Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          pjrJw07I6HHvcgowh7TDZ/qyQWijcSScrX7ezziERq0=
Subject key identifier:   7A:20:6E:B2:85:3B:1E:8D:0D:FA:09:64:71:2E:CD:90:F4:31:B0:52
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       019D386620FB3FFE9E2949C509572B2D1D1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:50 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:50 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:50 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: 1eA5GJh8xmiQdNjkHXyeb6mICZYJpvHshra7J+EpksQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:20:fb:3f:fe:9e:29:49:c5:09:57:2b:2d:1d:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Mar 29 07:01:50 2026 GMT
            Not After : Mar 30 07:01:50 2026 GMT
        Subject: CN=7a206eb2853b1e8d0dfa0964712ecd90f431b052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:77:33:f0:3c:41:9e:2a:ff:af:e7:78:50:eb:
                    01:01:78:ca:d9:e7:7f:f1:c1:75:1e:c4:ba:65:64:
                    43:a8:56:9a:af:cf:83:e2:e0:c4:8f:72:7d:56:bd:
                    db:c9:d1:fc:43:5c:0d:fd:cf:f5:3f:6f:dd:66:4e:
                    cf:0f:23:31:2a:4b:1e:32:62:de:c7:36:5d:94:28:
                    ac:4c:60:96:7f:b3:29:ad:fd:1b:40:62:e6:61:d8:
                    7e:4a:ec:5e:dc:0b:c7:23:a2:d7:28:2d:53:0b:9d:
                    f2:ed:d8:65:4a:ba:2d:c6:5b:ec:8e:83:d2:cd:28:
                    38:32:8f:e8:dd:a4:dc:87:10:55:1a:3d:ef:94:61:
                    07:e2:72:fd:36:24:53:a9:fb:c3:2f:08:03:33:ab:
                    ef:f9:2c:5d:85:3b:69:7d:55:df:8c:2b:3a:80:44:
                    eb:9d:70:70:8d:50:91:f0:25:aa:94:36:f4:9d:b6:
                    cd:36:b7:15:79:53:c0:3a:7c:6d:f9:af:8e:f9:86:
                    ce:c1:5f:71:fb:3c:99:8a:92:72:38:ae:5b:9b:02:
                    66:7b:68:ba:4a:3e:0b:df:83:cf:c8:81:f8:e3:69:
                    47:ec:50:3a:ab:7a:bb:98:c3:11:6a:0b:a8:33:bc:
                    3a:e5:01:a9:ca:ee:44:53:3b:59:b0:0d:ee:8a:ac:
                    ea:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:20:6E:B2:85:3B:1E:8D:0D:FA:09:64:71:2E:CD:90:F4:31:B0:52
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:f8:0e:3d:d7:bc:47:cf:90:2d:7b:73:f9:c2:7a:e1:dd:db:
         1f:30:fa:94:72:20:c6:c2:f1:22:e0:9b:7f:81:1a:84:ec:7e:
         9b:9d:0a:dc:12:71:c1:6b:66:72:bc:7b:9a:94:9f:5a:fc:08:
         7e:68:44:81:42:89:28:12:31:63:94:a5:d1:fa:ad:cd:f0:74:
         ee:5d:54:cd:a4:26:0a:86:02:63:79:19:42:3b:57:53:f7:3b:
         72:7c:d1:57:05:4b:df:e7:87:11:8c:0c:82:05:36:9c:7b:b6:
         0e:59:0b:08:91:49:14:c5:ad:3a:fc:6b:a9:bc:f6:a3:25:8f:
         f6:e9:c4:b5:da:07:88:14:20:5a:b5:ae:2c:91:45:18:61:d7:
         17:c8:34:bc:21:fe:ac:cb:db:35:97:a0:48:d1:04:39:17:9c:
         96:6b:10:c7:63:1c:c0:ab:ab:c5:8e:09:61:0e:d9:ce:d5:9e:
         4a:73:a5:63:44:86:a4:c5:39:91:5f:87:41:86:6f:4b:47:54:
         81:8e:86:f9:09:fd:06:52:72:6c:d1:ee:e4:82:28:0c:28:71:
         0b:01:a6:e7:df:df:d2:90:05:49:40:90:1f:cb:ff:b1:05:cb:
         52:be:33:53:8c:9e:cd:2a:dc:42:63:08:a8:54:62:89:a5:d5:
         e9:72:b5:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZiD7P/6eKUnFCVcrLR0dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjYwMzI5MDcwMTUwWhcNMjYwMzMwMDcwMTUwWjAzMTEwLwYDVQQD
Eyg3YTIwNmViMjg1M2IxZThkMGRmYTA5NjQ3MTJlY2Q5MGY0MzFiMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXcz8DxBnir/r+d4UOsBAXjK2ed/
8cF1HsS6ZWRDqFaar8+D4uDEj3J9Vr3bydH8Q1wN/c/1P2/dZk7PDyMxKkseMmLe
xzZdlCisTGCWf7Mprf0bQGLmYdh+Suxe3AvHI6LXKC1TC53y7dhlSrotxlvsjoPS
zSg4Mo/o3aTchxBVGj3vlGEH4nL9NiRTqfvDLwgDM6vv+SxdhTtpfVXfjCs6gETr
nXBwjVCR8CWqlDb0nbbNNrcVeVPAOnxt+a+O+YbOwV9x+zyZipJyOK5bmwJme2i6
Sj4L34PPyIH442lH7FA6q3q7mMMRaguoM7w65QGpyu5EUztZsA3uiqzq7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHogbrKFOx6NDfoJZHEuzZD0MbBSMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJfgOPde8
R8+QLXtz+cJ64d3bHzD6lHIgxsLxIuCbf4EahOx+m50K3BJxwWtmcrx7mpSfWvwI
fmhEgUKJKBIxY5Sl0fqtzfB07l1UzaQmCoYCY3kZQjtXU/c7cnzRVwVL3+eHEYwM
ggU2nHu2DlkLCJFJFMWtOvxrqbz2oyWP9unEtdoHiBQgWrWuLJFFGGHXF8g0vCH+
rMvbNZegSNEEOReclmsQx2McwKurxY4JYQ7ZztWeSnOlY0SGpMU5kV+HQYZvS0dU
gY6G+Qn9BlJybNHu5IIoDChxCwGm59/f0pAFSUCQH8v/sQXLUr4zU4yezSrcQmMI
qFRiiaXV6XK1hg==
-----END CERTIFICATE-----