Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
File:                     GD41veDiUEYFoX1O0FVDfo00ql8.mft (raw, json)
Hash identifier:          OhmQ1A99B0PHlmENh7FJycQnTIcSjqnBA/mhWtBWazA=
Subject key identifier:   3A:66:8E:A7:0A:86:E6:8D:E3:12:EB:2B:D9:6B:64:0B:0B:2D:7F:AB
Authority key identifier: 18:3E:35:BD:E0:E2:50:46:05:A1:7D:4E:D0:55:43:7E:8D:34:AA:5F
Certificate issuer:       /CN=183e35bde0e2504605a17d4ed055437e8d34aa5f
Certificate serial:       019D371BC2667A245A07FECA2ADB9D422A79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 01:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:59 +0000
Files and hashes:         1: GD41veDiUEYFoX1O0FVDfo00ql8.crl (hash: i7APFiP6P5Y8QevVmiTv0gB2waPqXBxyb52rRhIms4E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:c2:66:7a:24:5a:07:fe:ca:2a:db:9d:42:2a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=183e35bde0e2504605a17d4ed055437e8d34aa5f
        Validity
            Not Before: Mar 29 01:00:59 2026 GMT
            Not After : Mar 30 01:00:59 2026 GMT
        Subject: CN=3a668ea70a86e68de312eb2bd96b640b0b2d7fab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:3e:4b:ba:d0:4c:eb:c7:e1:b2:f1:eb:79:fe:
                    ce:d5:bb:96:89:4e:36:32:1a:bf:86:f6:b7:8d:9c:
                    06:33:26:a0:c8:bd:a1:e4:da:9e:db:cc:62:38:53:
                    4d:d6:fe:98:2e:51:8c:87:f4:83:86:37:8a:3a:d4:
                    86:87:55:72:89:69:c4:73:ed:e0:89:7a:aa:9c:84:
                    b2:98:36:0e:52:68:90:af:15:58:68:e5:0e:f7:df:
                    30:25:86:07:cb:1c:10:53:f6:13:0d:20:69:d6:f2:
                    4c:eb:02:fe:0a:55:04:b4:06:b0:5e:11:bd:47:3c:
                    cf:fd:99:38:b7:61:57:a1:a7:90:8a:b3:9e:c7:c7:
                    83:68:d5:d0:d0:12:fb:0a:08:63:1e:9b:c8:ce:73:
                    92:77:52:ed:30:be:39:5d:ae:4a:9d:61:9b:a2:4c:
                    f1:72:43:0b:7e:9f:07:59:1c:3e:52:88:bc:67:6b:
                    d0:df:aa:e2:34:77:59:d4:87:55:f5:3d:34:3d:61:
                    84:86:11:84:b1:05:d0:4e:4b:47:d2:1a:39:85:74:
                    8d:1d:01:4e:d2:d2:21:03:e1:66:2c:58:6d:11:07:
                    d1:94:58:ca:c9:72:9f:ce:94:14:62:89:b5:7c:89:
                    7c:e7:05:53:6f:f2:ec:e5:df:3e:14:1c:2b:74:f9:
                    12:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:66:8E:A7:0A:86:E6:8D:E3:12:EB:2B:D9:6B:64:0B:0B:2D:7F:AB
            X509v3 Authority Key Identifier:
                keyid:18:3E:35:BD:E0:E2:50:46:05:A1:7D:4E:D0:55:43:7E:8D:34:AA:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:61:94:8c:f7:cf:96:2a:07:26:33:17:83:d2:7b:f1:8e:1c:
         8e:42:b2:fc:09:0d:3c:38:8b:84:96:e7:ee:4b:45:da:19:5e:
         e9:7d:86:80:a0:63:7d:80:44:23:e4:6f:fa:a0:dc:72:1d:ca:
         dc:e4:d0:0c:ff:71:c9:45:b1:74:39:1a:7c:89:88:bb:da:a8:
         9a:eb:48:8d:d3:ec:34:c9:a3:1f:95:fe:35:44:02:8c:0c:89:
         cc:37:90:3b:d0:c6:bc:74:74:f7:44:d2:8f:3c:21:a5:0c:c6:
         e8:df:92:b3:bc:e8:f8:33:1e:0c:cd:bd:4f:21:22:78:de:32:
         a2:c8:84:bd:f8:04:3b:2d:d8:d6:68:af:02:31:4e:45:33:35:
         3e:32:d4:aa:76:a7:2c:66:4a:b6:24:f7:6f:c0:c4:e9:9a:51:
         74:a1:b9:07:c5:cc:10:70:88:f9:eb:66:96:49:d0:c1:c4:ea:
         ce:4f:6b:6c:72:37:73:a8:0b:f2:8c:c3:23:1b:a6:19:63:20:
         c5:ac:0f:6a:6a:88:22:35:de:fa:4d:74:48:b5:23:f7:64:a2:
         0d:37:1c:3e:34:91:f4:ff:a7:f3:2e:14:12:14:0e:57:51:40:
         1c:cd:4f:79:fa:2f:f2:51:51:48:18:f0:fc:cc:56:b5:df:44:
         73:a2:cb:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G8JmeiRaB/7KKtudQip5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4M2UzNWJkZTBlMjUwNDYwNWExN2Q0ZWQwNTU0MzdlOGQz
NGFhNWYwHhcNMjYwMzI5MDEwMDU5WhcNMjYwMzMwMDEwMDU5WjAzMTEwLwYDVQQD
EygzYTY2OGVhNzBhODZlNjhkZTMxMmViMmJkOTZiNjQwYjBiMmQ3ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8z5LutBM68fhsvHref7O1buWiU42
Mhq/hva3jZwGMyagyL2h5Nqe28xiOFNN1v6YLlGMh/SDhjeKOtSGh1VyiWnEc+3g
iXqqnISymDYOUmiQrxVYaOUO998wJYYHyxwQU/YTDSBp1vJM6wL+ClUEtAawXhG9
RzzP/Zk4t2FXoaeQirOex8eDaNXQ0BL7CghjHpvIznOSd1LtML45Xa5KnWGbokzx
ckMLfp8HWRw+Uoi8Z2vQ36riNHdZ1IdV9T00PWGEhhGEsQXQTktH0ho5hXSNHQFO
0tIhA+FmLFhtEQfRlFjKyXKfzpQUYom1fIl85wVTb/Ls5d8+FBwrdPkSIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpmjqcKhuaN4xLrK9lrZAsLLX+rMB8GA1UdIwQY
MBaAFBg+Nb3g4lBGBaF9TtBVQ36NNKpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80Y2I1MjQtYmFhZi00MWFmLWI4NWYt
Y2M4YzJkYjZjZjI1LzEvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80Y2I1MjQtYmFhZi00MWFmLWI4NWYtY2M4YzJkYjZjZjI1
LzEvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGGUjPfP
lioHJjMXg9J78Y4cjkKy/AkNPDiLhJbn7ktF2hle6X2GgKBjfYBEI+Rv+qDcch3K
3OTQDP9xyUWxdDkafImIu9qomutIjdPsNMmjH5X+NUQCjAyJzDeQO9DGvHR090TS
jzwhpQzG6N+Ss7zo+DMeDM29TyEieN4yosiEvfgEOy3Y1mivAjFORTM1PjLUqnan
LGZKtiT3b8DE6ZpRdKG5B8XMEHCI+etmlknQwcTqzk9rbHI3c6gL8ozDIxumGWMg
xawPamqIIjXe+k10SLUj92SiDTccPjSR9P+n8y4UEhQOV1FAHM1Pefov8lFRSBjw
/MxWtd9Ec6LLHA==
-----END CERTIFICATE-----