Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          1QqsGApEsQ+0xXfPF+8pW5wEy5eb0kIxxpBC0nG+WJA=
Subject key identifier:   BC:93:E7:C2:10:A3:D2:30:E1:EA:EC:25:6F:42:F2:81:FB:89:6F:E6
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       019E2F9738888E36CC1EF86BCBA7A46EA8B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          190D
Signing time:             Sat 16 May 2026 07:01:40 +0000
Manifest this update:     Sat 16 May 2026 07:01:40 +0000
Manifest next update:     Sun 17 May 2026 07:01:40 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: Djoa4+Qs5p/WU7BXT6NHkjbWMt9viCWDVyccAziK3ho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 07:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:2f:97:38:88:8e:36:cc:1e:f8:6b:cb:a7:a4:6e:a8:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: May 16 07:01:40 2026 GMT
            Not After : May 17 07:01:40 2026 GMT
        Subject: CN=bc93e7c210a3d230e1eaec256f42f281fb896fe6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d9:91:ab:fc:fd:1d:ef:bf:7a:a4:82:0e:07:
                    74:4a:61:1c:e8:af:18:a5:19:bd:89:2e:22:b3:32:
                    b8:20:6e:e7:a2:16:24:a3:09:9a:5b:a2:83:b9:0b:
                    9e:b6:b3:6d:f2:38:c3:3b:8b:a6:04:73:99:32:ae:
                    c9:cf:7f:96:d5:44:9d:50:de:0c:0e:ec:c6:4d:4e:
                    c9:24:7d:4f:10:4a:2c:de:8d:54:58:69:27:ed:6f:
                    c2:c1:06:9d:4c:4f:4d:2a:ce:d1:bb:61:c8:55:49:
                    33:13:f3:6e:ae:0d:b7:a8:1c:9a:5a:be:72:8d:c3:
                    c2:74:96:48:f8:28:33:df:db:71:b8:d0:4e:08:ce:
                    bf:60:a3:6f:9f:df:5f:58:60:9b:c4:fb:77:fc:4d:
                    38:a5:31:23:cf:71:7d:da:96:78:f1:56:74:30:a7:
                    8b:62:03:c1:78:1c:17:7d:22:68:d2:d7:b3:9e:25:
                    35:ea:9e:f9:f5:28:a8:05:5a:f7:b6:2f:1d:a7:6d:
                    21:0c:90:c8:a3:66:af:39:36:7a:cc:18:2a:28:5b:
                    46:ee:c2:6c:45:09:f3:39:7e:9e:ed:bd:3b:76:d2:
                    35:39:c6:1f:ad:d1:33:f0:9e:9f:94:76:fe:22:e6:
                    50:bb:50:60:a5:98:30:80:9f:d0:47:41:ba:5c:1a:
                    e4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:93:E7:C2:10:A3:D2:30:E1:EA:EC:25:6F:42:F2:81:FB:89:6F:E6
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:68:95:0a:53:40:72:29:e2:e7:4e:77:15:01:d3:19:a3:eb:
         12:1c:f0:53:55:b7:7f:b9:7e:c5:48:70:e6:41:c4:9d:24:e2:
         84:04:b6:6a:4b:91:1b:f9:64:80:0c:f6:1d:9c:d6:cb:e0:0a:
         5f:a6:bb:f1:94:a8:ac:13:af:8b:c4:ee:94:45:05:26:f2:b6:
         dd:4a:43:21:f3:f7:f6:a0:9c:26:c8:e0:a8:e0:ae:44:9b:68:
         f9:50:cf:3a:1a:e0:3e:30:c8:78:73:5b:f7:ef:dd:af:31:a8:
         a9:c8:00:1e:b1:27:0a:32:f5:99:4a:8c:c5:cf:aa:5b:ee:a9:
         9b:98:3e:8e:29:75:50:dc:9c:3c:48:2d:c3:a1:13:5b:10:f4:
         bd:01:1a:b8:9a:21:56:55:b3:72:d2:54:39:b5:94:50:0b:ba:
         81:0c:24:2b:28:db:38:bc:80:5a:7c:6f:3f:9c:88:ea:22:1e:
         a4:89:4b:64:9a:9d:f9:24:e0:3d:a8:00:0f:90:91:cc:05:7a:
         e3:07:56:e0:fb:73:a0:44:97:1c:71:cb:c1:5e:d1:8b:83:e9:
         fc:58:0d:d2:9b:05:d1:9c:0d:5d:68:20:5d:93:b7:39:05:28:
         a7:ef:0a:5d:ca:3d:27:2c:46:3b:e5:dd:1f:6e:23:97:6a:17:
         79:aa:e9:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4vlziIjjbMHvhry6ekbqiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjYwNTE2MDcwMTQwWhcNMjYwNTE3MDcwMTQwWjAzMTEwLwYDVQQD
EyhiYzkzZTdjMjEwYTNkMjMwZTFlYWVjMjU2ZjQyZjI4MWZiODk2ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9mRq/z9He+/eqSCDgd0SmEc6K8Y
pRm9iS4iszK4IG7nohYkowmaW6KDuQuetrNt8jjDO4umBHOZMq7Jz3+W1USdUN4M
DuzGTU7JJH1PEEos3o1UWGkn7W/CwQadTE9NKs7Ru2HIVUkzE/Nurg23qByaWr5y
jcPCdJZI+Cgz39txuNBOCM6/YKNvn99fWGCbxPt3/E04pTEjz3F92pZ48VZ0MKeL
YgPBeBwXfSJo0tezniU16p759SioBVr3ti8dp20hDJDIo2avOTZ6zBgqKFtG7sJs
RQnzOX6e7b07dtI1OcYfrdEz8J6flHb+IuZQu1BgpZgwgJ/QR0G6XBrkFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLyT58IQo9Iw4ersJW9C8oH7iW/mMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2iVClNA
cini5053FQHTGaPrEhzwU1W3f7l+xUhw5kHEnSTihAS2akuRG/lkgAz2HZzWy+AK
X6a78ZSorBOvi8TulEUFJvK23UpDIfP39qCcJsjgqOCuRJto+VDPOhrgPjDIeHNb
9+/drzGoqcgAHrEnCjL1mUqMxc+qW+6pm5g+jil1UNycPEgtw6ETWxD0vQEauJoh
VlWzctJUObWUUAu6gQwkKyjbOLyAWnxvP5yI6iIepIlLZJqd+STgPagAD5CRzAV6
4wdW4PtzoESXHHHLwV7Ri4Pp/FgN0psF0ZwNXWggXZO3OQUop+8KXco9JyxGO+Xd
H24jl2oXearp3g==
-----END CERTIFICATE-----