Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
File:                     ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft (raw, json)
Hash identifier:          3eynjjyzWvjletcgcZPpybHlnlc6Po3aHToxmb2q8X0=
Subject key identifier:   E0:0F:23:D6:92:7C:BF:9C:B5:EB:95:55:FF:35:31:5E:7F:3E:89:1E
Authority key identifier: 44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61
Certificate issuer:       /CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
Certificate serial:       019D38D2E98ADDCC85ED3B42B7D23C9EE65E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 09:00:39 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:39 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:39 +0000
Files and hashes:         1: ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl (hash: K+OwG+6S8HjblKf1TTILEgkig4ePdauzQgnJ3lvTrGE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:e9:8a:dd:cc:85:ed:3b:42:b7:d2:3c:9e:e6:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecede7e0ffbd308acb91121368df8d6cb2e961
        Validity
            Not Before: Mar 29 09:00:39 2026 GMT
            Not After : Mar 30 09:00:39 2026 GMT
        Subject: CN=e00f23d6927cbf9cb5eb9555ff35315e7f3e891e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c8:6a:e7:b6:77:94:2f:c1:65:59:95:7e:1a:
                    2f:55:71:72:78:1a:ab:da:8a:5b:85:66:43:cb:24:
                    6e:95:0e:d6:89:fc:b3:fc:ef:9d:0c:a3:e8:b6:2a:
                    2a:5f:94:5b:e6:fd:0d:63:0e:4c:fa:41:b8:a4:29:
                    34:19:1b:7c:c0:80:08:2d:33:c6:3d:ad:81:9c:a9:
                    d3:e8:09:f1:51:98:32:fc:e4:0f:8b:9f:1f:1b:d0:
                    6c:49:eb:73:98:58:21:f7:b8:42:5b:90:11:5e:77:
                    19:2a:85:a2:7d:14:50:7d:99:f8:ce:18:f6:a8:70:
                    fc:ba:71:6b:28:8a:74:84:b1:ad:81:25:dd:ec:b0:
                    1e:4d:d2:14:17:44:75:98:4a:dd:c4:97:dc:bd:1e:
                    67:a9:ef:29:16:1a:b8:04:ed:a8:d8:8d:25:a4:f4:
                    bf:4f:b3:ff:d8:44:5b:92:33:49:3d:fb:21:89:7b:
                    c1:15:08:4b:37:85:89:9e:b4:c0:d1:06:55:ab:dd:
                    96:d7:f0:05:d3:ef:10:91:54:af:7a:f9:9c:90:33:
                    8b:06:f9:88:c2:ab:05:36:cc:27:55:cc:7f:03:51:
                    e2:1e:b5:74:8a:57:05:18:67:ff:4d:51:ea:39:77:
                    dd:ca:1f:eb:33:91:52:7c:fe:b6:26:ab:ef:de:c0:
                    17:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:0F:23:D6:92:7C:BF:9C:B5:EB:95:55:FF:35:31:5E:7F:3E:89:1E
            X509v3 Authority Key Identifier:
                keyid:44:EC:ED:E7:E0:FF:BD:30:8A:CB:91:12:13:68:DF:8D:6C:B2:E9:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzt5-D_vTCKy5ESE2jfjWyy6WE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/439275-30bf-4f61-b4d5-80930b284a69/1/ROzt5-D_vTCKy5ESE2jfjWyy6WE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:d3:39:9c:f8:0d:d7:eb:0f:c8:26:4c:31:d5:e7:fc:9b:db:
         36:c5:55:fb:4d:8f:07:68:23:63:5c:e2:03:5b:de:7b:b0:d1:
         2c:01:c7:2d:a2:12:d1:7d:b9:32:c7:e9:2b:f1:c1:1a:6d:bf:
         d1:0a:c7:77:4c:d1:28:dc:c9:c0:22:3d:b0:c2:45:a2:d3:ba:
         d8:55:31:e5:13:d2:fa:66:35:52:97:b1:f1:ff:2e:f5:dc:e2:
         b2:30:aa:c6:29:d0:1a:c6:73:3a:51:55:63:5b:73:fb:b9:24:
         0e:a5:2d:79:4f:57:ca:25:36:17:7f:a8:18:eb:65:9f:47:21:
         67:79:bc:4a:09:a7:b0:9f:4c:bb:c7:56:cb:a1:3f:37:2d:eb:
         d8:62:f0:c2:29:32:d1:65:89:09:21:29:cb:6f:b1:73:f0:23:
         5d:e4:e9:f9:52:21:90:a7:a2:4a:f7:af:3c:be:9c:e3:be:26:
         57:dd:2e:f4:f4:b1:3d:cb:f7:1c:2b:53:24:ec:cf:b4:2f:75:
         19:15:8d:72:6c:1e:f8:7c:72:34:8d:ed:64:49:3b:e9:20:2c:
         98:86:86:01:57:3d:83:27:5a:79:49:cc:ea:f4:1f:01:b3:b2:
         d4:29:8a:cf:66:0f:3e:72:35:f9:d4:33:fa:45:c4:cc:c0:30:
         0f:bb:f1:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040umK3cyF7TtCt9I8nuZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlZGU3ZTBmZmJkMzA4YWNiOTExMjEzNjhkZjhkNmNi
MmU5NjEwHhcNMjYwMzI5MDkwMDM5WhcNMjYwMzMwMDkwMDM5WjAzMTEwLwYDVQQD
EyhlMDBmMjNkNjkyN2NiZjljYjVlYjk1NTVmZjM1MzE1ZTdmM2U4OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoshq57Z3lC/BZVmVfhovVXFyeBqr
2opbhWZDyyRulQ7Wifyz/O+dDKPotioqX5Rb5v0NYw5M+kG4pCk0GRt8wIAILTPG
Pa2BnKnT6AnxUZgy/OQPi58fG9BsSetzmFgh97hCW5ARXncZKoWifRRQfZn4zhj2
qHD8unFrKIp0hLGtgSXd7LAeTdIUF0R1mErdxJfcvR5nqe8pFhq4BO2o2I0lpPS/
T7P/2ERbkjNJPfshiXvBFQhLN4WJnrTA0QZVq92W1/AF0+8QkVSvevmckDOLBvmI
wqsFNswnVcx/A1HiHrV0ilcFGGf/TVHqOXfdyh/rM5FSfP62Jqvv3sAX5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAPI9aSfL+cteuVVf81MV5/PokeMB8GA1UdIwQY
MBaAFETs7efg/70wisuREhNo341ssulhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUt
ODA5MzBiMjg0YTY5LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MzkyNzUtMzBiZi00ZjYxLWI0ZDUtODA5MzBiMjg0YTY5
LzEvUk96dDUtRF92VENLeTVFU0UyamZqV3l5NldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOtM5nPgN
1+sPyCZMMdXn/JvbNsVV+02PB2gjY1ziA1vee7DRLAHHLaIS0X25MsfpK/HBGm2/
0QrHd0zRKNzJwCI9sMJFotO62FUx5RPS+mY1Upex8f8u9dzisjCqxinQGsZzOlFV
Y1tz+7kkDqUteU9XyiU2F3+oGOtln0chZ3m8SgmnsJ9Mu8dWy6E/Ny3r2GLwwiky
0WWJCSEpy2+xc/AjXeTp+VIhkKeiSvevPL6c474mV90u9PSxPcv3HCtTJOzPtC91
GRWNcmwe+HxyNI3tZEk76SAsmIaGAVc9gydaeUnM6vQfAbOy1CmKz2YPPnI1+dQz
+kXEzMAwD7vxkQ==
-----END CERTIFICATE-----