Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
File:                     PNQrfxakRkXr2PObog8ZBxOxs7w.mft (raw, json)
Hash identifier:          MC1BWyJjmdRwFUHA+smgmh3DhEJLIZVTzbc3ahGcyjM=
Subject key identifier:   7C:5F:04:3C:B6:5B:56:ED:28:8A:1C:34:80:69:A9:7B:2D:BE:04:78
Authority key identifier: 3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC
Certificate issuer:       /CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
Certificate serial:       019D38666F8645ADC348B8E93ACFF94B2FED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:02:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:10 +0000
Files and hashes:         1: PNQrfxakRkXr2PObog8ZBxOxs7w.crl (hash: BvVfodgM0EtlwfgVaRgestqBVsyJwinLQwPU98nxr/M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:6f:86:45:ad:c3:48:b8:e9:3a:cf:f9:4b:2f:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd42b7f16a44645ebd8f39ba20f190713b1b3bc
        Validity
            Not Before: Mar 29 07:02:10 2026 GMT
            Not After : Mar 30 07:02:10 2026 GMT
        Subject: CN=7c5f043cb65b56ed288a1c348069a97b2dbe0478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:cb:4a:fa:89:d5:4c:db:14:d4:19:53:00:a4:
                    b1:81:34:2c:70:3c:c1:72:61:de:9d:6b:00:cb:d2:
                    d8:f7:6a:8f:9d:f6:c9:0c:0d:f4:92:30:6e:c0:08:
                    cf:a8:98:2a:42:bc:8c:71:95:34:20:8c:6f:b1:bd:
                    d2:96:62:e0:72:4c:52:98:73:8f:a1:92:e2:d7:c9:
                    68:4c:22:1c:bd:bb:b7:60:fa:c5:89:32:1d:fa:78:
                    6a:2e:15:4e:e0:4b:7f:e1:c8:62:d7:d4:d0:85:b6:
                    80:6e:f3:dc:40:1c:f0:06:12:d6:a3:1e:0d:99:ff:
                    3f:3b:5f:41:eb:03:05:51:38:a7:93:96:13:34:57:
                    db:a1:70:d4:32:e4:12:39:be:ca:dd:8d:19:1e:0b:
                    34:5c:e2:2c:6b:92:85:12:0e:e8:35:c0:0e:7f:41:
                    95:45:7a:13:2a:94:1e:7e:9b:40:5f:bc:9c:e9:4f:
                    46:e4:90:da:56:0f:d6:dc:3d:c2:27:5c:eb:5e:54:
                    cd:5e:e7:b9:30:9d:5d:d5:ad:c6:45:25:c3:0b:af:
                    5a:9f:00:8e:3b:04:a9:e6:06:f0:c8:17:3a:61:08:
                    ef:9e:13:6b:1d:10:88:63:4e:8e:98:60:35:6d:84:
                    29:a5:c4:04:0f:ef:8b:e2:f3:d8:29:64:ba:48:5a:
                    37:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:5F:04:3C:B6:5B:56:ED:28:8A:1C:34:80:69:A9:7B:2D:BE:04:78
            X509v3 Authority Key Identifier:
                keyid:3C:D4:2B:7F:16:A4:46:45:EB:D8:F3:9B:A2:0F:19:07:13:B1:B3:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNQrfxakRkXr2PObog8ZBxOxs7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2acb71-3c3b-4a66-9700-cd2726114846/1/PNQrfxakRkXr2PObog8ZBxOxs7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:2d:64:a9:bd:77:a2:19:43:c3:2c:1a:4b:de:33:28:ef:30:
         b2:6c:6c:bc:2a:69:88:ea:a0:af:07:5b:df:36:8e:80:64:c4:
         6d:8a:62:c0:e7:64:bd:1b:a7:d8:55:73:a1:ef:2a:96:c0:c0:
         a2:1a:9d:40:11:77:e1:17:ff:c6:5b:c6:56:4a:b6:98:8a:54:
         bd:c1:64:ab:1a:33:4a:30:dc:28:6f:03:8a:7b:c6:99:26:3d:
         a2:42:1d:8d:79:22:c0:cd:c7:7a:59:49:29:53:94:55:48:f7:
         27:90:68:24:f1:f9:f9:6b:69:ac:91:38:3e:d9:bf:2a:3c:e4:
         c2:bc:90:86:cd:d2:3b:b3:c0:64:fc:ba:8d:fb:c6:1f:f0:88:
         3f:0b:f4:50:ae:d4:ea:1a:c6:4f:ff:2e:29:6e:21:fd:72:05:
         ea:ac:a5:c7:a0:9e:90:47:41:5e:39:fd:b8:be:6f:a0:28:34:
         84:60:2e:e5:9e:57:62:89:3d:68:74:1b:29:46:98:42:97:d0:
         cc:65:ee:17:21:8d:b0:59:59:69:9d:77:67:1a:94:e0:00:c2:
         2a:ef:59:d4:5d:f4:74:a4:0d:9f:db:6e:8e:f7:e3:9c:89:8a:
         e8:98:3c:cd:9a:58:96:8f:45:c3:c6:6a:7e:15:11:f7:83:03:
         86:ac:e1:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zm+GRa3DSLjpOs/5Sy/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDQyYjdmMTZhNDQ2NDVlYmQ4ZjM5YmEyMGYxOTA3MTNi
MWIzYmMwHhcNMjYwMzI5MDcwMjEwWhcNMjYwMzMwMDcwMjEwWjAzMTEwLwYDVQQD
Eyg3YzVmMDQzY2I2NWI1NmVkMjg4YTFjMzQ4MDY5YTk3YjJkYmUwNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgctK+onVTNsU1BlTAKSxgTQscDzB
cmHenWsAy9LY92qPnfbJDA30kjBuwAjPqJgqQryMcZU0IIxvsb3SlmLgckxSmHOP
oZLi18loTCIcvbu3YPrFiTId+nhqLhVO4Et/4chi19TQhbaAbvPcQBzwBhLWox4N
mf8/O19B6wMFUTink5YTNFfboXDUMuQSOb7K3Y0ZHgs0XOIsa5KFEg7oNcAOf0GV
RXoTKpQefptAX7yc6U9G5JDaVg/W3D3CJ1zrXlTNXue5MJ1d1a3GRSXDC69anwCO
OwSp5gbwyBc6YQjvnhNrHRCIY06OmGA1bYQppcQED++L4vPYKWS6SFo3CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxfBDy2W1btKIocNIBpqXstvgR4MB8GA1UdIwQY
MBaAFDzUK38WpEZF69jzm6IPGQcTsbO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAt
Y2QyNzI2MTE0ODQ2LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yYWNiNzEtM2MzYi00YTY2LTk3MDAtY2QyNzI2MTE0ODQ2
LzEvUE5RcmZ4YWtSa1hyMlBPYm9nOFpCeE94czd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAii1kqb13
ohlDwywaS94zKO8wsmxsvCppiOqgrwdb3zaOgGTEbYpiwOdkvRun2FVzoe8qlsDA
ohqdQBF34Rf/xlvGVkq2mIpUvcFkqxozSjDcKG8DinvGmSY9okIdjXkiwM3HellJ
KVOUVUj3J5BoJPH5+WtprJE4Ptm/KjzkwryQhs3SO7PAZPy6jfvGH/CIPwv0UK7U
6hrGT/8uKW4h/XIF6qylx6CekEdBXjn9uL5voCg0hGAu5Z5XYok9aHQbKUaYQpfQ
zGXuFyGNsFlZaZ13ZxqU4ADCKu9Z1F30dKQNn9tujvfjnImK6Jg8zZpYlo9Fw8Zq
fhUR94MDhqzhzw==
-----END CERTIFICATE-----