Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
File:                     a3tNxJzDUDQveq4ssyBbn3dfZh0.mft (raw, json)
Hash identifier:          mLU/jk2hkgOniAx6Qq90zz6XolKsVp71Naydhi4bt0k=
Subject key identifier:   46:5F:73:A9:01:8E:3A:F3:20:48:F3:61:1B:36:A5:8B:ED:4C:BC:B8
Authority key identifier: 6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D
Certificate issuer:       /CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
Certificate serial:       019D3865783284778E54DCB57DFD4167CD26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:07 +0000
Files and hashes:         1: a3tNxJzDUDQveq4ssyBbn3dfZh0.crl (hash: OO8vvx7TAhCfC+KcZv8uS5qH+NrUZkdkFSjSuddvgy0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:78:32:84:77:8e:54:dc:b5:7d:fd:41:67:cd:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b7b4dc49cc350342f7aae2cb3205b9f775f661d
        Validity
            Not Before: Mar 29 07:01:07 2026 GMT
            Not After : Mar 30 07:01:07 2026 GMT
        Subject: CN=465f73a9018e3af32048f3611b36a58bed4cbcb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:99:35:d6:27:38:62:53:ef:66:d4:12:fc:2e:
                    20:23:28:ef:66:c7:c0:76:37:c3:9a:30:05:29:ce:
                    eb:df:f5:c6:19:7e:7f:ae:17:31:54:db:09:f2:f4:
                    67:39:a5:69:11:81:c7:2a:6f:1a:b0:f8:89:4f:c1:
                    cf:c3:9a:df:df:92:5f:65:2b:65:74:ff:5e:66:51:
                    85:51:a4:a2:0b:82:b6:0c:64:19:39:86:b7:5c:52:
                    e0:4b:4a:de:c0:ef:98:b0:f3:b9:0b:f6:43:e9:be:
                    f5:4e:fb:0f:72:71:74:96:80:38:37:23:82:c8:10:
                    12:2d:b2:96:a7:d9:b4:21:30:2d:d8:10:63:15:7b:
                    c5:f1:b5:cb:07:53:2f:fd:1e:63:95:5b:c3:12:b3:
                    be:49:52:8b:d2:62:41:e5:da:70:1b:55:39:05:8b:
                    d4:e3:fd:56:e2:74:97:f7:76:46:c3:86:3b:6b:87:
                    57:42:38:dd:c9:f7:24:3c:75:2d:91:58:cb:06:86:
                    ed:b5:c2:67:15:e6:76:fd:c2:8f:12:39:d1:c8:1e:
                    8f:28:5a:b7:83:b1:f3:b5:ea:42:df:e7:77:75:f4:
                    af:9e:b1:88:ee:ce:2f:19:9a:25:5e:ba:0c:9d:d4:
                    d1:a9:ec:34:a3:13:c0:51:40:c5:b0:9c:80:88:2a:
                    cf:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:5F:73:A9:01:8E:3A:F3:20:48:F3:61:1B:36:A5:8B:ED:4C:BC:B8
            X509v3 Authority Key Identifier:
                keyid:6B:7B:4D:C4:9C:C3:50:34:2F:7A:AE:2C:B3:20:5B:9F:77:5F:66:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3tNxJzDUDQveq4ssyBbn3dfZh0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b52709-38af-4545-a8db-c6d4c1a54a4b/1/a3tNxJzDUDQveq4ssyBbn3dfZh0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:db:7d:fa:f3:9e:87:ba:df:b1:9b:4a:00:76:02:13:71:55:
         3f:02:e3:51:26:5f:46:49:dd:81:43:c1:6e:ff:c6:8e:77:35:
         8a:6c:d1:83:b4:b6:14:52:50:bc:da:ac:9b:8b:2f:1a:65:88:
         54:d8:90:dd:db:c2:ba:a7:77:ea:d3:fb:7b:b7:4b:65:6c:7b:
         8c:6c:46:69:dc:cb:5f:a7:5d:89:46:07:cc:06:73:ef:d1:8a:
         75:90:ed:eb:8c:35:e6:79:2f:41:35:98:f4:fd:ed:ad:4c:d2:
         7b:8d:d3:e0:5b:23:fc:25:aa:bd:6c:52:bd:5d:14:ce:20:fb:
         20:84:e6:7b:ed:c9:d2:a7:1b:4e:ec:18:e8:02:73:3a:7a:3e:
         6b:07:7c:89:d3:a0:bb:c2:9e:00:73:cf:d7:81:22:a7:fd:12:
         10:7e:0a:e6:08:21:72:b9:c6:00:25:d4:02:4f:82:80:ae:e5:
         18:79:3b:5b:ef:95:00:ba:22:91:60:bd:0b:96:9d:39:6f:17:
         bf:f9:87:a5:58:92:bb:4f:74:17:12:9f:cb:bc:4a:e8:90:1c:
         19:33:e0:f3:b6:cd:c5:3f:63:bb:c2:01:7f:d1:d7:36:81:97:
         81:4b:8d:c9:30:08:f9:36:0b:91:f8:1e:0b:a9:5a:a4:ce:2c:
         72:24:b6:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXgyhHeOVNy1ff1BZ80mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2I0ZGM0OWNjMzUwMzQyZjdhYWUyY2IzMjA1YjlmNzc1
ZjY2MWQwHhcNMjYwMzI5MDcwMTA3WhcNMjYwMzMwMDcwMTA3WjAzMTEwLwYDVQQD
Eyg0NjVmNzNhOTAxOGUzYWYzMjA0OGYzNjExYjM2YTU4YmVkNGNiY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05k11ic4YlPvZtQS/C4gIyjvZsfA
djfDmjAFKc7r3/XGGX5/rhcxVNsJ8vRnOaVpEYHHKm8asPiJT8HPw5rf35JfZStl
dP9eZlGFUaSiC4K2DGQZOYa3XFLgS0rewO+YsPO5C/ZD6b71TvsPcnF0loA4NyOC
yBASLbKWp9m0ITAt2BBjFXvF8bXLB1Mv/R5jlVvDErO+SVKL0mJB5dpwG1U5BYvU
4/1W4nSX93ZGw4Y7a4dXQjjdyfckPHUtkVjLBobttcJnFeZ2/cKPEjnRyB6PKFq3
g7HztepC3+d3dfSvnrGI7s4vGZolXroMndTRqew0oxPAUUDFsJyAiCrPZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEZfc6kBjjrzIEjzYRs2pYvtTLy4MB8GA1UdIwQY
MBaAFGt7TcScw1A0L3quLLMgW593X2YdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGIt
YzZkNGMxYTU0YTRiLzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNTI3MDktMzhhZi00NTQ1LWE4ZGItYzZkNGMxYTU0YTRi
LzEvYTN0TnhKekRVRFF2ZXE0c3N5QmJuM2RmWmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlNt9+vOe
h7rfsZtKAHYCE3FVPwLjUSZfRkndgUPBbv/Gjnc1imzRg7S2FFJQvNqsm4svGmWI
VNiQ3dvCuqd36tP7e7dLZWx7jGxGadzLX6ddiUYHzAZz79GKdZDt64w15nkvQTWY
9P3trUzSe43T4Fsj/CWqvWxSvV0UziD7IITme+3J0qcbTuwY6AJzOno+awd8idOg
u8KeAHPP14Eip/0SEH4K5gghcrnGACXUAk+CgK7lGHk7W++VALoikWC9C5adOW8X
v/mHpViSu090FxKfy7xK6JAcGTPg87bNxT9ju8IBf9HXNoGXgUuNyTAI+TYLkfge
C6lapM4sciS2ZQ==
-----END CERTIFICATE-----