Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
File:                     GNo6QLEX-yVyzPekwnLS7GklKRw.mft (raw, json)
Hash identifier:          Jdk8dHsWp+bRu2PUAQXzfoYoKGDlMuSlJKhi/f6gjUQ=
Subject key identifier:   C3:B4:08:31:6D:86:93:6F:51:A6:10:45:36:85:6D:FE:E2:DE:F7:E8
Authority key identifier: 18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C
Certificate issuer:       /CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
Certificate serial:       019D37F6E0C13A57ACD6674BB4E87B941705
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 05:00:19 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:19 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:19 +0000
Files and hashes:         1: GNo6QLEX-yVyzPekwnLS7GklKRw.crl (hash: nANd7bb6R1cDheGL7siQk9iA03lY647BQcCX5idNG78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f6:e0:c1:3a:57:ac:d6:67:4b:b4:e8:7b:94:17:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
        Validity
            Not Before: Mar 29 05:00:19 2026 GMT
            Not After : Mar 30 05:00:19 2026 GMT
        Subject: CN=c3b408316d86936f51a6104536856dfee2def7e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5e:44:2d:93:66:50:7e:ef:cb:2e:79:b9:bf:
                    a1:15:0c:45:fa:d5:3a:b8:62:51:dd:72:7a:fc:c1:
                    b0:4d:1a:22:b0:b5:ce:3a:b2:d9:14:d0:0b:e3:d5:
                    4a:94:31:da:80:f7:d2:43:f5:7c:fb:49:31:b0:2f:
                    66:24:67:73:a0:d6:b9:fc:a2:32:fb:1e:cd:09:c6:
                    dc:01:06:59:2a:17:da:91:3c:1d:4d:ad:24:78:83:
                    6c:25:f3:89:a1:ae:6e:ce:11:5a:67:26:0e:7b:cc:
                    e4:be:c6:01:c9:de:a9:00:d7:a4:9e:b2:9a:e0:36:
                    c2:c2:08:e2:72:f3:78:fa:b3:67:46:2b:1a:42:df:
                    30:c2:1e:ca:32:02:24:df:e0:be:ea:a1:8d:4e:d9:
                    9b:3e:11:80:ae:de:46:bd:1f:11:e9:4a:d8:1f:8f:
                    07:d5:dd:f9:3e:b4:f9:9e:7f:07:ea:d6:90:f1:8a:
                    5b:d1:e4:cf:b9:3b:34:d7:d8:02:ae:ac:5f:25:6d:
                    55:12:ec:84:f6:91:80:1c:d3:63:c4:4f:e5:6b:c5:
                    dd:2a:4c:d6:ac:ae:75:66:1c:cc:d6:0f:af:52:7f:
                    98:8d:6e:6d:88:a2:90:b0:0f:38:e7:32:96:1c:4a:
                    ef:ad:62:37:56:8c:23:80:eb:0f:0a:a8:ac:56:cd:
                    1b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B4:08:31:6D:86:93:6F:51:A6:10:45:36:85:6D:FE:E2:DE:F7:E8
            X509v3 Authority Key Identifier:
                keyid:18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:3f:c4:4d:31:a5:b8:8b:02:db:e2:fd:95:fb:8a:e1:a8:4f:
         cd:dc:ee:b4:cb:3d:2c:cb:1a:1a:bb:cf:0b:17:94:83:ea:a1:
         d6:28:f2:b7:19:4a:dc:76:5b:0a:d3:5c:c0:43:26:4f:f1:ad:
         04:a3:ea:85:0d:3d:51:ea:67:14:f6:21:18:37:11:5f:6c:5d:
         9b:2b:e6:76:54:6b:14:2d:7d:a2:64:da:f6:09:ee:9f:0f:91:
         9b:dc:22:f8:47:29:c1:b5:26:93:8b:ad:38:7c:6c:9c:7a:36:
         8f:04:d7:75:56:aa:86:8c:85:83:62:8d:d8:af:38:04:ef:ab:
         fd:78:7a:ef:98:57:98:c5:18:b7:03:76:f8:92:72:36:a1:18:
         58:d3:a6:8f:cf:87:e4:4b:a1:12:fe:b1:17:37:fa:bf:e2:14:
         f6:40:ad:f4:d1:ab:7b:f2:9e:bf:06:76:f7:bb:fc:2f:7c:ff:
         73:39:9c:52:81:ec:4e:41:9f:77:8c:a5:33:c5:f5:0b:eb:33:
         f5:60:af:41:28:b2:79:1f:a7:f9:c7:30:ef:ba:f5:62:e0:7f:
         a4:0a:af:9c:7f:20:0c:8e:13:a1:98:39:54:18:d8:7e:ba:41:
         4b:c2:be:d1:92:e1:5b:fe:fa:9e:8b:1e:3a:50:b8:0b:04:87:
         10:8a:6a:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039uDBOles1mdLtOh7lBcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGEzYTQwYjExN2ZiMjU3MmNjZjdhNGMyNzJkMmVjNjky
NTI5MWMwHhcNMjYwMzI5MDUwMDE5WhcNMjYwMzMwMDUwMDE5WjAzMTEwLwYDVQQD
EyhjM2I0MDgzMTZkODY5MzZmNTFhNjEwNDUzNjg1NmRmZWUyZGVmN2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5ELZNmUH7vyy55ub+hFQxF+tU6
uGJR3XJ6/MGwTRoisLXOOrLZFNAL49VKlDHagPfSQ/V8+0kxsC9mJGdzoNa5/KIy
+x7NCcbcAQZZKhfakTwdTa0keINsJfOJoa5uzhFaZyYOe8zkvsYByd6pANeknrKa
4DbCwgjicvN4+rNnRisaQt8wwh7KMgIk3+C+6qGNTtmbPhGArt5GvR8R6UrYH48H
1d35PrT5nn8H6taQ8Ypb0eTPuTs019gCrqxfJW1VEuyE9pGAHNNjxE/la8XdKkzW
rK51ZhzM1g+vUn+YjW5tiKKQsA845zKWHErvrWI3VowjgOsPCqisVs0bqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMO0CDFthpNvUaYQRTaFbf7i3vfoMB8GA1UdIwQY
MBaAFBjaOkCxF/slcsz3pMJy0uxpJSkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUt
Njk4ZDkxMmI3MzQ2LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUtNjk4ZDkxMmI3MzQ2
LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHj/ETTGl
uIsC2+L9lfuK4ahPzdzutMs9LMsaGrvPCxeUg+qh1ijytxlK3HZbCtNcwEMmT/Gt
BKPqhQ09UepnFPYhGDcRX2xdmyvmdlRrFC19omTa9gnunw+Rm9wi+EcpwbUmk4ut
OHxsnHo2jwTXdVaqhoyFg2KN2K84BO+r/Xh675hXmMUYtwN2+JJyNqEYWNOmj8+H
5EuhEv6xFzf6v+IU9kCt9NGre/KevwZ297v8L3z/czmcUoHsTkGfd4ylM8X1C+sz
9WCvQSiyeR+n+ccw77r1YuB/pAqvnH8gDI4ToZg5VBjYfrpBS8K+0ZLhW/76nose
OlC4CwSHEIpqRg==
-----END CERTIFICATE-----