Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
File:                     eH0Q8i5f-ksg99W3goxVuVCal1k.mft (raw, json)
Hash identifier:          qILkwTyfXgHyfraAAcembg+QAUO6poW5uvrlWw5YEr0=
Subject key identifier:   BC:79:FC:F9:CE:07:74:05:09:6B:CE:26:24:57:13:39:58:E2:16:85
Authority key identifier: 78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59
Certificate issuer:       /CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
Certificate serial:       019D39099EF807B60275CA287C2FA2FFFC60
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 10:00:24 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:24 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:24 +0000
Files and hashes:         1: eH0Q8i5f-ksg99W3goxVuVCal1k.crl (hash: Rx6eFRpkcvHv/3uTtI277Gi0nsJnLQVXf1tzanZdiCs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:9e:f8:07:b6:02:75:ca:28:7c:2f:a2:ff:fc:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787d10f22e5ffa4b20f7d5b7828c55b9509a9759
        Validity
            Not Before: Mar 29 10:00:24 2026 GMT
            Not After : Mar 30 10:00:24 2026 GMT
        Subject: CN=bc79fcf9ce077405096bce262457133958e21685
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:b1:a7:8e:1b:0b:c7:81:6a:0d:63:4a:4c:60:
                    ca:86:4f:70:15:38:9c:4f:84:c8:12:f4:80:27:2e:
                    35:80:90:52:52:32:c6:94:43:d8:f0:a1:f9:b5:47:
                    2e:14:f1:b8:57:51:85:a4:aa:64:72:18:21:b0:3d:
                    83:04:d4:3b:08:c2:da:35:67:14:f8:71:3d:23:f1:
                    98:a6:e6:81:c5:41:52:ca:7c:35:35:7b:a6:0a:89:
                    b8:85:d2:26:c8:44:8f:eb:0a:b2:94:02:ca:c6:d8:
                    f7:6b:5b:c9:63:d4:af:bc:fd:a3:bf:8e:19:bd:8e:
                    f1:66:32:00:37:3f:26:bd:65:5f:c9:c0:79:43:99:
                    3a:c4:d1:81:cc:98:2c:18:fa:34:cc:b9:86:dc:51:
                    d9:7a:5d:01:1d:b8:99:90:c5:93:4b:01:5f:51:6b:
                    97:2b:f3:1d:cc:7f:a1:a6:85:7a:a8:de:a6:7e:5c:
                    8e:a6:13:bc:85:63:1a:dc:49:7d:5e:fc:73:e4:67:
                    ac:ea:86:4c:ec:c4:2a:45:c7:5a:51:5b:fe:f1:fb:
                    96:6a:2b:37:1b:13:e3:31:e8:8b:09:48:00:9a:e2:
                    50:d6:cc:ca:e0:9e:15:78:9d:e5:f9:2e:fd:9b:43:
                    a9:4f:0f:48:10:8c:ae:13:02:62:dd:15:b1:b1:7e:
                    9b:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:79:FC:F9:CE:07:74:05:09:6B:CE:26:24:57:13:39:58:E2:16:85
            X509v3 Authority Key Identifier:
                keyid:78:7D:10:F2:2E:5F:FA:4B:20:F7:D5:B7:82:8C:55:B9:50:9A:97:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH0Q8i5f-ksg99W3goxVuVCal1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/ab8055-389c-43ed-abde-bf0de2bb1c3c/1/eH0Q8i5f-ksg99W3goxVuVCal1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:25:11:7f:f3:9a:44:1a:25:bc:95:96:2c:8e:e5:fc:65:b2:
         b5:ae:df:5e:9f:5f:04:6f:d0:18:83:90:6f:df:ab:3a:b7:8b:
         69:29:63:bf:eb:db:09:31:7e:99:4e:3d:9a:35:15:d1:5d:21:
         e0:6b:bf:b3:60:4c:e6:ec:2b:a9:96:bc:48:03:2b:a3:14:83:
         fa:44:a0:12:b4:e5:07:08:0e:fa:2d:a5:34:ed:e1:ba:67:08:
         29:2b:11:c8:e0:0d:8a:96:d5:47:68:bb:65:55:cc:89:d9:c0:
         4b:57:38:ea:0d:4e:fc:59:31:e1:80:ee:2c:fa:a2:ca:c7:0a:
         22:04:8a:bf:df:dc:15:cd:18:80:32:25:65:c0:fd:1c:3f:50:
         e7:d1:ca:44:c0:cd:1a:fd:55:7a:a0:fa:c0:2e:9f:5a:37:65:
         04:ca:a8:93:d9:c5:93:0d:bb:9b:b2:46:28:78:92:81:b1:85:
         6a:0f:c5:49:c7:11:a2:21:e3:a6:da:61:4d:89:b0:6a:88:65:
         e3:5b:eb:3d:35:f4:c6:0e:a0:e6:b1:54:79:da:ce:56:a4:05:
         45:3b:b4:74:7f:7e:72:c7:75:a6:d7:bc:e4:14:01:84:f5:82:
         66:93:9f:65:04:0c:d8:ef:8e:9a:6c:09:19:04:9d:9b:58:46:
         ff:a7:bd:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CZ74B7YCdcoofC+i//xgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2QxMGYyMmU1ZmZhNGIyMGY3ZDViNzgyOGM1NWI5NTA5
YTk3NTkwHhcNMjYwMzI5MTAwMDI0WhcNMjYwMzMwMTAwMDI0WjAzMTEwLwYDVQQD
EyhiYzc5ZmNmOWNlMDc3NDA1MDk2YmNlMjYyNDU3MTMzOTU4ZTIxNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbGnjhsLx4FqDWNKTGDKhk9wFTic
T4TIEvSAJy41gJBSUjLGlEPY8KH5tUcuFPG4V1GFpKpkchghsD2DBNQ7CMLaNWcU
+HE9I/GYpuaBxUFSynw1NXumCom4hdImyESP6wqylALKxtj3a1vJY9SvvP2jv44Z
vY7xZjIANz8mvWVfycB5Q5k6xNGBzJgsGPo0zLmG3FHZel0BHbiZkMWTSwFfUWuX
K/MdzH+hpoV6qN6mflyOphO8hWMa3El9Xvxz5Ges6oZM7MQqRcdaUVv+8fuWais3
GxPjMeiLCUgAmuJQ1szK4J4VeJ3l+S79m0OpTw9IEIyuEwJi3RWxsX6bswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLx5/PnOB3QFCWvOJiRXEzlY4haFMB8GA1UdIwQY
MBaAFHh9EPIuX/pLIPfVt4KMVblQmpdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUt
YmYwZGUyYmIxYzNjLzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYjgwNTUtMzg5Yy00M2VkLWFiZGUtYmYwZGUyYmIxYzNj
LzEvZUgwUThpNWYta3NnOTlXM2dveFZ1VkNhbDFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlCURf/Oa
RBolvJWWLI7l/GWyta7fXp9fBG/QGIOQb9+rOreLaSljv+vbCTF+mU49mjUV0V0h
4Gu/s2BM5uwrqZa8SAMroxSD+kSgErTlBwgO+i2lNO3humcIKSsRyOANipbVR2i7
ZVXMidnAS1c46g1O/Fkx4YDuLPqiyscKIgSKv9/cFc0YgDIlZcD9HD9Q59HKRMDN
Gv1VeqD6wC6fWjdlBMqok9nFkw27m7JGKHiSgbGFag/FSccRoiHjptphTYmwaohl
41vrPTX0xg6g5rFUedrOVqQFRTu0dH9+csd1pte85BQBhPWCZpOfZQQM2O+OmmwJ
GQSdm1hG/6e93w==
-----END CERTIFICATE-----