Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
File:                     MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft (raw, json)
Hash identifier:          faqRfYVqE+z79nir9aB2BnBf8eKruB3A1+g1MUEkpMs=
Subject key identifier:   99:2A:FB:62:44:EE:97:E9:3E:44:C4:EB:BB:FB:ED:B3:2D:6B:D6:A7
Authority key identifier: 30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34
Certificate issuer:       /CN=30fd95ce80eace734e340ddd723110fa5252fa34
Certificate serial:       019D389C3966BEDC18ABC4E5459D779861D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 08:00:55 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:55 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:55 +0000
Files and hashes:         1: MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl (hash: aDnmxmXfbl7nzqlQN9j5c/ZDV6gxlkZFjwqZ4eFiJsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9c:39:66:be:dc:18:ab:c4:e5:45:9d:77:98:61:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30fd95ce80eace734e340ddd723110fa5252fa34
        Validity
            Not Before: Mar 29 08:00:55 2026 GMT
            Not After : Mar 30 08:00:55 2026 GMT
        Subject: CN=992afb6244ee97e93e44c4ebbbfbedb32d6bd6a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:6e:8e:bf:6e:e9:a7:3d:e0:66:90:92:21:07:
                    77:2b:2e:c3:00:82:fd:c9:b6:bb:7e:55:a5:e6:a1:
                    d5:39:d4:65:88:27:53:9b:d0:a1:1d:a6:18:f8:e4:
                    0e:9c:31:0b:3d:d9:e2:f9:f2:55:8a:10:49:99:81:
                    bd:ab:b3:90:93:7e:8a:00:bf:b3:b1:37:6a:44:20:
                    24:8b:b9:bd:58:15:a3:d4:03:81:a7:76:27:bd:d4:
                    69:e3:24:82:bd:24:72:74:14:8a:aa:40:b9:18:46:
                    8d:22:e1:c2:e7:e1:21:2e:f2:5b:32:06:df:09:c1:
                    91:54:59:5a:9d:1b:ef:1b:61:98:c8:62:15:f4:1a:
                    76:f2:c3:7c:52:07:3d:a9:c9:3a:60:27:11:5d:40:
                    94:00:f7:ad:20:23:52:15:43:57:18:2e:b1:ef:cf:
                    cd:a1:c7:08:78:89:20:6f:48:c9:70:a0:89:06:2b:
                    5b:87:b0:9d:e4:85:93:5e:cb:6f:e6:7e:f5:72:56:
                    1d:b0:11:13:e1:64:ca:e5:d5:52:27:0f:76:f8:68:
                    44:bf:fb:18:d8:4c:2a:bb:4e:09:ea:c2:11:d9:73:
                    39:a2:79:21:59:69:6c:d0:37:c7:fb:af:e9:a3:8a:
                    de:ed:2b:e8:f2:9c:ac:c6:44:9e:23:ae:a5:89:e9:
                    7e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:2A:FB:62:44:EE:97:E9:3E:44:C4:EB:BB:FB:ED:B3:2D:6B:D6:A7
            X509v3 Authority Key Identifier:
                keyid:30:FD:95:CE:80:EA:CE:73:4E:34:0D:DD:72:31:10:FA:52:52:FA:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MP2VzoDqznNONA3dcjEQ-lJS-jQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/820f17-37bb-4867-bc80-c7d3e96fd35b/1/MP2VzoDqznNONA3dcjEQ-lJS-jQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:4d:74:8f:68:e8:38:05:fa:c9:ff:24:6b:3d:d3:59:ef:af:
         5c:e5:b3:53:44:72:7c:92:05:2a:8e:c7:a3:c7:d7:c3:b9:af:
         eb:d6:a9:b6:7e:e7:bb:93:8e:45:cb:d2:25:86:22:0a:e3:47:
         57:c4:3b:ae:15:c6:ef:85:81:ab:a2:17:0a:2f:96:86:a4:34:
         75:1c:4f:f1:ee:26:31:be:cb:13:5f:7c:41:37:c7:fa:f7:cd:
         3a:df:d5:e7:99:e8:27:ac:12:48:97:f4:e6:72:c7:d1:15:f6:
         ba:b3:36:bf:d2:17:da:51:26:25:7e:ef:1d:9c:24:8b:06:16:
         60:e0:8a:d9:53:98:5d:73:53:52:35:54:e7:1b:1f:b9:a9:51:
         ef:1e:7b:26:65:1f:db:84:27:ff:2e:70:8e:87:a2:19:df:84:
         1c:a5:f5:af:ec:28:f8:4a:b4:17:1b:15:46:23:a7:ae:a4:37:
         85:0d:47:7c:33:a6:94:ae:fd:7a:87:1c:ff:01:4d:3b:87:28:
         68:aa:d5:99:59:66:2e:6f:b3:ad:56:b1:b2:15:ba:b1:08:11:
         ca:f8:e7:5c:37:b6:2a:4a:84:6e:95:91:24:c7:cf:94:c2:64:
         8e:91:4b:ed:50:3c:2c:d3:de:d9:c4:d8:04:df:d7:ee:50:52:
         c4:22:78:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nDlmvtwYq8TlRZ13mGHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZmQ5NWNlODBlYWNlNzM0ZTM0MGRkZDcyMzExMGZhNTI1
MmZhMzQwHhcNMjYwMzI5MDgwMDU1WhcNMjYwMzMwMDgwMDU1WjAzMTEwLwYDVQQD
Eyg5OTJhZmI2MjQ0ZWU5N2U5M2U0NGM0ZWJiYmZiZWRiMzJkNmJkNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7G6Ov27ppz3gZpCSIQd3Ky7DAIL9
yba7flWl5qHVOdRliCdTm9ChHaYY+OQOnDELPdni+fJVihBJmYG9q7OQk36KAL+z
sTdqRCAki7m9WBWj1AOBp3YnvdRp4ySCvSRydBSKqkC5GEaNIuHC5+EhLvJbMgbf
CcGRVFlanRvvG2GYyGIV9Bp28sN8Ugc9qck6YCcRXUCUAPetICNSFUNXGC6x78/N
occIeIkgb0jJcKCJBitbh7Cd5IWTXstv5n71clYdsBET4WTK5dVSJw92+GhEv/sY
2Ewqu04J6sIR2XM5onkhWWls0DfH+6/po4re7Svo8pysxkSeI66liel+OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkq+2JE7pfpPkTE67v77bMta9anMB8GA1UdIwQY
MBaAFDD9lc6A6s5zTjQN3XIxEPpSUvo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAt
YzdkM2U5NmZkMzViLzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84MjBmMTctMzdiYi00ODY3LWJjODAtYzdkM2U5NmZkMzVi
LzEvTVAyVnpvRHF6bk5PTkEzZGNqRVEtbEpTLWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmE10j2jo
OAX6yf8kaz3TWe+vXOWzU0RyfJIFKo7Ho8fXw7mv69aptn7nu5OORcvSJYYiCuNH
V8Q7rhXG74WBq6IXCi+WhqQ0dRxP8e4mMb7LE198QTfH+vfNOt/V55noJ6wSSJf0
5nLH0RX2urM2v9IX2lEmJX7vHZwkiwYWYOCK2VOYXXNTUjVU5xsfualR7x57JmUf
24Qn/y5wjoeiGd+EHKX1r+wo+Eq0FxsVRiOnrqQ3hQ1HfDOmlK79eocc/wFNO4co
aKrVmVlmLm+zrVaxshW6sQgRyvjnXDe2KkqEbpWRJMfPlMJkjpFL7VA8LNPe2cTY
BN/X7lBSxCJ4Ng==
-----END CERTIFICATE-----