Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          6yTeYRkojTKZbW67TI+Zf2cbylIF6RnsdSuLlh2kCrc=
Subject key identifier:   01:A9:DE:44:B5:D8:FB:C6:72:AA:3B:30:39:4C:21:4C:85:9B:E2:7C
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       019D39410E9DE692CD0C5169F1890CC9160B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          188E
Signing time:             Sun 29 Mar 2026 11:00:57 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:57 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:57 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: aSva7tXWFngOF42C+1VHzxCLfpYnCiyepIzLUGCj0HE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:0e:9d:e6:92:cd:0c:51:69:f1:89:0c:c9:16:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Mar 29 11:00:57 2026 GMT
            Not After : Mar 30 11:00:57 2026 GMT
        Subject: CN=01a9de44b5d8fbc672aa3b30394c214c859be27c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:48:6b:21:8f:68:a6:68:d5:b3:bc:5a:3b:cf:
                    bd:5b:ee:eb:6c:6a:75:90:fe:8b:bb:c8:94:c2:fe:
                    b3:67:e5:44:9c:c5:90:2b:4d:d4:55:4a:be:9f:72:
                    22:d0:a5:54:4e:2c:94:f3:f9:50:2f:5c:36:c4:94:
                    2e:6b:c8:40:78:28:77:16:f0:94:e1:5f:c8:d2:66:
                    4d:5e:64:74:c5:f1:62:e8:81:11:4d:34:97:b2:67:
                    aa:bf:84:c6:f6:15:24:52:65:77:d8:58:26:7f:e6:
                    1c:c9:5e:ff:52:81:8f:b1:0e:bb:47:f5:be:eb:59:
                    40:87:75:2b:43:35:a3:92:3b:7c:34:98:fc:c2:15:
                    2c:ea:28:86:6c:83:6a:3c:c9:1a:f3:e3:35:a2:2f:
                    bc:90:d8:9a:9e:17:3a:39:f1:a7:33:3e:dd:d6:dc:
                    bb:86:cb:22:26:69:89:68:80:f0:35:21:30:15:65:
                    f4:fe:fd:ec:28:b9:34:31:51:3d:e0:46:4c:d3:e8:
                    69:be:21:fe:51:ea:94:d7:91:bd:72:5d:d9:1a:62:
                    7e:90:ac:12:a0:08:f3:f9:48:9c:cc:4c:cc:8d:d5:
                    56:b6:0a:c9:f5:4b:bc:97:c1:59:45:56:f4:2c:26:
                    79:ed:de:e1:45:4d:fc:f1:7e:f9:9d:c0:f8:46:cf:
                    d6:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:A9:DE:44:B5:D8:FB:C6:72:AA:3B:30:39:4C:21:4C:85:9B:E2:7C
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:c9:07:57:f8:4e:4e:b6:27:ed:dc:5d:05:46:f1:2b:a3:32:
         95:98:a5:af:fc:f7:5d:22:35:06:c9:b6:7f:1e:43:57:8a:45:
         9c:e1:fc:1b:f7:39:44:77:9b:35:5e:10:10:7c:08:98:54:a4:
         d6:ed:4a:1d:f2:90:47:38:56:0c:4e:9b:7c:40:93:ab:3a:ab:
         96:a8:98:e4:ac:40:f1:a5:e7:36:e4:80:d8:d4:1a:05:3d:3a:
         c4:42:7a:18:7f:e3:69:68:ed:fe:a8:9c:6c:f7:de:93:c8:bf:
         6f:10:af:bf:b4:18:b4:6c:e4:69:c1:91:aa:a1:3d:cd:dd:9f:
         04:39:9d:cb:77:4b:96:90:69:54:03:2c:69:80:49:48:d2:25:
         31:38:7a:bf:51:82:38:6f:fa:2e:37:fa:c7:5d:c9:2d:91:dc:
         8b:8f:ec:0a:c6:b2:4f:ab:e3:7a:e1:e3:d1:0e:a1:07:9c:a8:
         fc:94:52:2e:d9:05:1c:e3:b4:28:d3:48:69:34:0b:ee:36:bf:
         c2:d5:8a:49:be:8d:b5:ed:d2:b9:03:00:14:39:49:d3:55:25:
         dc:c0:df:df:b4:66:77:54:9f:50:d0:a2:c8:67:5e:f4:f7:8c:
         3a:dd:4b:b3:fb:e1:e1:70:5d:ca:cd:78:1d:10:ec:53:97:21:
         0e:d0:73:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QQ6d5pLNDFFp8YkMyRYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjYwMzI5MTEwMDU3WhcNMjYwMzMwMTEwMDU3WjAzMTEwLwYDVQQD
EygwMWE5ZGU0NGI1ZDhmYmM2NzJhYTNiMzAzOTRjMjE0Yzg1OWJlMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EhrIY9opmjVs7xaO8+9W+7rbGp1
kP6Lu8iUwv6zZ+VEnMWQK03UVUq+n3Ii0KVUTiyU8/lQL1w2xJQua8hAeCh3FvCU
4V/I0mZNXmR0xfFi6IERTTSXsmeqv4TG9hUkUmV32Fgmf+YcyV7/UoGPsQ67R/W+
61lAh3UrQzWjkjt8NJj8whUs6iiGbINqPMka8+M1oi+8kNianhc6OfGnMz7d1ty7
hssiJmmJaIDwNSEwFWX0/v3sKLk0MVE94EZM0+hpviH+UeqU15G9cl3ZGmJ+kKwS
oAjz+UiczEzMjdVWtgrJ9Uu8l8FZRVb0LCZ57d7hRU388X75ncD4Rs/WdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAGp3kS12PvGcqo7MDlMIUyFm+J8MB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgskHV/hO
TrYn7dxdBUbxK6MylZilr/z3XSI1Bsm2fx5DV4pFnOH8G/c5RHebNV4QEHwImFSk
1u1KHfKQRzhWDE6bfECTqzqrlqiY5KxA8aXnNuSA2NQaBT06xEJ6GH/jaWjt/qic
bPfek8i/bxCvv7QYtGzkacGRqqE9zd2fBDmdy3dLlpBpVAMsaYBJSNIlMTh6v1GC
OG/6Ljf6x13JLZHci4/sCsayT6vjeuHj0Q6hB5yo/JRSLtkFHOO0KNNIaTQL7ja/
wtWKSb6Nte3SuQMAFDlJ01Ul3MDf37Rmd1SfUNCiyGde9PeMOt1Ls/vh4XBdys14
HRDsU5chDtBzIg==
-----END CERTIFICATE-----