Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
File:                     l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft (raw, json)
Hash identifier:          bPHVT4LLOApMVsOsnpHLkhbOeHB25a/vy7hYv+DIRrE=
Subject key identifier:   0D:00:FB:D5:87:E1:6D:8A:45:9C:54:1D:C4:C2:13:9F:C8:0B:9E:10
Authority key identifier: 97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8
Certificate issuer:       /CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
Certificate serial:       019D38D2A8CAA2B306A013D43472F1C2726F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 09:00:23 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:23 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:23 +0000
Files and hashes:         1: l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl (hash: 1SQ34+5mAKfpaOfEWXnypV3U4hInmeFCCqSp3hhDO5Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:a8:ca:a2:b3:06:a0:13:d4:34:72:f1:c2:72:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97577f84188e283fdb5d7a6fcccc4856c19949b8
        Validity
            Not Before: Mar 29 09:00:23 2026 GMT
            Not After : Mar 30 09:00:23 2026 GMT
        Subject: CN=0d00fbd587e16d8a459c541dc4c2139fc80b9e10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:69:c5:ff:52:37:f5:aa:24:c4:58:f7:8a:0e:
                    08:6b:96:0a:d0:76:2b:20:18:8a:c3:c6:a5:9f:cb:
                    11:9e:9c:24:bb:5e:d0:0f:9b:ac:13:31:6b:36:94:
                    83:50:16:b5:a9:9a:64:4c:ea:f2:73:6d:ff:69:b3:
                    68:b9:cf:60:3b:e4:57:56:e2:ae:b0:c7:02:c1:75:
                    ce:1c:b8:c8:ae:7a:32:f0:f9:1c:1e:6f:bd:db:7f:
                    0c:27:5d:ec:54:13:92:dd:45:28:86:1b:f0:2e:78:
                    9c:e7:cc:da:7f:e8:b3:4b:43:66:73:e5:6b:c0:de:
                    1f:89:b9:ff:8c:78:37:ab:e0:d9:92:5d:6e:b8:54:
                    81:75:59:40:82:3a:1d:6c:35:b7:a3:ea:02:18:61:
                    98:08:8b:a4:70:70:31:00:ab:b8:0c:0e:d8:0c:f7:
                    1f:17:e3:4f:57:bc:58:b9:0d:fa:dd:15:49:f1:f1:
                    e4:3f:6e:17:78:67:a2:7f:45:01:8e:3c:48:10:d3:
                    c8:56:fd:73:fa:76:3d:85:66:1f:88:9c:7c:07:57:
                    f2:af:68:33:30:3c:16:08:5b:c4:a3:bd:25:b7:40:
                    d9:87:a2:21:02:2c:00:6e:04:b0:49:03:bc:83:df:
                    96:16:29:a7:65:89:71:44:ad:17:c1:53:64:1c:aa:
                    5a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:00:FB:D5:87:E1:6D:8A:45:9C:54:1D:C4:C2:13:9F:C8:0B:9E:10
            X509v3 Authority Key Identifier:
                keyid:97:57:7F:84:18:8E:28:3F:DB:5D:7A:6F:CC:CC:48:56:C1:99:49:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1d_hBiOKD_bXXpvzMxIVsGZSbg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/b384ba-40ec-42a4-8330-a1a64b49fa50/1/l1d_hBiOKD_bXXpvzMxIVsGZSbg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:92:bf:2b:62:52:98:43:19:74:e3:23:f4:bc:a2:4e:b5:0f:
         ec:8d:5d:6e:fb:9b:97:c5:fa:8b:1d:59:01:cb:b1:79:8c:80:
         a0:d1:c0:86:4a:a4:71:6c:78:21:bc:c1:f7:1e:bf:b2:ac:33:
         df:88:56:27:51:d5:31:83:df:6c:a3:77:1f:05:0f:ce:93:08:
         ee:ea:01:ea:44:d1:e0:f5:b7:b9:dc:51:99:ae:36:2e:1a:2a:
         97:92:9c:80:79:a5:27:97:e1:ec:ec:cc:c0:b6:c5:8d:6d:aa:
         f0:8e:d9:da:cc:f5:57:ae:1a:23:94:aa:52:66:c6:6f:b2:f8:
         3a:18:d8:b8:db:8f:9a:97:01:3d:30:30:a7:56:70:88:11:f3:
         62:f3:a7:02:2b:e6:32:f2:49:5b:73:bd:27:21:b1:2e:36:f9:
         6c:da:65:02:8f:16:61:d3:9c:61:14:cc:ba:0c:b5:ea:51:48:
         0b:38:7e:40:37:d8:06:99:3c:75:bf:72:0e:90:0b:18:d8:c7:
         c6:33:78:40:f3:d3:de:78:e6:54:08:65:2f:72:67:33:35:58:
         85:d5:65:c8:11:73:b3:c3:9b:57:6f:74:5f:8d:e1:bf:38:9d:
         a7:5a:49:de:3f:16:03:37:7e:4f:b7:e7:5e:2f:9f:3e:15:88:
         17:ca:60:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040qjKorMGoBPUNHLxwnJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTc3Zjg0MTg4ZTI4M2ZkYjVkN2E2ZmNjY2M0ODU2YzE5
OTQ5YjgwHhcNMjYwMzI5MDkwMDIzWhcNMjYwMzMwMDkwMDIzWjAzMTEwLwYDVQQD
EygwZDAwZmJkNTg3ZTE2ZDhhNDU5YzU0MWRjNGMyMTM5ZmM4MGI5ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2nF/1I39aokxFj3ig4Ia5YK0HYr
IBiKw8aln8sRnpwku17QD5usEzFrNpSDUBa1qZpkTOryc23/abNouc9gO+RXVuKu
sMcCwXXOHLjIrnoy8PkcHm+9238MJ13sVBOS3UUohhvwLnic58zaf+izS0Nmc+Vr
wN4fibn/jHg3q+DZkl1uuFSBdVlAgjodbDW3o+oCGGGYCIukcHAxAKu4DA7YDPcf
F+NPV7xYuQ363RVJ8fHkP24XeGeif0UBjjxIENPIVv1z+nY9hWYfiJx8B1fyr2gz
MDwWCFvEo70lt0DZh6IhAiwAbgSwSQO8g9+WFimnZYlxRK0XwVNkHKpavQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0A+9WH4W2KRZxUHcTCE5/IC54QMB8GA1UdIwQY
MBaAFJdXf4QYjig/2116b8zMSFbBmUm4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAt
YTFhNjRiNDlmYTUwLzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iMzg0YmEtNDBlYy00MmE0LTgzMzAtYTFhNjRiNDlmYTUw
LzEvbDFkX2hCaU9LRF9iWFhwdnpNeElWc0daU2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATZK/K2JS
mEMZdOMj9LyiTrUP7I1dbvubl8X6ix1ZAcuxeYyAoNHAhkqkcWx4IbzB9x6/sqwz
34hWJ1HVMYPfbKN3HwUPzpMI7uoB6kTR4PW3udxRma42Lhoql5KcgHmlJ5fh7OzM
wLbFjW2q8I7Z2sz1V64aI5SqUmbGb7L4OhjYuNuPmpcBPTAwp1ZwiBHzYvOnAivm
MvJJW3O9JyGxLjb5bNplAo8WYdOcYRTMugy16lFICzh+QDfYBpk8db9yDpALGNjH
xjN4QPPT3njmVAhlL3JnMzVYhdVlyBFzs8ObV290X43hvzidp1pJ3j8WAzd+T7fn
Xi+fPhWIF8pgdQ==
-----END CERTIFICATE-----