36:a2:93:47:35:c5:e1:ba:6f:
         c8:bb:20:cf:f3:04:c2:c2:10:23:8b:0a:94:d1:57:c7:76:1e:
         fd:8d:59:88:1a:c3:08:eb:d6:c8:16:bf:25:16:95:45:d7:40:
         9f:ba:36:98:99:4b:70:05:46:8d:b3:90:f7:1a:7b:52:f8:f9:
         6a:49:c2:34:93:47:05:88:09:e5:8f:19:59:e8:90:4a:69:3a:
         6d:69:0e:5a:b4:10:5f:81:a3:c6:72:fb:3f:c4:c9:b4:ce:bf:
         48:d4:d8:46:52:73:d2:d9:61:42:ef:f7:30:a4:02:40:18:f3:
         7f:73:96:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wQ1ZhR1k7ZeDYJEsAVt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjJhN2EzZWNiYWVhYTU3NDE4MjMxZGIwYjYyNGFiYmY3
YmE2NDUwHhcNMjYwMzI5MTgwMDIzWhcNMjYwMzMwMTgwMDIzWjAzMTEwLwYDVQQD
EyhmNjEyMjEyYTQ5MDUwOGYyZmJmMzczYmVlZmE2YjM5YjgzMjM0NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHb+E+7zPRuBhfd10PO/aCr3Lh8C
+bMpmav2rEkLwTn0v0IzOjJSGKHHBdwv2fWX2WdV6cvWxuLNyYccN0ehXMc1SPCn
CYM3igGHzq7eqL9MAHC0+fI4IvUI4YCyNYwbRgaKCW9GET0q3YoI09A21iA6L0m7
JU2HocDie1MiJZuqjZLNOCkKLhg5vGQsgLWhO1+Uv6XR5vLqq9rq8EYlXUdxS/2j
LhboQ5Pyie8ZL3V64+cm3k2TN8VCWfcFPWjk88aCFJxr/F39yhnTKRH2naDcE6gk
yGQACJCD1/BgdGb07MUC9UHMldVnOZ4Foxlf5KeX05xznv9fxH/el2mCPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYSISpJBQjy+/Nzvu+ms5uDI0aTMB8GA1UdIwQY
MBaAFO2yp6PsuuqldBgjHbC2JKu/e6ZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQt
YWYyNTRjZTNmZTY5LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS80M2VkMWMtZmY1MC00MmUwLWI3ZDQtYWYyNTRjZTNmZTY5
LzEvN2JLbm8teTY2cVYwR0NNZHNMWWtxNzk3cGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAx5ZY7HOM
bf7MXzkz0VrJUskDi+b2X3eNfsXkha/e0mitmIaFAyaj8ZBzN9sr/9Z1oS8wiDV8
FrulTrGaBvL0AxLnnbeZyoo3Mao7SUtZVDLN24/v1XRHVrI0Th+A/vZ/ev8WVZui
XF1XdDVUnkGoawTCXqbJnC67YyA62JIief6Cqz8BmJkeNqKTRzXF4bpvyLsgz/ME
wsIQI4sKlNFXx3Ye/Y1ZiBrDCOvWyBa/JRaVRddAn7o2mJlLcAVGjbOQ9xp7Uvj5
aknCNJNHBYgJ5Y8ZWeiQSmk6bWkOWrQQX4GjxnL7P8TJtM6/SNTYRlJz0tlhQu/3
MKQCQBjzf3OW3w==
-----END CERTIFICATE-----