Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
File:                     dBkW6TW7TmhYsdIjYVrONp7SaB4.mft (raw, json)
Hash identifier:          oUx5JUviNz73pMq7hU8cM2l1VA0VXZcV8Ty01v8M3gI=
Subject key identifier:   3D:02:91:39:F1:AD:9A:82:1B:E1:F7:6E:C3:C3:5E:32:16:8F:9E:EA
Authority key identifier: 74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E
Certificate issuer:       /CN=741916e935bb4e6858b1d223615ace369ed2681e
Certificate serial:       019D3940A392733785645F1B29E33C28F40F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 11:00:30 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:30 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:30 +0000
Files and hashes:         1: dBkW6TW7TmhYsdIjYVrONp7SaB4.crl (hash: vDy4A5/GsmRXd2tlw/SbEicPiTJ0OEu41hbwotKEleo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:40:a3:92:73:37:85:64:5f:1b:29:e3:3c:28:f4:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=741916e935bb4e6858b1d223615ace369ed2681e
        Validity
            Not Before: Mar 29 11:00:30 2026 GMT
            Not After : Mar 30 11:00:30 2026 GMT
        Subject: CN=3d029139f1ad9a821be1f76ec3c35e32168f9eea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:91:05:b6:96:6f:1b:e3:d9:10:f2:ea:21:a9:
                    bb:f1:02:be:63:4c:75:71:83:56:7d:38:02:17:53:
                    2d:5a:1f:b5:4c:67:d1:a0:82:50:73:40:c7:bf:ab:
                    a9:74:43:76:fc:52:72:af:c1:ed:44:2e:66:6e:32:
                    eb:98:a0:94:e9:01:e6:35:61:89:22:e6:81:b1:b5:
                    13:8f:5e:56:cb:05:2d:05:37:c4:f9:5a:f3:68:e1:
                    5d:14:05:6a:56:c6:8c:47:af:eb:a6:ee:3d:b3:e6:
                    fb:8e:a8:e1:66:96:08:06:86:b8:da:17:aa:3f:8f:
                    64:04:5b:99:c3:d5:ab:ee:0f:01:8c:6c:58:4d:00:
                    e5:a9:06:84:34:71:68:1a:f0:56:76:b4:39:9d:b4:
                    af:14:e6:88:a9:a9:f3:8d:a8:65:20:47:ab:6e:49:
                    61:33:dc:82:e9:6d:55:28:f0:5a:97:4e:87:6f:a3:
                    fb:67:c4:11:40:de:d1:bc:b7:4d:cf:0f:a6:4e:66:
                    8f:69:2c:dc:0f:a9:81:40:f7:c6:9f:5d:69:ea:af:
                    df:a7:8d:81:1a:8f:a9:c4:e3:2d:9f:a4:9e:22:7b:
                    1a:10:5a:7c:10:81:e7:07:c2:0f:e7:0f:bf:e8:ef:
                    33:25:36:2e:0b:3b:03:e7:2e:e4:2f:c6:0e:ee:35:
                    ef:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:02:91:39:F1:AD:9A:82:1B:E1:F7:6E:C3:C3:5E:32:16:8F:9E:EA
            X509v3 Authority Key Identifier:
                keyid:74:19:16:E9:35:BB:4E:68:58:B1:D2:23:61:5A:CE:36:9E:D2:68:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBkW6TW7TmhYsdIjYVrONp7SaB4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2891f6-7861-4037-8008-52cf0195838b/1/dBkW6TW7TmhYsdIjYVrONp7SaB4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:3a:51:80:e3:37:ce:67:24:69:ec:57:78:2f:ef:9e:f8:a6:
         64:bb:1f:f9:de:dd:36:b3:c6:4b:9c:59:b2:9e:53:30:ff:5a:
         89:d5:df:f7:0d:5c:22:ae:2a:55:0d:ee:43:ac:f0:9b:ae:f9:
         7f:1a:c3:9a:ed:6f:52:0b:3d:f5:d6:a7:ed:c6:fc:1a:75:1e:
         2a:a6:72:fd:d9:42:e0:79:09:ed:a7:fd:4a:ce:ce:11:fc:6b:
         6a:20:e5:65:99:a3:60:32:57:7a:a3:16:cc:44:1c:f8:c3:40:
         05:4e:15:28:f6:a2:18:30:49:1c:51:e7:ba:f7:7e:b5:d4:80:
         61:f6:13:69:3d:79:43:ff:21:24:cd:63:70:a7:1f:68:f7:02:
         c1:27:a9:81:5b:ef:c3:42:9e:39:20:57:ff:ef:8c:a5:89:e5:
         98:c5:d4:39:96:d3:82:7d:21:55:08:2f:e2:46:76:bd:34:45:
         a6:14:3e:bd:c7:ae:e6:b3:71:89:09:be:08:72:03:fe:fa:29:
         8e:91:6f:37:bd:44:50:7a:86:0b:19:fc:6e:f2:22:9f:2e:51:
         a6:b8:32:6e:4a:7d:f1:fa:05:b9:60:1a:57:f2:70:40:22:60:
         1f:b7:dc:48:9e:b0:64:dd:2b:bb:cd:05:de:c8:38:31:9c:15:
         2f:8c:f8:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKOSczeFZF8bKeM8KPQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTkxNmU5MzViYjRlNjg1OGIxZDIyMzYxNWFjZTM2OWVk
MjY4MWUwHhcNMjYwMzI5MTEwMDMwWhcNMjYwMzMwMTEwMDMwWjAzMTEwLwYDVQQD
EygzZDAyOTEzOWYxYWQ5YTgyMWJlMWY3NmVjM2MzNWUzMjE2OGY5ZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpEFtpZvG+PZEPLqIam78QK+Y0x1
cYNWfTgCF1MtWh+1TGfRoIJQc0DHv6updEN2/FJyr8HtRC5mbjLrmKCU6QHmNWGJ
IuaBsbUTj15WywUtBTfE+VrzaOFdFAVqVsaMR6/rpu49s+b7jqjhZpYIBoa42heq
P49kBFuZw9Wr7g8BjGxYTQDlqQaENHFoGvBWdrQ5nbSvFOaIqanzjahlIEerbklh
M9yC6W1VKPBal06Hb6P7Z8QRQN7RvLdNzw+mTmaPaSzcD6mBQPfGn11p6q/fp42B
Go+pxOMtn6SeInsaEFp8EIHnB8IP5w+/6O8zJTYuCzsD5y7kL8YO7jXvhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD0CkTnxrZqCG+H3bsPDXjIWj57qMB8GA1UdIwQY
MBaAFHQZFuk1u05oWLHSI2Fazjae0mgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgt
NTJjZjAxOTU4MzhiLzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yODkxZjYtNzg2MS00MDM3LTgwMDgtNTJjZjAxOTU4Mzhi
LzEvZEJrVzZUVzdUbWhZc2RJallWck9OcDdTYUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANTpRgOM3
zmckaexXeC/vnvimZLsf+d7dNrPGS5xZsp5TMP9aidXf9w1cIq4qVQ3uQ6zwm675
fxrDmu1vUgs99dan7cb8GnUeKqZy/dlC4HkJ7af9Ss7OEfxraiDlZZmjYDJXeqMW
zEQc+MNABU4VKPaiGDBJHFHnuvd+tdSAYfYTaT15Q/8hJM1jcKcfaPcCwSepgVvv
w0KeOSBX/++MpYnlmMXUOZbTgn0hVQgv4kZ2vTRFphQ+vceu5rNxiQm+CHID/vop
jpFvN71EUHqGCxn8bvIiny5Rprgybkp98foFuWAaV/JwQCJgH7fcSJ6wZN0ru80F
3sg4MZwVL4z4ZQ==
-----END CERTIFICATE-----