Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          gqeGl8/EZS/aEiTyfUHcki0bC84tYIYGArHRr/cPDrg=
Subject key identifier:   4C:90:18:88:00:10:3B:F9:E6:77:08:BE:6C:F1:67:7F:16:19:EA:B2
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       019D39416130AF0652A096407DB2EA1CF01A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 11:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:19 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: YuzA2MhAHrI2Dy/d6WwY1E0JLnPk8uJln3aEIIPWiJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:61:30:af:06:52:a0:96:40:7d:b2:ea:1c:f0:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Mar 29 11:01:19 2026 GMT
            Not After : Mar 30 11:01:19 2026 GMT
        Subject: CN=4c90188800103bf9e67708be6cf1677f1619eab2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:20:f8:b5:9e:8f:83:8f:fa:4e:60:57:dd:45:
                    f6:27:80:22:a8:0d:87:96:36:d4:37:f7:2b:c6:5e:
                    58:1f:1f:21:9a:f6:ec:a9:5b:43:7c:95:2c:d1:44:
                    93:dc:61:1d:af:36:58:14:1d:a8:7f:96:8d:14:47:
                    e8:69:2f:01:94:2b:a0:64:f1:85:7a:c2:34:d4:77:
                    4c:f8:6b:a4:7b:40:c3:78:b4:93:e9:b4:4b:a6:64:
                    70:03:f1:48:95:ad:a1:d5:17:61:f2:e9:87:12:0f:
                    2c:98:b4:a2:42:f7:1e:87:7e:2d:84:3d:97:52:d7:
                    5e:91:1b:c4:a0:6a:1a:b1:fb:c9:8a:00:0b:9e:94:
                    e7:31:35:60:18:16:f4:c2:fd:4d:52:5b:d1:a8:bf:
                    f7:ae:36:33:ff:a4:c0:5a:2d:a5:8d:c2:f3:e5:37:
                    80:5d:74:2c:f5:f6:d5:6d:bd:be:28:aa:4b:8a:0c:
                    89:c0:31:81:01:65:33:4e:1f:5c:24:8a:64:35:30:
                    c6:73:e4:9b:35:1d:f3:b3:c7:7f:6c:db:af:0f:4f:
                    ef:5b:4c:ac:4a:b6:9e:d4:1f:92:9e:09:54:ac:2e:
                    b7:91:a9:89:32:e0:04:db:73:53:df:7e:78:37:6a:
                    92:62:8b:01:af:3c:3b:21:b3:4a:50:e4:32:81:07:
                    da:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:90:18:88:00:10:3B:F9:E6:77:08:BE:6C:F1:67:7F:16:19:EA:B2
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:fb:d7:59:05:f8:1d:57:61:bd:43:c6:54:8a:a7:7d:a8:28:
         d7:de:06:14:7a:1c:e5:14:06:41:aa:61:87:0b:52:44:89:88:
         57:d0:ca:2e:0a:1c:7d:f8:12:cf:be:f8:8b:cf:c4:15:53:c5:
         ea:67:54:d1:28:ed:22:6f:d8:78:87:46:10:76:39:81:c7:fd:
         86:13:f4:0c:4a:f6:6b:6b:94:16:9b:4a:07:d5:60:b4:e9:44:
         c2:99:c4:b2:7c:ef:65:6f:e4:01:b1:ae:ba:b5:45:55:5a:c1:
         d5:81:e2:f5:9f:b7:2d:2c:57:d1:ce:f4:e5:46:6a:a7:d7:a0:
         a5:45:6f:5d:92:5a:95:a4:59:6b:5b:15:b0:f5:41:cd:db:63:
         a5:ba:01:e8:79:f8:c3:ee:5c:34:ea:75:de:01:a3:65:eb:cb:
         e9:d5:ce:98:38:49:e8:0c:f2:f6:5c:76:c9:26:2e:e1:47:e9:
         9a:eb:1b:85:38:9b:47:76:47:1a:3f:65:5b:7f:c2:02:a7:15:
         f2:75:c6:76:00:81:26:55:b0:7c:4d:31:7e:a2:2c:96:b0:1f:
         59:3f:8c:93:a2:d9:21:32:15:be:fd:e3:03:17:c4:3c:de:82:
         16:95:20:37:38:ad:7a:88:dc:80:31:3d:be:37:5a:14:f4:0c:
         f8:4a:be:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QWEwrwZSoJZAfbLqHPAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjYwMzI5MTEwMTE5WhcNMjYwMzMwMTEwMTE5WjAzMTEwLwYDVQQD
Eyg0YzkwMTg4ODAwMTAzYmY5ZTY3NzA4YmU2Y2YxNjc3ZjE2MTllYWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyD4tZ6Pg4/6TmBX3UX2J4AiqA2H
ljbUN/crxl5YHx8hmvbsqVtDfJUs0UST3GEdrzZYFB2of5aNFEfoaS8BlCugZPGF
esI01HdM+Guke0DDeLST6bRLpmRwA/FIla2h1Rdh8umHEg8smLSiQvceh34thD2X
UtdekRvEoGoasfvJigALnpTnMTVgGBb0wv1NUlvRqL/3rjYz/6TAWi2ljcLz5TeA
XXQs9fbVbb2+KKpLigyJwDGBAWUzTh9cJIpkNTDGc+SbNR3zs8d/bNuvD0/vW0ys
Srae1B+SnglUrC63kamJMuAE23NT3354N2qSYosBrzw7IbNKUOQygQfaFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyQGIgAEDv55ncIvmzxZ38WGeqyMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf/vXWQX4
HVdhvUPGVIqnfago194GFHoc5RQGQaphhwtSRImIV9DKLgocffgSz774i8/EFVPF
6mdU0SjtIm/YeIdGEHY5gcf9hhP0DEr2a2uUFptKB9VgtOlEwpnEsnzvZW/kAbGu
urVFVVrB1YHi9Z+3LSxX0c705UZqp9egpUVvXZJalaRZa1sVsPVBzdtjpboB6Hn4
w+5cNOp13gGjZevL6dXOmDhJ6Azy9lx2ySYu4UfpmusbhTibR3ZHGj9lW3/CAqcV
8nXGdgCBJlWwfE0xfqIslrAfWT+Mk6LZITIVvv3jAxfEPN6CFpUgNziteojcgDE9
vjdaFPQM+Eq+vA==
-----END CERTIFICATE-----