Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
File:                     e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft (raw, json)
Hash identifier:          2643mGOvauK08XO3LhQwFCcflXAx0D0KnIcdTw7jM3k=
Subject key identifier:   F1:3A:0F:3B:EA:BB:62:AD:C4:87:64:BB:8B:94:0C:9C:D8:11:21:21
Authority key identifier: 7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69
Certificate issuer:       /CN=7b7873f89c2a985327ea7996267423a7751c6169
Certificate serial:       019D38655A64840445BCAE61CD6E9A134E45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:00:59 +0000
Files and hashes:         1: e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl (hash: 9wHVqfulo/1/P3zfhW44ePnqOylkHmUNzjOYjuiJRlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:5a:64:84:04:45:bc:ae:61:cd:6e:9a:13:4e:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7b7873f89c2a985327ea7996267423a7751c6169
        Validity
            Not Before: Mar 29 07:00:59 2026 GMT
            Not After : Mar 30 07:00:59 2026 GMT
        Subject: CN=f13a0f3beabb62adc48764bb8b940c9cd8112121
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:67:24:12:09:27:48:02:20:6e:6e:0e:3f:06:
                    f3:14:e8:94:cb:02:af:59:6b:be:ce:65:b7:22:41:
                    72:7d:00:4b:1f:40:8b:b6:18:3a:97:95:09:ab:ad:
                    d3:ce:e5:c9:5d:d3:a7:13:d1:61:10:9f:08:63:52:
                    e7:4f:58:87:3b:0b:e5:c7:07:08:d4:61:01:59:64:
                    1c:9c:cb:78:31:05:16:71:49:b5:26:47:c8:1e:c8:
                    b3:d9:72:37:6c:fc:8c:f4:b8:f1:01:ef:88:47:cd:
                    f4:4e:b0:62:b2:93:54:a1:6b:3e:5a:7f:8b:cf:ed:
                    a1:1b:d3:26:fa:77:b7:7e:96:6d:70:6b:5d:44:7e:
                    14:26:77:7a:08:4f:ff:0a:39:b0:ac:ad:14:84:a5:
                    38:bb:e5:9c:40:ac:e1:3c:39:35:47:b2:ad:9f:b9:
                    2c:77:eb:51:67:51:cf:90:ab:c5:30:ba:34:01:e6:
                    4a:51:1c:0c:c2:6d:2e:7f:3c:4a:2c:18:e1:06:3e:
                    f7:50:49:56:9c:2e:16:0b:e2:18:a4:c5:84:6f:3e:
                    2b:15:4f:38:fc:c4:cf:50:60:71:76:7b:e2:01:88:
                    45:e4:f1:03:91:57:fc:db:c7:28:68:1a:56:14:df:
                    3a:77:d6:78:37:34:18:9e:72:b2:cf:dc:27:10:73:
                    65:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:3A:0F:3B:EA:BB:62:AD:C4:87:64:BB:8B:94:0C:9C:D8:11:21:21
            X509v3 Authority Key Identifier:
                keyid:7B:78:73:F8:9C:2A:98:53:27:EA:79:96:26:74:23:A7:75:1C:61:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3hz-JwqmFMn6nmWJnQjp3UcYWk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/6334ae-8661-4b1c-8430-9b9df443c863/1/e3hz-JwqmFMn6nmWJnQjp3UcYWk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:78:83:74:be:ee:09:84:da:fc:e2:b0:84:4c:5e:7d:d4:b3:
         b5:60:16:ce:d3:52:d6:b8:b6:65:c5:5c:ce:91:c0:3e:0e:87:
         71:29:6b:b2:fe:bf:5c:86:d0:5d:67:a6:18:e4:fd:46:62:31:
         49:98:4b:0a:70:90:e1:4f:c7:9f:fd:10:e9:42:55:d3:24:d8:
         80:a6:0c:fa:96:6d:8f:77:da:f5:3b:23:b0:76:85:9d:d2:72:
         2b:72:c9:ae:4b:f6:d1:71:7d:4d:f4:f7:f5:ba:da:31:c0:16:
         cd:12:bb:a7:54:cb:a9:0e:af:6a:d1:32:40:5f:a8:b9:ea:49:
         d2:8c:e2:d3:16:c1:0b:27:15:f7:9c:c6:8e:86:54:af:f0:73:
         e3:ae:e6:31:0b:07:de:a3:fc:4e:34:94:b2:4d:b6:72:d3:ae:
         d8:e4:e2:c5:de:8e:34:02:db:4a:a9:34:2b:4d:70:45:fb:12:
         3f:09:fe:ae:24:d1:3e:09:57:be:ce:69:77:7a:b0:ca:65:10:
         1d:71:1c:3e:8d:09:44:3b:86:86:2f:c6:43:ea:23:e1:80:95:
         fd:ab:2e:ca:23:18:8a:5d:3c:68:f0:88:c1:d5:2e:04:01:0d:
         db:a8:04:03:21:de:53:76:2e:fe:c8:e4:97:b4:ed:0b:ec:ff:
         6a:0f:62:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVpkhARFvK5hzW6aE05FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzg3M2Y4OWMyYTk4NTMyN2VhNzk5NjI2NzQyM2E3NzUx
YzYxNjkwHhcNMjYwMzI5MDcwMDU5WhcNMjYwMzMwMDcwMDU5WjAzMTEwLwYDVQQD
EyhmMTNhMGYzYmVhYmI2MmFkYzQ4NzY0YmI4Yjk0MGM5Y2Q4MTEyMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2ckEgknSAIgbm4OPwbzFOiUywKv
WWu+zmW3IkFyfQBLH0CLthg6l5UJq63TzuXJXdOnE9FhEJ8IY1LnT1iHOwvlxwcI
1GEBWWQcnMt4MQUWcUm1JkfIHsiz2XI3bPyM9LjxAe+IR830TrBispNUoWs+Wn+L
z+2hG9Mm+ne3fpZtcGtdRH4UJnd6CE//CjmwrK0UhKU4u+WcQKzhPDk1R7Ktn7ks
d+tRZ1HPkKvFMLo0AeZKURwMwm0ufzxKLBjhBj73UElWnC4WC+IYpMWEbz4rFU84
/MTPUGBxdnviAYhF5PEDkVf828coaBpWFN86d9Z4NzQYnnKyz9wnEHNlIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPE6Dzvqu2KtxIdku4uUDJzYESEhMB8GA1UdIwQY
MBaAFHt4c/icKphTJ+p5liZ0I6d1HGFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAt
OWI5ZGY0NDNjODYzLzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi82MzM0YWUtODY2MS00YjFjLTg0MzAtOWI5ZGY0NDNjODYz
LzEvZTNoei1Kd3FtRk1uNm5tV0puUWpwM1VjWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYniDdL7u
CYTa/OKwhExefdSztWAWztNS1ri2ZcVczpHAPg6HcSlrsv6/XIbQXWemGOT9RmIx
SZhLCnCQ4U/Hn/0Q6UJV0yTYgKYM+pZtj3fa9TsjsHaFndJyK3LJrkv20XF9TfT3
9braMcAWzRK7p1TLqQ6vatEyQF+ouepJ0ozi0xbBCycV95zGjoZUr/Bz467mMQsH
3qP8TjSUsk22ctOu2OTixd6ONALbSqk0K01wRfsSPwn+riTRPglXvs5pd3qwymUQ
HXEcPo0JRDuGhi/GQ+oj4YCV/asuyiMYil08aPCIwdUuBAEN26gEAyHeU3Yu/sjk
l7TtC+z/ag9iJQ==
-----END CERTIFICATE-----