Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          HpFraT9v1nA9ejNXJrZnQy3ZcbDksmUHz5sydZfP5pM=
Subject key identifier:   AD:DE:A3:AE:A6:6B:3C:1B:B6:47:7D:EC:15:1A:C1:C0:CD:E3:4D:F7
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       019D38D2CC479C8753F7B387828C38C86493
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:00:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:31 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: JLyqYVnGTMmhdU7iNcoMLnRiVhoz0mv+NaoZlnTREWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:cc:47:9c:87:53:f7:b3:87:82:8c:38:c8:64:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: Mar 29 09:00:31 2026 GMT
            Not After : Mar 30 09:00:31 2026 GMT
        Subject: CN=addea3aea66b3c1bb6477dec151ac1c0cde34df7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c7:7f:6e:ec:f3:ce:03:32:39:a4:c1:3f:6a:
                    3b:52:ad:56:21:92:2e:59:71:cc:fa:39:24:8d:6f:
                    0e:a9:e7:de:a4:01:9b:6b:81:69:1e:36:12:74:cd:
                    31:eb:cd:a3:b3:74:8f:4a:e7:a5:9f:8e:be:5c:93:
                    e6:07:93:29:3c:83:16:ed:8c:02:44:9d:97:55:f6:
                    8a:41:73:99:c7:ab:c4:db:d6:19:34:4d:6d:67:b6:
                    3a:f3:a1:66:ce:6e:33:40:80:82:93:e6:c4:67:84:
                    c6:8d:2c:34:0d:cf:24:5c:82:66:4f:c7:fe:74:04:
                    f7:d6:63:3d:6f:dc:73:8f:a4:7e:a2:7a:e3:bc:d3:
                    97:20:de:18:c2:23:b6:e0:a5:e8:6e:cf:f8:49:ee:
                    16:f0:75:d2:98:43:89:33:b6:ef:9c:b4:3d:68:e9:
                    d1:1a:87:5b:c6:5b:5a:60:a3:c8:c9:8e:6b:25:21:
                    1d:ab:d8:05:e6:5e:ea:7b:19:9d:ab:c8:97:a7:17:
                    1f:a9:61:39:09:38:fa:39:a1:f6:22:c2:b9:fc:c7:
                    6d:ca:91:59:6c:45:3c:e4:47:90:ce:71:58:85:5d:
                    09:91:0d:4f:16:c1:c0:b6:45:18:94:ab:f8:27:f0:
                    3c:d3:3b:27:6b:0c:37:8d:c5:1a:f5:30:43:ad:62:
                    9d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:DE:A3:AE:A6:6B:3C:1B:B6:47:7D:EC:15:1A:C1:C0:CD:E3:4D:F7
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:bf:43:0f:f4:b9:23:a5:2f:43:c9:cd:f0:94:27:c1:ed:6b:
         09:65:10:11:52:5a:e1:78:46:32:1f:ee:ab:7b:e9:b9:e0:c4:
         cf:53:96:48:4c:40:22:30:9c:13:57:cb:37:89:25:b8:39:3b:
         a9:e1:a4:db:0f:e0:40:35:af:7d:81:ed:07:ee:a9:c3:a4:41:
         b7:29:3c:f8:a3:24:32:f5:22:3d:38:eb:75:96:b9:6d:78:52:
         77:6e:5e:df:ea:83:84:f7:aa:23:55:4a:58:6a:3b:25:07:61:
         bf:61:f7:57:fa:89:e2:2b:fc:e8:30:79:7b:06:e6:29:18:6a:
         fa:09:a4:40:dc:df:75:d7:0e:d4:27:d0:ac:35:fd:6c:e3:62:
         0c:0d:95:c2:61:2d:6c:d2:60:c6:2a:90:c1:58:fe:4e:47:4d:
         61:d1:52:86:50:a1:54:a7:85:99:a8:34:6d:fd:78:4e:3e:76:
         93:da:9d:17:64:96:a7:85:5f:15:fe:84:1f:d6:21:37:cf:5c:
         24:28:60:28:5a:0e:02:6a:ee:5d:14:5a:9e:4c:7a:f1:b3:a7:
         6b:50:a7:41:55:1d:15:fd:a6:85:7a:0e:6b:6f:12:93:7c:72:
         06:10:5e:43:88:7c:0d:d5:23:a8:00:3f:18:d0:90:42:0e:59:
         e9:2f:bb:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040sxHnIdT97OHgow4yGSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjYwMzI5MDkwMDMxWhcNMjYwMzMwMDkwMDMxWjAzMTEwLwYDVQQD
EyhhZGRlYTNhZWE2NmIzYzFiYjY0NzdkZWMxNTFhYzFjMGNkZTM0ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosd/buzzzgMyOaTBP2o7Uq1WIZIu
WXHM+jkkjW8OqefepAGba4FpHjYSdM0x682js3SPSueln46+XJPmB5MpPIMW7YwC
RJ2XVfaKQXOZx6vE29YZNE1tZ7Y686Fmzm4zQICCk+bEZ4TGjSw0Dc8kXIJmT8f+
dAT31mM9b9xzj6R+onrjvNOXIN4YwiO24KXobs/4Se4W8HXSmEOJM7bvnLQ9aOnR
GodbxltaYKPIyY5rJSEdq9gF5l7qexmdq8iXpxcfqWE5CTj6OaH2IsK5/MdtypFZ
bEU85EeQznFYhV0JkQ1PFsHAtkUYlKv4J/A80zsnaww3jcUa9TBDrWKdDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3eo66mazwbtkd97BUawcDN4033MB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABL9DD/S5
I6UvQ8nN8JQnwe1rCWUQEVJa4XhGMh/uq3vpueDEz1OWSExAIjCcE1fLN4kluDk7
qeGk2w/gQDWvfYHtB+6pw6RBtyk8+KMkMvUiPTjrdZa5bXhSd25e3+qDhPeqI1VK
WGo7JQdhv2H3V/qJ4iv86DB5ewbmKRhq+gmkQNzfddcO1CfQrDX9bONiDA2VwmEt
bNJgxiqQwVj+TkdNYdFShlChVKeFmag0bf14Tj52k9qdF2SWp4VfFf6EH9YhN89c
JChgKFoOAmruXRRankx68bOna1CnQVUdFf2mhXoOa28Sk3xyBhBeQ4h8DdUjqAA/
GNCQQg5Z6S+7dA==
-----END CERTIFICATE-----