Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft
File:                     PonHvJeq8NwDF2adR1GxMaqTK40.mft (raw, json)
Hash identifier:          T/t0A90sP64dpiGMH1Gp3qEBdTm9w4TDcNF7upJjb1o=
Subject key identifier:   E9:C8:58:42:F6:FC:B0:8C:0E:41:EE:54:11:DE:B0:0E:3C:24:C4:07
Authority key identifier: 3E:89:C7:BC:97:AA:F0:DC:03:17:66:9D:47:51:B1:31:AA:93:2B:8D
Certificate issuer:       /CN=3e89c7bc97aaf0dc0317669d4751b131aa932b8d
Certificate serial:       019D37C06C379D1BCDA628EC0653B7AEE583
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PonHvJeq8NwDF2adR1GxMaqTK40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft
Manifest number:          0193
Signing time:             Sun 29 Mar 2026 04:00:50 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:50 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:50 +0000
Files and hashes:         1: PonHvJeq8NwDF2adR1GxMaqTK40.crl (hash: WeDHiG1j4wp+t5UOvXLXurRvzD9LeDyCjyVVklg934Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PonHvJeq8NwDF2adR1GxMaqTK40.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:6c:37:9d:1b:cd:a6:28:ec:06:53:b7:ae:e5:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3e89c7bc97aaf0dc0317669d4751b131aa932b8d
        Validity
            Not Before: Mar 29 04:00:50 2026 GMT
            Not After : Mar 30 04:00:50 2026 GMT
        Subject: CN=e9c85842f6fcb08c0e41ee5411deb00e3c24c407
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:61:2c:3f:5e:ba:46:51:3e:3a:37:17:2c:20:
                    5d:73:c5:a2:18:52:16:5e:71:29:44:98:44:93:31:
                    4f:e2:11:21:27:de:ad:a2:57:07:84:5a:63:82:2b:
                    5a:6c:69:70:32:ec:e9:cc:10:79:47:8f:c2:5b:97:
                    8f:3a:fc:37:d1:ae:a4:37:0a:fc:0f:fb:fe:f8:a9:
                    1e:0e:ea:e3:b4:58:d0:b9:56:93:de:2b:64:81:09:
                    19:48:2b:5c:87:df:7c:ab:33:50:e9:5c:59:c3:b1:
                    01:13:c4:25:16:c2:bd:d9:9d:39:57:d5:59:8b:d8:
                    7e:75:4f:f2:db:1d:ca:78:9f:08:1b:05:0d:b2:d2:
                    64:51:b4:78:8a:98:9d:c3:65:7c:42:b2:73:02:1b:
                    99:5e:f5:c4:10:07:a8:d1:dd:27:b6:45:95:19:02:
                    31:d0:9a:eb:85:10:84:1e:08:69:14:b4:17:18:4f:
                    5d:5e:3c:83:48:55:b1:c2:84:e8:b0:93:1a:be:b1:
                    3d:6c:74:cf:fb:68:5a:9d:a7:7e:70:af:74:af:b0:
                    52:0a:c9:7f:9b:f8:d5:5a:cd:03:3d:30:ae:de:ab:
                    55:4c:4d:16:a3:78:3b:46:a5:e8:26:29:72:62:8b:
                    39:7c:60:f5:a1:44:a0:62:ea:f1:11:73:b1:83:93:
                    b1:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:C8:58:42:F6:FC:B0:8C:0E:41:EE:54:11:DE:B0:0E:3C:24:C4:07
            X509v3 Authority Key Identifier:
                keyid:3E:89:C7:BC:97:AA:F0:DC:03:17:66:9D:47:51:B1:31:AA:93:2B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PonHvJeq8NwDF2adR1GxMaqTK40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/468e13-a3dc-4c7e-9eb3-832651e60c3b/1/PonHvJeq8NwDF2adR1GxMaqTK40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:15:d8:16:57:70:07:00:30:d9:e5:2b:cd:68:bf:34:e4:c0:
         38:1a:82:e5:de:ef:be:88:89:00:ca:85:76:25:34:23:81:b4:
         7a:c2:33:82:9b:68:a2:0a:e9:c9:ff:5d:0b:57:26:ef:5c:be:
         d6:c3:1d:bb:e1:88:88:93:d5:56:b4:fd:ef:ff:f4:98:be:87:
         73:dd:b1:5b:42:d6:d4:51:56:2c:79:f0:31:d9:7f:5d:78:f7:
         f9:14:75:85:73:d9:b5:6d:d3:b0:a2:23:2e:58:a9:45:a9:2d:
         b9:af:8d:43:d1:7e:59:db:e0:d0:6c:28:5d:97:29:b1:12:8d:
         cc:66:fb:09:77:49:e9:f0:3d:f4:06:b5:f2:b3:f0:44:31:3c:
         87:47:22:14:14:28:48:50:89:2d:03:fc:e6:66:94:a7:73:8e:
         76:54:be:73:9d:48:aa:30:4b:b3:1c:5e:9c:f6:bb:2a:b3:99:
         59:96:65:83:d7:cf:bf:d7:18:f2:ad:d7:b5:d8:c8:f6:c2:fb:
         02:6d:a8:8e:15:fc:ae:8f:c4:09:a2:e6:fc:51:77:07:b2:17:
         8e:a0:09:39:5c:7f:4b:4d:f0:f0:58:47:5e:d9:b3:0c:af:b9:
         23:68:91:c8:63:7b:ab:5e:5c:f2:62:60:c4:b5:08:49:6e:6b:
         0b:a1:71:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wGw3nRvNpijsBlO3ruWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlODljN2JjOTdhYWYwZGMwMzE3NjY5ZDQ3NTFiMTMxYWE5
MzJiOGQwHhcNMjYwMzI5MDQwMDUwWhcNMjYwMzMwMDQwMDUwWjAzMTEwLwYDVQQD
EyhlOWM4NTg0MmY2ZmNiMDhjMGU0MWVlNTQxMWRlYjAwZTNjMjRjNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GEsP166RlE+OjcXLCBdc8WiGFIW
XnEpRJhEkzFP4hEhJ96tolcHhFpjgitabGlwMuzpzBB5R4/CW5ePOvw30a6kNwr8
D/v++KkeDurjtFjQuVaT3itkgQkZSCtch998qzNQ6VxZw7EBE8QlFsK92Z05V9VZ
i9h+dU/y2x3KeJ8IGwUNstJkUbR4ipidw2V8QrJzAhuZXvXEEAeo0d0ntkWVGQIx
0JrrhRCEHghpFLQXGE9dXjyDSFWxwoTosJMavrE9bHTP+2hanad+cK90r7BSCsl/
m/jVWs0DPTCu3qtVTE0Wo3g7RqXoJilyYos5fGD1oUSgYurxEXOxg5OxLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnIWEL2/LCMDkHuVBHesA48JMQHMB8GA1UdIwQY
MBaAFD6Jx7yXqvDcAxdmnUdRsTGqkyuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG9uSHZKZXE4TndERjJhZFIxR3hNYXFUSzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80NjhlMTMtYTNkYy00YzdlLTllYjMt
ODMyNjUxZTYwYzNiLzEvUG9uSHZKZXE4TndERjJhZFIxR3hNYXFUSzQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80NjhlMTMtYTNkYy00YzdlLTllYjMtODMyNjUxZTYwYzNi
LzEvUG9uSHZKZXE4TndERjJhZFIxR3hNYXFUSzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxXYFldw
BwAw2eUrzWi/NOTAOBqC5d7vvoiJAMqFdiU0I4G0esIzgptoogrpyf9dC1cm71y+
1sMdu+GIiJPVVrT97//0mL6Hc92xW0LW1FFWLHnwMdl/XXj3+RR1hXPZtW3TsKIj
LlipRaktua+NQ9F+Wdvg0GwoXZcpsRKNzGb7CXdJ6fA99Aa18rPwRDE8h0ciFBQo
SFCJLQP85maUp3OOdlS+c51IqjBLsxxenPa7KrOZWZZlg9fPv9cY8q3XtdjI9sL7
Am2ojhX8ro/ECaLm/FF3B7IXjqAJOVx/S03w8FhHXtmzDK+5I2iRyGN7q15c8mJg
xLUISW5rC6FxPA==
-----END CERTIFICATE-----