Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
File:                     FYi9izG5XpysnzgSjZW4UvA9V4Q.mft (raw, json)
Hash identifier:          jcsUL74td40htjV4v+KU4DArS3ZNu3Hr13aPHo+ErTk=
Subject key identifier:   7D:28:39:D9:82:6B:E9:31:09:2C:C1:EF:DC:CE:CC:11:B6:39:FD:A8
Authority key identifier: 15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84
Certificate issuer:       /CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
Certificate serial:       019D3865A864597E7ACEAB75CA0BFD522A19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:19 +0000
Files and hashes:         1: FYi9izG5XpysnzgSjZW4UvA9V4Q.crl (hash: BQTvFNqlD3iAjrxtb37UpaV/5RdulXvtWN5wM+EaVBA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:a8:64:59:7e:7a:ce:ab:75:ca:0b:fd:52:2a:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1588bd8b31b95e9cac9f38128d95b852f03d5784
        Validity
            Not Before: Mar 29 07:01:19 2026 GMT
            Not After : Mar 30 07:01:19 2026 GMT
        Subject: CN=7d2839d9826be931092cc1efdccecc11b639fda8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ec:9d:60:70:c5:de:09:3d:e3:74:ef:f4:80:
                    93:ec:3c:a6:5d:da:75:cc:3e:c1:31:61:5c:e6:88:
                    83:be:d2:5b:1c:f1:8d:e5:17:be:60:30:31:a5:56:
                    b7:b0:9b:ce:4c:13:0d:a8:2c:83:51:fc:4b:50:c2:
                    0b:ec:28:7e:49:f1:e9:56:6a:c1:ce:c5:ca:35:b4:
                    29:1d:d7:76:10:92:2f:ba:82:51:43:c6:16:ad:04:
                    09:25:1e:ea:d4:f9:1e:77:c1:ff:e9:15:26:1d:65:
                    e2:08:a3:0f:53:04:d1:cd:a1:03:b1:5a:3f:95:d2:
                    53:4d:e2:f9:48:4a:f0:b3:f0:31:43:5c:b2:84:00:
                    5c:25:ad:4c:52:86:03:0b:35:c9:96:1e:64:c4:46:
                    45:27:cf:2f:8f:4a:df:a5:72:eb:bc:81:19:ed:b4:
                    d4:c4:da:ba:b4:e5:d2:60:57:ff:20:42:d2:8e:15:
                    69:d6:ac:f1:7b:19:4a:3c:46:0a:e8:d2:37:3b:c2:
                    e2:36:7f:d2:7d:a3:37:c0:f9:3c:fc:29:05:61:00:
                    95:0b:e8:96:2f:7c:37:97:39:89:4e:e5:76:00:02:
                    f1:a1:a7:89:65:32:72:65:2c:00:1f:bc:87:16:99:
                    3b:ac:bb:0c:a4:77:e7:e1:83:21:5b:00:bf:a7:41:
                    3a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:28:39:D9:82:6B:E9:31:09:2C:C1:EF:DC:CE:CC:11:B6:39:FD:A8
            X509v3 Authority Key Identifier:
                keyid:15:88:BD:8B:31:B9:5E:9C:AC:9F:38:12:8D:95:B8:52:F0:3D:57:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FYi9izG5XpysnzgSjZW4UvA9V4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d1aa2e-b819-421c-8456-b5ae839f30e2/1/FYi9izG5XpysnzgSjZW4UvA9V4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f9:1c:ca:da:ed:95:8a:04:84:4c:00:c4:d6:be:ed:68:6a:
         ed:05:4a:07:4f:00:05:93:04:30:76:8d:1c:a1:f9:72:44:f2:
         57:f8:72:2e:2e:f6:f1:6b:2b:45:4e:33:61:1c:d6:5a:a3:5e:
         6d:e4:75:82:73:89:d8:c4:70:fc:bb:2c:d3:a5:d4:ff:be:ff:
         9c:4d:94:c1:38:ad:00:ab:62:a2:d1:07:b6:fc:46:1b:77:0c:
         d8:83:7c:ae:d5:83:70:3f:5b:06:65:61:8c:2f:5b:d6:5f:bb:
         30:f9:4e:26:01:6c:92:95:2b:6e:f7:ab:1a:0b:a1:7d:ca:30:
         24:04:e8:f6:22:3c:78:f3:bb:b3:53:11:f7:32:0e:fa:c7:3c:
         63:ca:e8:91:36:2f:28:48:75:72:3d:a3:4b:c8:ce:31:12:d4:
         69:25:f3:28:50:69:c2:ea:c1:86:f1:ae:69:9c:06:45:ad:ee:
         d9:f5:b1:ea:0c:8f:ba:1c:43:8d:4e:a5:51:86:ff:7a:fe:06:
         51:dc:46:d5:00:b6:5a:c4:7b:b5:bb:da:3c:be:fd:b1:48:19:
         10:3d:d0:0e:93:bc:22:36:9e:08:72:2e:1f:79:83:40:3d:13:
         46:a6:d0:8c:c8:18:b0:74:11:da:0a:5a:e3:1e:3f:8e:a4:ee:
         06:4e:5a:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZahkWX56zqt1ygv9UioZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ODhiZDhiMzFiOTVlOWNhYzlmMzgxMjhkOTViODUyZjAz
ZDU3ODQwHhcNMjYwMzI5MDcwMTE5WhcNMjYwMzMwMDcwMTE5WjAzMTEwLwYDVQQD
Eyg3ZDI4MzlkOTgyNmJlOTMxMDkyY2MxZWZkY2NlY2MxMWI2MzlmZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOydYHDF3gk943Tv9ICT7DymXdp1
zD7BMWFc5oiDvtJbHPGN5Re+YDAxpVa3sJvOTBMNqCyDUfxLUMIL7Ch+SfHpVmrB
zsXKNbQpHdd2EJIvuoJRQ8YWrQQJJR7q1Pked8H/6RUmHWXiCKMPUwTRzaEDsVo/
ldJTTeL5SErws/AxQ1yyhABcJa1MUoYDCzXJlh5kxEZFJ88vj0rfpXLrvIEZ7bTU
xNq6tOXSYFf/IELSjhVp1qzxexlKPEYK6NI3O8LiNn/SfaM3wPk8/CkFYQCVC+iW
L3w3lzmJTuV2AALxoaeJZTJyZSwAH7yHFpk7rLsMpHfn4YMhWwC/p0E6WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0oOdmCa+kxCSzB79zOzBG2Of2oMB8GA1UdIwQY
MBaAFBWIvYsxuV6crJ84Eo2VuFLwPVeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYt
YjVhZTgzOWYzMGUyLzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMWFhMmUtYjgxOS00MjFjLTg0NTYtYjVhZTgzOWYzMGUy
LzEvRllpOWl6RzVYcHlzbnpnU2paVzRVdkE5VjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/kcytrt
lYoEhEwAxNa+7Whq7QVKB08ABZMEMHaNHKH5ckTyV/hyLi728WsrRU4zYRzWWqNe
beR1gnOJ2MRw/Lss06XU/77/nE2UwTitAKtiotEHtvxGG3cM2IN8rtWDcD9bBmVh
jC9b1l+7MPlOJgFskpUrbverGguhfcowJATo9iI8ePO7s1MR9zIO+sc8Y8rokTYv
KEh1cj2jS8jOMRLUaSXzKFBpwurBhvGuaZwGRa3u2fWx6gyPuhxDjU6lUYb/ev4G
UdxG1QC2WsR7tbvaPL79sUgZED3QDpO8IjaeCHIuH3mDQD0TRqbQjMgYsHQR2gpa
4x4/jqTuBk5ayw==
-----END CERTIFICATE-----