Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
File:                     Z8QeB5653PX62eXUjdzjlpd7eXc.mft (raw, json)
Hash identifier:          dw6rgdMeHimrmrxYvEP4gN1Eg2otrv87M1anCXhnVag=
Subject key identifier:   95:B9:E2:39:D0:9E:A7:54:45:21:A3:8F:85:58:0D:FE:44:4B:14:D9
Authority key identifier: 67:C4:1E:07:9E:B9:DC:F5:FA:D9:E5:D4:8D:DC:E3:96:97:7B:79:77
Certificate issuer:       /CN=67c41e079eb9dcf5fad9e5d48ddce396977b7977
Certificate serial:       019D3A5373A5787EDD93FB4ED955B2B081FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 16:00:40 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:40 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:40 +0000
Files and hashes:         1: Z8QeB5653PX62eXUjdzjlpd7eXc.crl (hash: YxkIo2F8UqOr3FWJ0zu3B1QRXIRMA0z0GINvei4YzMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:73:a5:78:7e:dd:93:fb:4e:d9:55:b2:b0:81:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67c41e079eb9dcf5fad9e5d48ddce396977b7977
        Validity
            Not Before: Mar 29 16:00:40 2026 GMT
            Not After : Mar 30 16:00:40 2026 GMT
        Subject: CN=95b9e239d09ea7544521a38f85580dfe444b14d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:13:ed:cb:7f:f6:08:6c:a3:27:c9:6a:cb:42:
                    c2:fd:40:dc:5a:04:86:24:f1:76:86:c9:e6:8a:42:
                    d0:c0:fd:dc:8e:1d:30:cc:4d:8a:81:60:fa:a3:b1:
                    b3:f2:70:05:28:88:57:52:6a:7b:1a:1a:ef:e1:f4:
                    75:da:e3:f6:3f:50:9f:92:fa:73:63:50:1c:47:6e:
                    e4:cf:a4:85:7c:7c:f3:81:e8:e3:f6:af:7e:8d:5c:
                    ab:11:b5:7b:a0:1f:ae:6e:6c:46:ef:b9:e2:7d:1e:
                    47:f9:60:61:9d:51:ca:14:a4:1b:e9:ab:2d:88:4d:
                    59:56:6f:83:04:e6:19:08:af:4e:13:61:b5:a3:20:
                    40:ef:ae:24:aa:04:b7:0e:f1:24:46:84:e4:60:8a:
                    c8:8d:99:38:07:b4:4d:ac:cd:8a:0a:af:99:77:31:
                    18:ec:8c:d0:ec:91:1a:55:ea:e9:7f:63:c2:cb:13:
                    22:70:35:11:d6:92:99:94:db:af:4e:9c:4f:b7:eb:
                    7b:04:05:41:29:77:79:df:00:94:12:1f:a2:87:98:
                    d8:e1:d2:52:84:82:87:1b:25:36:7a:98:d2:6f:a1:
                    d9:0c:a8:88:ca:54:81:6e:a9:e8:c8:3c:60:90:c2:
                    cb:ea:80:34:e2:01:b4:db:8f:b9:0b:4b:33:a6:62:
                    41:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:B9:E2:39:D0:9E:A7:54:45:21:A3:8F:85:58:0D:FE:44:4B:14:D9
            X509v3 Authority Key Identifier:
                keyid:67:C4:1E:07:9E:B9:DC:F5:FA:D9:E5:D4:8D:DC:E3:96:97:7B:79:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8QeB5653PX62eXUjdzjlpd7eXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/0619db-ed8e-443d-94d8-d64314da0bb9/1/Z8QeB5653PX62eXUjdzjlpd7eXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:8b:54:df:06:27:8d:1a:cc:94:18:de:5a:5a:50:91:88:27:
         ed:73:05:fe:84:0f:0c:2a:b5:4a:bd:93:95:8d:73:f4:ea:1e:
         42:12:6f:37:0f:d7:df:f1:1c:57:e0:ee:40:38:03:bc:6e:a8:
         6e:69:9f:28:32:64:4c:c7:b5:f3:68:7b:1e:af:55:00:46:f3:
         12:0f:12:7c:26:9a:1d:84:0c:40:c8:ae:d5:76:76:6b:a4:d0:
         f3:31:bd:90:2e:87:15:11:fa:b8:b5:2b:f8:cf:96:9e:61:18:
         eb:37:8e:d6:bd:4c:8a:1e:c1:1c:fe:b0:95:97:eb:fb:1a:d2:
         48:a3:5d:e3:ce:88:e4:8c:8b:2a:78:77:d0:f5:91:2a:5e:5c:
         c5:5e:7f:fe:8a:67:1b:ff:84:13:3a:ed:58:0e:d7:b3:48:c6:
         b5:68:3c:e5:b2:8c:60:f0:c2:df:5e:1a:53:cf:20:4c:da:f5:
         81:71:35:d9:9e:e0:18:b1:77:2c:6c:c2:49:b9:15:6d:5b:66:
         8c:08:37:96:73:fc:b7:81:23:11:38:bf:fb:1e:e8:04:9a:67:
         f6:d4:2e:95:5c:dd:40:f2:9c:e1:5a:dc:c0:39:a2:4b:4b:81:
         82:ac:a2:7b:af:d8:09:57:3e:67:a3:63:0f:e6:a6:70:58:56:
         ea:cc:37:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U3OleH7dk/tO2VWysIH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzQxZTA3OWViOWRjZjVmYWQ5ZTVkNDhkZGNlMzk2OTc3
Yjc5NzcwHhcNMjYwMzI5MTYwMDQwWhcNMjYwMzMwMTYwMDQwWjAzMTEwLwYDVQQD
Eyg5NWI5ZTIzOWQwOWVhNzU0NDUyMWEzOGY4NTU4MGRmZTQ0NGIxNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxPty3/2CGyjJ8lqy0LC/UDcWgSG
JPF2hsnmikLQwP3cjh0wzE2KgWD6o7Gz8nAFKIhXUmp7Ghrv4fR12uP2P1Cfkvpz
Y1AcR27kz6SFfHzzgejj9q9+jVyrEbV7oB+ubmxG77nifR5H+WBhnVHKFKQb6ast
iE1ZVm+DBOYZCK9OE2G1oyBA764kqgS3DvEkRoTkYIrIjZk4B7RNrM2KCq+ZdzEY
7IzQ7JEaVerpf2PCyxMicDUR1pKZlNuvTpxPt+t7BAVBKXd53wCUEh+ih5jY4dJS
hIKHGyU2epjSb6HZDKiIylSBbqnoyDxgkMLL6oA04gG024+5C0szpmJBOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJW54jnQnqdURSGjj4VYDf5ESxTZMB8GA1UdIwQY
MBaAFGfEHgeeudz1+tnl1I3c45aXe3l3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNjE5ZGItZWQ4ZS00NDNkLTk0ZDgt
ZDY0MzE0ZGEwYmI5LzEvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNjE5ZGItZWQ4ZS00NDNkLTk0ZDgtZDY0MzE0ZGEwYmI5
LzEvWjhRZUI1NjUzUFg2MmVYVWpkempscGQ3ZVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjYtU3wYn
jRrMlBjeWlpQkYgn7XMF/oQPDCq1Sr2TlY1z9OoeQhJvNw/X3/EcV+DuQDgDvG6o
bmmfKDJkTMe182h7Hq9VAEbzEg8SfCaaHYQMQMiu1XZ2a6TQ8zG9kC6HFRH6uLUr
+M+WnmEY6zeO1r1Mih7BHP6wlZfr+xrSSKNd486I5IyLKnh30PWRKl5cxV5//opn
G/+EEzrtWA7Xs0jGtWg85bKMYPDC314aU88gTNr1gXE12Z7gGLF3LGzCSbkVbVtm
jAg3lnP8t4EjETi/+x7oBJpn9tQulVzdQPKc4VrcwDmiS0uBgqyie6/YCVc+Z6Nj
D+amcFhW6sw3nA==
-----END CERTIFICATE-----