Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File:                     shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier:          P6YluZk+XOeoYi7ZhNggfoBZb/NHI4x4eAejEg9mAoI=
Subject key identifier:   84:25:BE:A2:95:7C:B2:9E:08:D1:7F:69:A6:66:DB:6E:00:35:82:75
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer:       /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial:       019D39AEC290FAF6D7099612091A45ABDDBF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number:          188F
Signing time:             Sun 29 Mar 2026 13:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:47 +0000
Files and hashes:         1: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: VUMr+eEnZ1nSibgD7Py6qDvuJ2fVajZDaecEd9h5Vfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:c2:90:fa:f6:d7:09:96:12:09:1a:45:ab:dd:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
        Validity
            Not Before: Mar 29 13:00:47 2026 GMT
            Not After : Mar 30 13:00:47 2026 GMT
        Subject: CN=8425bea2957cb29e08d17f69a666db6e00358275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:9a:24:81:1a:ee:28:c3:df:c0:b8:fd:6d:6d:
                    ce:e8:8f:2b:3a:93:b6:ae:f5:8e:6b:4a:6a:fd:e0:
                    58:96:4e:d6:37:f7:49:7d:3c:9d:61:c8:17:af:92:
                    9a:ae:c4:7c:2c:c6:5f:bc:e4:bc:d2:39:c9:45:22:
                    cf:75:75:a3:3a:29:ae:d4:54:87:16:9d:83:9c:ec:
                    a4:02:fc:e4:07:ea:81:a5:a3:7e:51:3e:fc:45:91:
                    4c:99:9f:b3:d1:64:e2:76:74:c9:4a:33:6b:ce:c8:
                    cd:bc:aa:7f:fb:e6:29:cd:da:ba:02:b2:bd:93:1a:
                    00:76:82:57:65:e2:f8:8f:2a:06:5d:47:6b:7d:a2:
                    a5:22:bc:47:df:dd:ba:4b:3a:ca:e4:bf:f8:aa:f1:
                    3e:21:29:e2:fb:18:3f:f3:81:00:11:d8:89:5d:18:
                    66:a4:ee:ff:98:b5:30:ec:d2:45:2c:57:52:ec:bb:
                    73:15:f0:ba:64:d5:b0:f5:bd:28:06:53:f8:7a:7e:
                    f1:8d:90:73:f1:b9:28:81:76:29:2c:be:a3:12:3d:
                    2c:ee:6f:1a:23:ed:7c:8a:99:76:47:b9:c6:cf:fb:
                    79:fb:78:f1:61:8a:4f:69:2b:52:6a:67:8c:f2:33:
                    1b:39:0e:08:3d:0b:04:9e:28:95:54:85:34:72:2c:
                    4c:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:25:BE:A2:95:7C:B2:9E:08:D1:7F:69:A6:66:DB:6E:00:35:82:75
            X509v3 Authority Key Identifier:
                keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:72:54:26:dc:2f:24:6a:f8:d1:9a:8a:93:db:66:26:cc:0e:
         82:02:54:77:b9:9a:e4:60:d8:08:9e:d7:79:2e:1d:17:ba:14:
         c6:c3:a0:cf:c5:36:a8:be:d1:3f:3e:40:92:11:4f:a8:71:58:
         75:54:d4:bf:3a:ad:a0:1c:ef:2a:6d:62:f6:af:e4:84:e5:0d:
         c9:eb:19:50:45:1a:f0:52:5a:84:78:22:f7:c2:72:23:04:f5:
         c3:fb:79:a0:41:27:1a:9e:84:74:24:82:6e:22:3d:d5:95:45:
         c9:be:02:17:66:e9:c8:16:3d:05:55:59:8a:20:6e:29:ab:95:
         9b:58:3f:27:6f:0e:6b:8e:ed:19:24:5c:a8:e5:1b:6b:c0:af:
         b6:b5:57:a2:23:65:49:cb:8a:99:52:41:79:e8:3e:2b:84:8a:
         0c:25:55:c8:8d:43:3b:fa:dd:57:b2:27:48:55:fc:32:67:40:
         1b:c0:78:0b:72:f4:8e:69:52:88:64:a9:62:27:3e:31:90:03:
         2a:30:de:80:b6:43:00:2a:fd:b9:10:02:cf:4a:ba:db:93:83:
         77:6d:f5:cc:69:cc:99:8d:2a:a1:02:b5:f0:4f:4a:5c:55:74:
         e1:6e:4b:2c:29:fc:8f:a9:62:50:fb:fa:ed:41:a5:8a:28:40:
         76:d7:94:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rsKQ+vbXCZYSCRpFq92/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjYwMzI5MTMwMDQ3WhcNMjYwMzMwMTMwMDQ3WjAzMTEwLwYDVQQD
Eyg4NDI1YmVhMjk1N2NiMjllMDhkMTdmNjlhNjY2ZGI2ZTAwMzU4Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZokgRruKMPfwLj9bW3O6I8rOpO2
rvWOa0pq/eBYlk7WN/dJfTydYcgXr5KarsR8LMZfvOS80jnJRSLPdXWjOimu1FSH
Fp2DnOykAvzkB+qBpaN+UT78RZFMmZ+z0WTidnTJSjNrzsjNvKp/++Ypzdq6ArK9
kxoAdoJXZeL4jyoGXUdrfaKlIrxH3926SzrK5L/4qvE+ISni+xg/84EAEdiJXRhm
pO7/mLUw7NJFLFdS7LtzFfC6ZNWw9b0oBlP4en7xjZBz8bkogXYpLL6jEj0s7m8a
I+18ipl2R7nGz/t5+3jxYYpPaStSameM8jMbOQ4IPQsEniiVVIU0cixMZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQlvqKVfLKeCNF/aaZm224ANYJ1MB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARHJUJtwv
JGr40ZqKk9tmJswOggJUd7ma5GDYCJ7XeS4dF7oUxsOgz8U2qL7RPz5AkhFPqHFY
dVTUvzqtoBzvKm1i9q/khOUNyesZUEUa8FJahHgi98JyIwT1w/t5oEEnGp6EdCSC
biI91ZVFyb4CF2bpyBY9BVVZiiBuKauVm1g/J28Oa47tGSRcqOUba8CvtrVXoiNl
ScuKmVJBeeg+K4SKDCVVyI1DO/rdV7InSFX8MmdAG8B4C3L0jmlSiGSpYic+MZAD
KjDegLZDACr9uRACz0q625ODd231zGnMmY0qoQK18E9KXFV04W5LLCn8j6liUPv6
7UGliihAdteU4Q==
-----END CERTIFICATE-----