Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
File:                     _9YayMVuOP32EjgDbHNUcnADRjE.mft (raw, json)
Hash identifier:          Pdl7FQyJXysee8MyKpXS7eZZFBB0Yp1jVf5bs1kX724=
Subject key identifier:   A5:08:7D:99:2E:15:3D:F7:9D:1C:19:A9:92:5B:A0:2D:8A:75:DA:F2
Authority key identifier: FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31
Certificate issuer:       /CN=ffd61ac8c56e38fdf61238036c73547270034631
Certificate serial:       019D3789332DAFD5AB12B8E032241F7F3CF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
Manifest number:          188E
Signing time:             Sun 29 Mar 2026 03:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:31 +0000
Files and hashes:         1: _9YayMVuOP32EjgDbHNUcnADRjE.crl (hash: ZdmIO81x9K983UFmvCeyKnMegGtZrHwXMX5t6OlidGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:33:2d:af:d5:ab:12:b8:e0:32:24:1f:7f:3c:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ffd61ac8c56e38fdf61238036c73547270034631
        Validity
            Not Before: Mar 29 03:00:31 2026 GMT
            Not After : Mar 30 03:00:31 2026 GMT
        Subject: CN=a5087d992e153df79d1c19a9925ba02d8a75daf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:09:7c:e1:2b:23:49:86:81:d4:54:ad:98:5b:
                    27:1c:c8:9f:ef:f1:a1:ed:71:ba:30:98:94:cc:c7:
                    a7:23:f4:ac:15:6b:7d:a8:52:92:2d:70:69:08:d5:
                    ed:66:4f:6a:39:e7:41:53:71:3d:93:40:b9:d7:63:
                    35:7c:38:b6:32:cd:35:7a:d3:f9:cc:21:8d:5c:1d:
                    93:ba:f8:36:5d:00:57:28:c4:58:9a:2b:98:a3:23:
                    62:32:a3:32:c5:28:73:79:a1:1d:7f:53:c0:41:1e:
                    42:15:98:ed:0c:f7:e5:67:25:b2:d8:bc:0e:39:f4:
                    9b:50:19:d4:09:84:93:49:d2:e9:02:88:29:67:39:
                    b3:89:b4:50:b2:95:6c:0d:d5:57:c9:67:03:9a:cd:
                    a7:b9:eb:f9:68:2b:5a:4e:b5:00:6b:ed:1e:80:9b:
                    90:15:ae:ea:ef:0e:a1:02:2d:9f:13:d3:d2:ca:a9:
                    4b:d4:e4:5f:91:98:25:18:f0:16:8d:9b:38:9b:c6:
                    e2:3e:a5:22:7c:c6:ba:9b:d9:0e:ae:a3:9a:28:d2:
                    ea:b0:a8:7a:db:7e:e5:5d:a5:76:25:18:b8:3d:ef:
                    ed:30:59:47:2c:d4:5d:4d:6e:55:f1:88:1e:c0:3b:
                    e5:50:90:00:ac:15:89:1c:2a:d8:07:d9:3a:13:e3:
                    32:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:08:7D:99:2E:15:3D:F7:9D:1C:19:A9:92:5B:A0:2D:8A:75:DA:F2
            X509v3 Authority Key Identifier:
                keyid:FF:D6:1A:C8:C5:6E:38:FD:F6:12:38:03:6C:73:54:72:70:03:46:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9YayMVuOP32EjgDbHNUcnADRjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/14d7b8-afce-45a1-b272-04d96fa83d07/1/_9YayMVuOP32EjgDbHNUcnADRjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:6b:d8:4e:44:84:31:2e:c6:a9:d6:19:c2:7e:c9:7f:59:9b:
         92:b0:f7:86:3d:62:8e:65:ca:e1:9f:6d:29:55:ae:b1:c8:37:
         7d:6e:e8:ed:bd:42:ea:86:19:de:cc:24:6a:ef:a7:60:45:cc:
         73:a5:1c:56:47:ba:7f:9c:88:d0:b0:29:11:d7:68:c6:fd:72:
         18:d6:e9:3c:d0:84:f2:4c:60:b9:ea:dd:9c:33:0b:70:b4:38:
         52:c6:ab:e3:b2:3f:ee:52:12:5e:6f:ac:a7:cf:ce:6a:c9:84:
         11:1e:fd:07:70:1d:b2:11:fc:f1:f6:59:7f:b6:9a:65:14:68:
         a7:dc:99:11:c5:d1:25:e1:0b:c0:8d:d9:1a:40:97:a3:95:9b:
         6e:6f:8a:ef:93:86:a5:9b:e1:5a:f2:51:c7:fa:f4:fa:4e:5a:
         64:9b:85:78:fb:60:47:03:c8:0e:1b:e9:27:3d:db:97:dc:5b:
         a7:d4:bb:e8:73:fa:28:0d:1e:7c:e1:8c:b7:7d:c1:ae:ff:a6:
         95:f9:c6:06:4b:65:82:8e:1e:69:a0:75:e5:56:16:e6:4a:68:
         7d:65:91:b0:eb:87:8d:15:52:c6:c6:30:a8:91:75:25:ac:83:
         3a:dc:81:05:93:e9:74:87:46:24:4f:93:d6:7b:ac:49:ac:a3:
         c7:db:f6:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iTMtr9WrErjgMiQffzzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZDYxYWM4YzU2ZTM4ZmRmNjEyMzgwMzZjNzM1NDcyNzAw
MzQ2MzEwHhcNMjYwMzI5MDMwMDMxWhcNMjYwMzMwMDMwMDMxWjAzMTEwLwYDVQQD
EyhhNTA4N2Q5OTJlMTUzZGY3OWQxYzE5YTk5MjViYTAyZDhhNzVkYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugl84SsjSYaB1FStmFsnHMif7/Gh
7XG6MJiUzMenI/SsFWt9qFKSLXBpCNXtZk9qOedBU3E9k0C512M1fDi2Ms01etP5
zCGNXB2Tuvg2XQBXKMRYmiuYoyNiMqMyxShzeaEdf1PAQR5CFZjtDPflZyWy2LwO
OfSbUBnUCYSTSdLpAogpZzmzibRQspVsDdVXyWcDms2nuev5aCtaTrUAa+0egJuQ
Fa7q7w6hAi2fE9PSyqlL1ORfkZglGPAWjZs4m8biPqUifMa6m9kOrqOaKNLqsKh6
237lXaV2JRi4Pe/tMFlHLNRdTW5V8YgewDvlUJAArBWJHCrYB9k6E+MyfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUIfZkuFT33nRwZqZJboC2KddryMB8GA1UdIwQY
MBaAFP/WGsjFbjj99hI4A2xzVHJwA0YxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzIt
MDRkOTZmYTgzZDA3LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8xNGQ3YjgtYWZjZS00NWExLWIyNzItMDRkOTZmYTgzZDA3
LzEvXzlZYXlNVnVPUDMyRWpnRGJITlVjbkFEUmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmvYTkSE
MS7GqdYZwn7Jf1mbkrD3hj1ijmXK4Z9tKVWuscg3fW7o7b1C6oYZ3swkau+nYEXM
c6UcVke6f5yI0LApEddoxv1yGNbpPNCE8kxguerdnDMLcLQ4Usar47I/7lISXm+s
p8/OasmEER79B3AdshH88fZZf7aaZRRop9yZEcXRJeELwI3ZGkCXo5Wbbm+K75OG
pZvhWvJRx/r0+k5aZJuFePtgRwPIDhvpJz3bl9xbp9S76HP6KA0efOGMt33Brv+m
lfnGBktlgo4eaaB15VYW5kpofWWRsOuHjRVSxsYwqJF1JayDOtyBBZPpdIdGJE+T
1nusSayjx9v2cg==
-----END CERTIFICATE-----