Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
File:                     daRvv8jeUjM5XHPeUflVO7doRgU.mft (raw, json)
Hash identifier:          KwzhB2csQyk6v6r7qkVUTEUt82P4phXe/tXIECaVuiA=
Subject key identifier:   97:9E:2C:64:DB:4D:D0:46:98:8F:61:B2:A7:48:79:97:C9:1C:EB:E7
Authority key identifier: 75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05
Certificate issuer:       /CN=75a46fbfc8de5233395c73de51f9553bb7684605
Certificate serial:       019D3865D01421F3CBEB76683823D5288C7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:29 +0000
Files and hashes:         1: daRvv8jeUjM5XHPeUflVO7doRgU.crl (hash: FwR0Q7VwtArAOM4KgoiTd71rtpNH/hq+SakMaL1Lyc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:d0:14:21:f3:cb:eb:76:68:38:23:d5:28:8c:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75a46fbfc8de5233395c73de51f9553bb7684605
        Validity
            Not Before: Mar 29 07:01:29 2026 GMT
            Not After : Mar 30 07:01:29 2026 GMT
        Subject: CN=979e2c64db4dd046988f61b2a7487997c91cebe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:ec:d3:35:03:86:67:04:b1:31:17:72:b9:14:
                    f6:27:f6:d9:62:91:1d:f4:66:a2:6c:99:ed:59:b7:
                    ed:1c:f9:e5:44:66:7d:e1:2d:3c:63:06:ef:a6:15:
                    b1:86:3f:4d:35:ed:ae:27:ba:70:75:2e:6b:e8:8f:
                    eb:ab:4d:69:6b:ab:0f:e4:2b:40:c3:45:17:82:63:
                    99:d2:bb:8b:78:5e:bd:73:3a:8d:0e:bd:e2:3c:2f:
                    ef:d8:d8:2b:9e:c9:77:3a:70:45:16:44:7a:e4:f1:
                    50:8a:1a:e6:27:ad:f9:7e:2c:a0:7c:0e:bf:03:f1:
                    0a:35:c4:9c:c7:e4:31:81:8f:b6:af:2c:00:ca:bc:
                    b4:a3:16:18:dd:a1:bf:20:97:a9:b7:05:92:08:4b:
                    72:f3:30:f6:a7:27:9f:99:78:fc:20:48:7d:55:c3:
                    d4:03:9b:71:04:97:43:97:f8:3d:9d:04:62:f1:e7:
                    63:d5:b8:f1:83:f2:10:6c:0d:b3:77:99:94:28:7c:
                    b0:c0:56:ad:91:a0:60:cd:29:b3:2b:6a:1d:b0:3a:
                    a9:87:96:52:3c:96:a9:99:74:55:3d:6d:11:d5:ba:
                    ee:6c:d3:99:e2:77:17:5f:dd:8a:7e:ea:96:38:59:
                    d8:a6:c0:ed:0a:fa:bf:7d:8a:f5:9c:2e:ea:36:4c:
                    2d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:9E:2C:64:DB:4D:D0:46:98:8F:61:B2:A7:48:79:97:C9:1C:EB:E7
            X509v3 Authority Key Identifier:
                keyid:75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:c1:ae:66:6f:92:d4:01:cd:61:1a:52:1c:40:81:19:c9:68:
         96:27:ac:20:34:b2:ca:6d:1c:29:10:eb:98:1b:3f:4c:40:39:
         ff:5d:7d:22:41:25:87:77:ac:4b:58:a0:cf:cf:85:4e:7f:e9:
         c6:22:99:9e:e5:ba:33:a1:eb:d9:21:11:93:61:30:04:68:64:
         d7:f1:41:71:c3:0f:2e:2a:be:99:ef:12:80:01:e5:2b:83:c6:
         c7:1c:8d:94:bc:d1:c5:a0:ee:b4:35:dd:e2:96:38:c9:00:df:
         2d:36:5c:f3:39:c1:fd:d9:55:ff:9b:57:24:44:4a:c7:df:1d:
         96:83:b2:13:b6:62:73:0b:cc:a7:5d:f4:d5:70:62:d5:8c:81:
         3e:38:12:d5:6a:e2:8e:0b:22:47:08:42:ba:55:c3:3e:96:7f:
         9a:41:56:44:98:b8:19:d2:a5:ca:5c:74:04:cb:d9:8d:5c:38:
         4d:60:39:81:2b:0d:ef:53:14:ff:71:c0:87:21:d8:7b:83:64:
         db:01:6c:37:0f:0b:88:4a:57:95:0e:ba:b6:82:db:ba:96:c8:
         e4:6f:d4:bf:ff:51:44:fc:9f:7f:b3:fd:e8:82:6f:80:67:1d:
         e8:f4:8f:1c:83:0d:5c:a8:98:aa:1a:2a:48:33:b3:b9:7d:3f:
         a7:b2:13:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZdAUIfPL63ZoOCPVKIx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YTQ2ZmJmYzhkZTUyMzMzOTVjNzNkZTUxZjk1NTNiYjc2
ODQ2MDUwHhcNMjYwMzI5MDcwMTI5WhcNMjYwMzMwMDcwMTI5WjAzMTEwLwYDVQQD
Eyg5NzllMmM2NGRiNGRkMDQ2OTg4ZjYxYjJhNzQ4Nzk5N2M5MWNlYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkezTNQOGZwSxMRdyuRT2J/bZYpEd
9GaibJntWbftHPnlRGZ94S08YwbvphWxhj9NNe2uJ7pwdS5r6I/rq01pa6sP5CtA
w0UXgmOZ0ruLeF69czqNDr3iPC/v2Ngrnsl3OnBFFkR65PFQihrmJ635fiygfA6/
A/EKNcScx+QxgY+2rywAyry0oxYY3aG/IJeptwWSCEty8zD2pyefmXj8IEh9VcPU
A5txBJdDl/g9nQRi8edj1bjxg/IQbA2zd5mUKHywwFatkaBgzSmzK2odsDqph5ZS
PJapmXRVPW0R1brubNOZ4ncXX92KfuqWOFnYpsDtCvq/fYr1nC7qNkwtjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJeeLGTbTdBGmI9hsqdIeZfJHOvnMB8GA1UdIwQY
MBaAFHWkb7/I3lIzOVxz3lH5VTu3aEYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEt
OGM3YzU0ZjNjNWIwLzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEtOGM3YzU0ZjNjNWIw
LzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPcGuZm+S
1AHNYRpSHECBGcloliesIDSyym0cKRDrmBs/TEA5/119IkElh3esS1igz8+FTn/p
xiKZnuW6M6Hr2SERk2EwBGhk1/FBccMPLiq+me8SgAHlK4PGxxyNlLzRxaDutDXd
4pY4yQDfLTZc8znB/dlV/5tXJERKx98dloOyE7ZicwvMp1301XBi1YyBPjgS1Wri
jgsiRwhCulXDPpZ/mkFWRJi4GdKlylx0BMvZjVw4TWA5gSsN71MU/3HAhyHYe4Nk
2wFsNw8LiEpXlQ66toLbupbI5G/Uv/9RRPyff7P96IJvgGcd6PSPHIMNXKiYqhoq
SDOzuX0/p7ITsQ==
-----END CERTIFICATE-----