Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          iUFnwE4VMZRLV6epmnMKTHXVKbCup1dkYLAeW7KWS2s=
Subject key identifier:   3F:99:81:34:9B:CA:11:6A:81:F5:F0:64:AA:E3:07:0B:BD:9F:D1:23
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       019D390A10612133B4E5ACDC7758CBBDD092
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 10:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:53 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: bSTB7fyS3XIz0+8SQAYyQp7IIQ3KAzrHZmJLZkPByUw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:10:61:21:33:b4:e5:ac:dc:77:58:cb:bd:d0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Mar 29 10:00:53 2026 GMT
            Not After : Mar 30 10:00:53 2026 GMT
        Subject: CN=3f9981349bca116a81f5f064aae3070bbd9fd123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f5:5f:77:4c:1c:ff:48:e4:da:ca:40:27:af:
                    e0:68:6c:fa:97:e6:d6:b7:43:7f:49:11:e2:4c:52:
                    62:c4:22:3e:b1:15:42:87:a0:95:3a:73:54:4a:64:
                    01:3c:4b:a5:be:96:84:18:13:3b:0a:d6:d9:81:84:
                    fd:a8:a8:c2:99:91:c8:3d:3a:90:1d:ff:b6:06:d4:
                    ea:47:07:0d:a7:0e:8b:c3:5b:a6:d1:fb:7c:a9:2f:
                    d5:a8:24:32:2d:f7:42:4f:88:2a:a2:3a:c7:a0:7d:
                    3d:44:c1:64:ed:b8:ed:5b:95:b0:61:43:7a:f0:a0:
                    dd:90:c3:02:79:73:cd:b5:f4:08:15:57:53:ad:34:
                    13:36:ea:f5:20:ba:74:c0:1c:9b:ad:6a:3d:ae:f1:
                    05:14:fd:7f:6f:fb:fd:ea:d0:13:53:64:be:3c:b3:
                    44:06:f9:e7:01:58:44:98:d3:78:50:07:98:e8:53:
                    3a:f2:7a:26:31:37:d0:78:7f:5b:01:61:b9:39:94:
                    dc:70:28:57:69:37:ae:9b:12:5e:f1:de:af:41:d9:
                    0d:ee:e2:5d:5d:2d:6a:0c:9c:84:da:4f:66:b5:9a:
                    90:57:83:8b:0f:e8:8d:30:41:86:26:17:4f:2d:07:
                    bc:ab:e7:1e:65:8c:21:90:72:fe:37:33:96:3c:ff:
                    ac:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:99:81:34:9B:CA:11:6A:81:F5:F0:64:AA:E3:07:0B:BD:9F:D1:23
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:f7:4e:53:fa:76:3d:79:fc:bc:c9:4d:49:78:1a:19:1f:4f:
         33:d2:b2:54:ca:90:87:8d:73:76:a4:72:10:88:fb:83:8b:34:
         b6:90:68:cf:aa:03:43:c8:02:74:95:f6:e3:b2:75:4d:a3:f6:
         c4:a8:63:06:95:af:a2:e4:3f:ca:4b:41:09:ef:d6:c5:2c:e4:
         57:b3:5c:14:3d:ab:75:0f:ac:37:a6:62:58:26:73:02:c4:bf:
         89:e5:7f:b4:ce:6a:9d:f1:f6:6b:29:e1:fd:02:94:1d:da:1c:
         06:b3:44:1d:cc:79:3d:b0:84:f1:c9:8a:6b:49:db:00:7f:03:
         dc:d7:1f:fc:ed:23:6d:0d:1c:19:8e:34:b3:bd:91:82:b2:2a:
         c9:a5:fe:b0:28:03:77:ce:c5:10:d3:d2:cc:c5:e9:e6:3b:be:
         75:0a:1d:7f:04:28:dd:b5:3c:28:6b:c1:48:cc:cc:45:b4:cf:
         ab:6c:90:29:2a:91:70:4a:0e:6d:6b:32:2c:50:b6:aa:b5:7e:
         7b:56:61:bc:14:3c:7d:10:6a:0a:5a:ef:90:fd:ca:4a:c2:97:
         57:05:f9:92:4c:d4:7f:9e:ed:08:78:21:fc:fe:12:06:f4:1e:
         22:9b:17:04:8b:6d:04:a9:e7:23:c5:0f:ec:c7:e3:73:7c:bb:
         ac:d6:ac:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05ChBhITO05azcd1jLvdCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjYwMzI5MTAwMDUzWhcNMjYwMzMwMTAwMDUzWjAzMTEwLwYDVQQD
EygzZjk5ODEzNDliY2ExMTZhODFmNWYwNjRhYWUzMDcwYmJkOWZkMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfVfd0wc/0jk2spAJ6/gaGz6l+bW
t0N/SRHiTFJixCI+sRVCh6CVOnNUSmQBPEulvpaEGBM7CtbZgYT9qKjCmZHIPTqQ
Hf+2BtTqRwcNpw6Lw1um0ft8qS/VqCQyLfdCT4gqojrHoH09RMFk7bjtW5WwYUN6
8KDdkMMCeXPNtfQIFVdTrTQTNur1ILp0wBybrWo9rvEFFP1/b/v96tATU2S+PLNE
BvnnAVhEmNN4UAeY6FM68nomMTfQeH9bAWG5OZTccChXaTeumxJe8d6vQdkN7uJd
XS1qDJyE2k9mtZqQV4OLD+iNMEGGJhdPLQe8q+ceZYwhkHL+NzOWPP+s6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD+ZgTSbyhFqgfXwZKrjBwu9n9EjMB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfdOU/p2
PXn8vMlNSXgaGR9PM9KyVMqQh41zdqRyEIj7g4s0tpBoz6oDQ8gCdJX247J1TaP2
xKhjBpWvouQ/yktBCe/WxSzkV7NcFD2rdQ+sN6ZiWCZzAsS/ieV/tM5qnfH2aynh
/QKUHdocBrNEHcx5PbCE8cmKa0nbAH8D3Ncf/O0jbQ0cGY40s72RgrIqyaX+sCgD
d87FENPSzMXp5ju+dQodfwQo3bU8KGvBSMzMRbTPq2yQKSqRcEoObWsyLFC2qrV+
e1ZhvBQ8fRBqClrvkP3KSsKXVwX5kkzUf57tCHgh/P4SBvQeIpsXBIttBKnnI8UP
7Mfjc3y7rNas3g==
-----END CERTIFICATE-----