Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
File:                     cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft (raw, json)
Hash identifier:          yxCPFMq4FIGqLW9RIMYm8lxv/gr2GPVfxX6j7J+FgxY=
Subject key identifier:   CD:34:FE:B4:0D:DC:93:FE:F6:4E:AD:8D:29:BB:43:DA:89:29:11:0C
Authority key identifier: 70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4
Certificate issuer:       /CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
Certificate serial:       019D38D3B2DD50D937D7DDA7871EACC1B668
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:31 +0000
Files and hashes:         1: cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl (hash: bG9UnclE7BycEOkWKDYHrIBpCZRoQ2TDakfuIUgZbX8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:b2:dd:50:d9:37:d7:dd:a7:87:1e:ac:c1:b6:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70b413fa782a3042830da23aa3f3594a7d5ea2f4
        Validity
            Not Before: Mar 29 09:01:31 2026 GMT
            Not After : Mar 30 09:01:31 2026 GMT
        Subject: CN=cd34feb40ddc93fef64ead8d29bb43da8929110c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:0d:6d:95:aa:26:7c:c0:a4:6d:ba:ca:62:d2:
                    f8:1b:1c:4b:64:00:87:12:40:4d:c0:43:08:11:ab:
                    48:ea:26:18:6a:29:8b:e8:75:9e:21:a7:3a:92:96:
                    18:46:31:d1:d9:4e:63:3b:8f:aa:27:7c:88:79:f9:
                    c4:51:26:bc:23:77:25:58:3d:68:e7:4f:07:26:41:
                    86:77:30:f3:bc:4c:ad:bd:cb:e3:79:78:df:85:3e:
                    47:c8:0c:69:12:36:26:dc:3f:56:16:ca:96:f3:18:
                    ef:0f:07:e2:13:04:e6:5e:72:d1:5d:f0:ab:10:ce:
                    4d:40:f6:b0:e3:ec:4e:03:48:3b:b9:ba:75:6b:73:
                    58:f4:7d:65:fd:fd:49:9f:09:27:22:8b:b7:cb:61:
                    27:19:b5:0c:a8:1c:76:6d:8f:b4:4f:21:97:93:a1:
                    d5:25:77:0f:d7:61:ef:a4:ed:74:bb:ef:43:63:3d:
                    3f:9d:54:f2:7f:b9:8e:5f:55:db:ce:6a:0e:60:c5:
                    cc:9b:b3:b7:71:86:cd:8a:4b:ba:2a:bc:7b:d0:e8:
                    42:68:40:da:57:8b:d8:27:ee:0e:46:4d:fb:0e:39:
                    9c:8b:bd:92:4e:d9:f0:4e:5a:66:2b:fa:c1:69:cd:
                    db:df:96:93:60:dc:83:8f:b0:86:e3:d5:d8:af:6b:
                    89:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:34:FE:B4:0D:DC:93:FE:F6:4E:AD:8D:29:BB:43:DA:89:29:11:0C
            X509v3 Authority Key Identifier:
                keyid:70:B4:13:FA:78:2A:30:42:83:0D:A2:3A:A3:F3:59:4A:7D:5E:A2:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLQT-ngqMEKDDaI6o_NZSn1eovQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/8cf1f5-2095-48fa-8c3a-a3137bc83d0a/1/cLQT-ngqMEKDDaI6o_NZSn1eovQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:e6:6c:29:27:05:29:a3:da:00:d7:24:c7:7c:db:61:40:d4:
         e3:2b:33:65:aa:59:82:c3:57:64:9a:ba:9f:c0:a9:81:8f:74:
         29:84:b7:9d:5a:7d:5a:3e:34:f5:8b:ea:89:84:89:d7:60:8a:
         ba:83:00:31:12:9a:33:ce:f5:82:ba:f8:d3:c5:75:d5:ba:67:
         34:8a:c7:8f:aa:a1:de:05:cd:b7:e7:33:a5:49:78:4a:dc:21:
         ea:5c:23:52:22:b9:12:33:c8:48:fc:6e:17:dd:04:bb:d3:ed:
         09:51:c3:67:c0:3f:55:5f:5d:86:de:59:b5:2b:58:90:4d:d3:
         e6:9f:40:c1:b7:97:4a:ad:e4:9e:44:62:d5:37:cb:4e:36:fd:
         68:ab:f0:39:2a:72:bf:45:05:a9:9e:5d:6d:43:e4:4e:05:dd:
         96:51:e1:7c:22:6d:ad:7c:26:0c:55:c2:22:3e:dd:47:24:68:
         5f:ed:70:5b:bc:b1:3a:93:52:16:3b:ca:25:f3:95:d0:c5:f1:
         98:9f:70:a6:26:07:4c:ab:1f:c0:61:a9:dd:a0:d2:b1:fc:53:
         55:5e:59:37:7a:bc:2c:86:fa:e0:12:10:9e:a9:a9:78:60:36:
         a5:ab:f5:fa:f5:7a:78:dd:62:b4:bb:ae:93:2f:bb:d8:12:20:
         5c:aa:57:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407LdUNk3192nhx6swbZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjQxM2ZhNzgyYTMwNDI4MzBkYTIzYWEzZjM1OTRhN2Q1
ZWEyZjQwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
EyhjZDM0ZmViNDBkZGM5M2ZlZjY0ZWFkOGQyOWJiNDNkYTg5MjkxMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg1tlaomfMCkbbrKYtL4GxxLZACH
EkBNwEMIEatI6iYYaimL6HWeIac6kpYYRjHR2U5jO4+qJ3yIefnEUSa8I3clWD1o
508HJkGGdzDzvEytvcvjeXjfhT5HyAxpEjYm3D9WFsqW8xjvDwfiEwTmXnLRXfCr
EM5NQPaw4+xOA0g7ubp1a3NY9H1l/f1JnwknIou3y2EnGbUMqBx2bY+0TyGXk6HV
JXcP12HvpO10u+9DYz0/nVTyf7mOX1XbzmoOYMXMm7O3cYbNiku6Krx70OhCaEDa
V4vYJ+4ORk37Djmci72STtnwTlpmK/rBac3b35aTYNyDj7CG49XYr2uJoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM00/rQN3JP+9k6tjSm7Q9qJKREMMB8GA1UdIwQY
MBaAFHC0E/p4KjBCgw2iOqPzWUp9XqL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2Et
YTMxMzdiYzgzZDBhLzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84Y2YxZjUtMjA5NS00OGZhLThjM2EtYTMxMzdiYzgzZDBh
LzEvY0xRVC1uZ3FNRUtERGFJNm9fTlpTbjFlb3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+ZsKScF
KaPaANckx3zbYUDU4yszZapZgsNXZJq6n8CpgY90KYS3nVp9Wj409YvqiYSJ12CK
uoMAMRKaM871grr408V11bpnNIrHj6qh3gXNt+czpUl4Stwh6lwjUiK5EjPISPxu
F90Eu9PtCVHDZ8A/VV9dht5ZtStYkE3T5p9AwbeXSq3knkRi1TfLTjb9aKvwOSpy
v0UFqZ5dbUPkTgXdllHhfCJtrXwmDFXCIj7dRyRoX+1wW7yxOpNSFjvKJfOV0MXx
mJ9wpiYHTKsfwGGp3aDSsfxTVV5ZN3q8LIb64BIQnqmpeGA2pav1+vV6eN1itLuu
ky+72BIgXKpXMw==
-----END CERTIFICATE-----