Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
File:                     rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft (raw, json)
Hash identifier:          w4q0v9HJfP8PKe0wAB0MkIsb0F8qbvi9swAdL33xzho=
Subject key identifier:   3F:E9:24:FF:F0:63:1E:CC:35:A0:60:62:BE:61:C2:31:C7:F1:0B:55
Authority key identifier: AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03
Certificate issuer:       /CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
Certificate serial:       019D3865813F6039108B948960B0FF87125D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:09 +0000
Files and hashes:         1: rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl (hash: Ml+2ifUHuQ3+6N2Un8415igfE+c+0BWVDhm5An14/Kw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:81:3f:60:39:10:8b:94:89:60:b0:ff:87:12:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
        Validity
            Not Before: Mar 29 07:01:09 2026 GMT
            Not After : Mar 30 07:01:09 2026 GMT
        Subject: CN=3fe924fff0631ecc35a06062be61c231c7f10b55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c3:77:5d:2b:02:cb:eb:15:2d:53:84:fb:6e:
                    29:ea:c7:78:a6:fe:26:e0:90:1f:54:69:08:a3:d4:
                    3c:bc:c8:20:8e:03:ad:96:65:d5:be:56:a9:32:4c:
                    57:96:7c:a0:01:a6:8b:dc:b3:cf:84:a6:c9:57:b2:
                    06:dd:28:a8:b4:8a:31:e7:62:91:7b:f6:78:42:dd:
                    d2:46:e4:87:38:b7:c0:c5:b1:70:3f:ea:f6:2d:22:
                    67:58:4d:c3:97:85:3c:28:fc:76:5d:4c:56:19:2e:
                    26:f9:2f:41:ea:12:ce:30:9a:45:7e:84:52:b4:15:
                    8a:83:8f:e1:a9:49:0f:27:54:0c:cc:61:9c:19:1a:
                    52:ed:d2:9e:75:40:d6:a8:7e:44:ec:c5:56:ce:3b:
                    7c:95:55:95:1a:55:ce:14:7a:fa:56:55:dc:a4:f0:
                    4f:07:4b:00:32:24:28:b5:1f:76:1a:03:32:79:58:
                    66:f7:f0:91:2a:4d:5b:65:77:a9:fc:13:0e:d5:28:
                    1b:8d:51:82:44:c2:41:c4:fd:03:42:59:3c:24:e9:
                    5c:e1:6e:02:41:f4:5b:42:a7:c8:1b:d6:64:c8:e1:
                    b4:ca:f0:d4:27:0a:7b:5c:9a:ca:a9:b0:1a:53:16:
                    02:60:42:86:56:09:f6:71:8d:d5:1d:bc:2b:28:e4:
                    1b:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:E9:24:FF:F0:63:1E:CC:35:A0:60:62:BE:61:C2:31:C7:F1:0B:55
            X509v3 Authority Key Identifier:
                keyid:AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:38:4b:e0:41:43:61:fd:0b:d2:30:35:e3:9f:bc:7f:a5:de:
         b7:d9:26:98:5f:f4:7a:81:d3:bd:2b:ca:86:db:b8:ac:58:51:
         42:61:64:1a:d7:a2:93:43:a5:35:77:60:a9:b3:5a:bd:00:55:
         59:7e:e8:a8:e6:c2:14:54:75:92:6a:8e:a2:0d:1b:74:5e:f4:
         57:91:07:bb:c7:a3:71:ff:c0:bb:7a:e0:43:21:27:3a:04:c8:
         86:36:a1:0d:d7:27:fe:1d:9e:13:b9:19:57:f1:b3:21:75:2a:
         ce:96:1f:19:fe:bb:97:dd:ba:c1:f2:4c:eb:cb:10:6e:e7:93:
         15:b3:c0:ff:54:c9:6f:85:a8:b6:db:10:37:a7:d6:f1:05:3e:
         3d:6e:f4:c1:2b:bb:36:46:c8:82:2c:d4:57:de:dc:65:26:6b:
         b6:19:ea:29:91:04:bf:5d:04:61:2b:0a:3f:83:b5:1b:e6:5e:
         da:65:9e:4e:af:31:81:ae:c8:0b:2b:ff:28:90:36:4f:0d:fd:
         c0:84:23:b3:d6:4a:df:8c:34:ad:f3:01:1c:f0:2c:cf:8f:6b:
         1b:69:24:45:fc:49:22:41:fc:fc:7e:44:56:6b:8a:30:4d:41:
         a9:6d:33:a3:dd:5f:4b:4a:ef:f0:1f:e1:db:3b:4d:dc:a8:b9:
         b8:cc:1a:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYE/YDkQi5SJYLD/hxJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTBlYzM1MmU4ZGJiMGNkZjZlMDhjNTdjNzFjYWExMWE0
NDUwMDMwHhcNMjYwMzI5MDcwMTA5WhcNMjYwMzMwMDcwMTA5WjAzMTEwLwYDVQQD
EygzZmU5MjRmZmYwNjMxZWNjMzVhMDYwNjJiZTYxYzIzMWM3ZjEwYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucN3XSsCy+sVLVOE+24p6sd4pv4m
4JAfVGkIo9Q8vMggjgOtlmXVvlapMkxXlnygAaaL3LPPhKbJV7IG3SiotIox52KR
e/Z4Qt3SRuSHOLfAxbFwP+r2LSJnWE3Dl4U8KPx2XUxWGS4m+S9B6hLOMJpFfoRS
tBWKg4/hqUkPJ1QMzGGcGRpS7dKedUDWqH5E7MVWzjt8lVWVGlXOFHr6VlXcpPBP
B0sAMiQotR92GgMyeVhm9/CRKk1bZXep/BMO1SgbjVGCRMJBxP0DQlk8JOlc4W4C
QfRbQqfIG9ZkyOG0yvDUJwp7XJrKqbAaUxYCYEKGVgn2cY3VHbwrKOQbZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/pJP/wYx7MNaBgYr5hwjHH8QtVMB8GA1UdIwQY
MBaAFK5Q7DUujbsM324IxXxxyqEaRFADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQt
MzNlYmFjMDk1MDc3LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQtMzNlYmFjMDk1MDc3
LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYThL4EFD
Yf0L0jA145+8f6Xet9kmmF/0eoHTvSvKhtu4rFhRQmFkGteik0OlNXdgqbNavQBV
WX7oqObCFFR1kmqOog0bdF70V5EHu8ejcf/Au3rgQyEnOgTIhjahDdcn/h2eE7kZ
V/GzIXUqzpYfGf67l926wfJM68sQbueTFbPA/1TJb4WottsQN6fW8QU+PW70wSu7
NkbIgizUV97cZSZrthnqKZEEv10EYSsKP4O1G+Ze2mWeTq8xga7ICyv/KJA2Tw39
wIQjs9ZK34w0rfMBHPAsz49rG2kkRfxJIkH8/H5EVmuKME1BqW0zo91fS0rv8B/h
2ztN3Ki5uMwa9w==
-----END CERTIFICATE-----