Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          hl8SiS/SgyJIgfZXmoMMJLAC4c0KSiyqlsLAF6q+rkU=
Subject key identifier:   4F:B4:57:F4:87:AF:22:E0:81:33:71:9C:92:A2:31:AC:9C:19:D4:C0
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       019D386600D1E091CEF771CC49E4962EAB83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:41 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:41 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:41 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: 8z3FSPe1CTP+C/nlA5VsgHNoj7UtLBK1Ruci7EAVUgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:00:d1:e0:91:ce:f7:71:cc:49:e4:96:2e:ab:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: Mar 29 07:01:41 2026 GMT
            Not After : Mar 30 07:01:41 2026 GMT
        Subject: CN=4fb457f487af22e08133719c92a231ac9c19d4c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5c:80:c9:6a:b8:a9:42:1d:75:6d:a3:1d:12:
                    8e:38:76:31:ac:52:4a:d5:db:cc:ad:c6:44:2d:eb:
                    d8:03:c9:e4:75:bd:79:ed:58:ef:bd:cd:cd:39:61:
                    e7:03:86:1b:ed:ba:08:08:1d:48:c4:38:7c:d1:f3:
                    4f:ec:5d:d4:94:bd:dd:1e:74:96:90:d4:a7:c0:a9:
                    ad:1b:a3:79:ce:b0:74:47:35:0a:ee:11:f1:19:18:
                    ca:08:9e:a0:1b:52:60:ab:06:52:08:c7:d3:97:35:
                    5e:0e:bf:d3:c1:3a:ad:fd:02:22:43:15:02:a9:0a:
                    5f:3f:10:c2:a6:31:21:9b:49:2b:47:f0:67:3d:62:
                    1d:25:c6:17:2d:5c:18:53:5f:8f:08:8f:17:64:fe:
                    58:9b:71:a8:60:34:5e:c8:30:fc:f2:27:39:d8:f9:
                    0b:37:0a:4c:f6:38:41:d2:cf:f9:16:0b:1f:ed:5b:
                    ac:b3:30:41:df:04:a7:8e:8b:f1:ea:94:1c:b2:89:
                    29:59:e2:44:78:94:ae:6f:e1:32:e6:76:fa:36:57:
                    07:85:5c:11:44:87:1e:db:d3:70:c0:01:e3:49:f3:
                    3f:17:0d:af:7a:99:72:19:7f:01:c0:0f:8a:f6:92:
                    e7:fe:4d:94:41:68:c4:b4:76:03:f4:c7:e9:33:fd:
                    9b:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:B4:57:F4:87:AF:22:E0:81:33:71:9C:92:A2:31:AC:9C:19:D4:C0
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:cc:18:ff:9b:e9:e7:65:75:93:51:2c:bf:6e:1f:ad:93:69:
         ec:15:ed:98:d2:40:7c:4e:0c:82:c6:1e:e4:de:9f:bc:fd:03:
         02:fb:47:3c:2e:c1:89:81:be:fb:3d:48:c7:52:59:d9:a0:53:
         59:f1:4d:b9:57:4f:28:44:30:12:b9:98:37:73:b9:60:22:b5:
         a5:0e:23:fe:56:20:02:a2:3e:04:5a:86:3f:6f:16:2c:13:fb:
         e8:fa:a9:56:c1:4e:41:74:ec:21:46:ac:b3:de:d1:21:5b:a7:
         6e:f2:3c:e7:e6:d5:56:5d:f3:43:04:22:25:65:fc:91:85:ac:
         26:e9:89:2b:fa:7d:99:6e:be:c4:cb:f5:00:94:05:83:e3:e7:
         e6:91:da:4b:51:57:92:31:57:74:86:15:6c:2b:a2:98:e2:c4:
         2f:c6:32:0a:23:3d:0b:43:07:ae:05:80:6c:e8:d2:84:e9:28:
         d8:ec:30:3f:a1:67:a0:2f:75:58:b2:eb:61:e0:91:92:d6:3b:
         57:e7:52:b6:5f:39:4a:c6:7e:ff:a6:bb:5f:87:25:e0:f0:8a:
         26:1e:1e:05:37:02:69:20:4e:e6:94:eb:dd:c6:6c:39:4a:4b:
         1d:6b:c8:87:96:93:bb:53:cf:4d:d1:4e:9e:d2:f7:56:e9:d5:
         cf:d2:3d:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgDR4JHO93HMSeSWLquDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjYwMzI5MDcwMTQxWhcNMjYwMzMwMDcwMTQxWjAzMTEwLwYDVQQD
Eyg0ZmI0NTdmNDg3YWYyMmUwODEzMzcxOWM5MmEyMzFhYzljMTlkNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FyAyWq4qUIddW2jHRKOOHYxrFJK
1dvMrcZELevYA8nkdb157Vjvvc3NOWHnA4Yb7boICB1IxDh80fNP7F3UlL3dHnSW
kNSnwKmtG6N5zrB0RzUK7hHxGRjKCJ6gG1JgqwZSCMfTlzVeDr/TwTqt/QIiQxUC
qQpfPxDCpjEhm0krR/BnPWIdJcYXLVwYU1+PCI8XZP5Ym3GoYDReyDD88ic52PkL
NwpM9jhB0s/5Fgsf7VusszBB3wSnjovx6pQcsokpWeJEeJSub+Ey5nb6NlcHhVwR
RIce29NwwAHjSfM/Fw2veplyGX8BwA+K9pLn/k2UQWjEtHYD9MfpM/2bWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+0V/SHryLggTNxnJKiMaycGdTAMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhswY/5vp
52V1k1Esv24frZNp7BXtmNJAfE4MgsYe5N6fvP0DAvtHPC7BiYG++z1Ix1JZ2aBT
WfFNuVdPKEQwErmYN3O5YCK1pQ4j/lYgAqI+BFqGP28WLBP76PqpVsFOQXTsIUas
s97RIVunbvI85+bVVl3zQwQiJWX8kYWsJumJK/p9mW6+xMv1AJQFg+Pn5pHaS1FX
kjFXdIYVbCuimOLEL8YyCiM9C0MHrgWAbOjShOko2OwwP6FnoC91WLLrYeCRktY7
V+dStl85SsZ+/6a7X4cl4PCKJh4eBTcCaSBO5pTr3cZsOUpLHWvIh5aTu1PPTdFO
ntL3VunVz9I9BA==
-----END CERTIFICATE-----