Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
File:                     tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json)
Hash identifier:          tTXYZ8UXtmr48sFVyqdrGkPIMnDf5ZqDI55EO+9+iBI=
Subject key identifier:   4C:2A:39:45:74:52:57:07:EA:F2:B9:DF:F6:52:0D:EF:39:1C:C2:9B
Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB
Certificate issuer:       /CN=b539831835c87c7501f6c37cb48e60a795a394bb
Certificate serial:       019D386631EE1BB9E5858268604209884AA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
Manifest number:          188E
Signing time:             Sun 29 Mar 2026 07:01:54 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:54 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:54 +0000
Files and hashes:         1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: xm8tVoZSUAOD5fnGcnHXAPuIxBp9uz/JuFvXZNl4BWk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:31:ee:1b:b9:e5:85:82:68:60:42:09:88:4a:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb
        Validity
            Not Before: Mar 29 07:01:54 2026 GMT
            Not After : Mar 30 07:01:54 2026 GMT
        Subject: CN=4c2a394574525707eaf2b9dff6520def391cc29b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:7a:30:eb:ca:67:6c:d6:e1:b2:89:6e:7f:e8:
                    3b:68:48:45:56:e2:cd:22:d5:3a:c1:67:d1:9b:dc:
                    0f:81:65:37:2d:36:96:af:5e:79:ae:2f:f0:1f:88:
                    09:0d:5d:39:d9:1b:de:21:d5:a1:2d:96:81:e4:8d:
                    d5:b8:e4:1c:e7:08:a6:8d:c9:ef:b1:6b:65:ae:bf:
                    17:92:f4:28:b6:bb:96:98:db:cd:76:3c:fc:e5:d7:
                    26:e0:ba:87:e1:af:ef:ff:66:f6:89:ae:ea:77:73:
                    04:85:4d:76:2d:72:d4:fc:0b:ad:79:82:84:02:3e:
                    b0:1c:a2:6b:0e:1c:e9:d9:ce:71:99:a4:df:75:30:
                    6d:f0:5c:b5:4e:3b:79:c8:3e:62:87:06:92:53:6d:
                    74:db:76:1f:eb:33:04:63:35:a3:54:20:89:b6:dd:
                    92:2a:9c:e6:9e:2d:09:b2:73:17:f9:10:f9:4f:34:
                    57:36:7c:be:2f:66:f9:77:24:a6:b7:55:a9:e4:e6:
                    23:78:5c:f5:df:fd:2f:03:5e:df:10:5f:0b:f3:1a:
                    ba:6b:c8:c1:f4:7e:ed:28:36:50:ec:c3:cd:40:56:
                    2e:e3:86:de:b9:74:e3:b8:58:05:7e:6c:3b:3a:e3:
                    4b:8d:2f:ff:53:d6:ec:0f:52:55:4e:45:a8:44:ed:
                    a2:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:2A:39:45:74:52:57:07:EA:F2:B9:DF:F6:52:0D:EF:39:1C:C2:9B
            X509v3 Authority Key Identifier:
                keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:4c:15:9c:44:c5:81:15:a3:84:19:f0:bd:3e:7a:bf:7a:d4:
         a8:2d:95:12:55:74:93:62:52:a6:d3:92:81:70:61:38:73:6b:
         fc:a4:92:fa:17:f9:dc:51:e7:2c:80:a0:89:d7:87:73:ab:f2:
         cc:be:2b:76:00:e9:a2:c1:1e:2c:cd:44:fa:dd:8f:da:a3:77:
         f9:8b:12:05:50:0a:e1:f0:24:ec:52:d8:9d:21:4a:94:20:1b:
         21:0c:8f:82:8b:70:11:20:37:e0:75:2e:26:32:35:d3:c3:70:
         f7:f1:8c:c9:0b:b0:fe:9e:ba:a5:11:59:99:35:bd:7b:c5:74:
         ac:44:31:3f:4b:64:98:d4:b2:9d:33:65:1d:03:7f:a5:1f:30:
         df:9b:41:31:8f:51:63:43:27:1e:9e:1e:ff:3e:f0:96:fc:01:
         da:8a:41:b8:e9:71:3e:67:60:11:9e:1b:85:a9:20:e2:3e:bc:
         10:8f:e8:92:82:b9:d8:80:6d:5c:f6:c0:69:8c:27:e0:ab:ae:
         26:db:e7:04:d8:7e:24:4e:5b:1e:20:ff:2b:fd:59:7f:dd:a2:
         cc:ba:63:0e:68:ce:b5:a1:38:48:aa:77:19:33:69:08:93:7f:
         73:80:a0:71:bf:45:6d:08:12:bd:ce:0c:c5:d9:48:74:a9:da:
         3f:f7:19:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjHuG7nlhYJoYEIJiEqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh
Mzk0YmIwHhcNMjYwMzI5MDcwMTU0WhcNMjYwMzMwMDcwMTU0WjAzMTEwLwYDVQQD
Eyg0YzJhMzk0NTc0NTI1NzA3ZWFmMmI5ZGZmNjUyMGRlZjM5MWNjMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3ow68pnbNbhsoluf+g7aEhFVuLN
ItU6wWfRm9wPgWU3LTaWr155ri/wH4gJDV052RveIdWhLZaB5I3VuOQc5wimjcnv
sWtlrr8XkvQotruWmNvNdjz85dcm4LqH4a/v/2b2ia7qd3MEhU12LXLU/AuteYKE
Aj6wHKJrDhzp2c5xmaTfdTBt8Fy1Tjt5yD5ihwaSU21023Yf6zMEYzWjVCCJtt2S
Kpzmni0JsnMX+RD5TzRXNny+L2b5dySmt1Wp5OYjeFz13/0vA17fEF8L8xq6a8jB
9H7tKDZQ7MPNQFYu44beuXTjuFgFfmw7OuNLjS//U9bsD1JVTkWoRO2i1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwqOUV0UlcH6vK53/ZSDe85HMKbMB8GA1UdIwQY
MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt
NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2
LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFUwVnETF
gRWjhBnwvT56v3rUqC2VElV0k2JSptOSgXBhOHNr/KSS+hf53FHnLICgideHc6vy
zL4rdgDposEeLM1E+t2P2qN3+YsSBVAK4fAk7FLYnSFKlCAbIQyPgotwESA34HUu
JjI108Nw9/GMyQuw/p66pRFZmTW9e8V0rEQxP0tkmNSynTNlHQN/pR8w35tBMY9R
Y0MnHp4e/z7wlvwB2opBuOlxPmdgEZ4bhakg4j68EI/okoK52IBtXPbAaYwn4Kuu
JtvnBNh+JE5bHiD/K/1Zf92izLpjDmjOtaE4SKp3GTNpCJN/c4Cgcb9FbQgSvc4M
xdlIdKnaP/cZQw==
-----END CERTIFICATE-----