Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
File:                     0IpNevM5v1JVcjk3VdHPszzdta0.mft (raw, json)
Hash identifier:          404slniuy9ycTuHbf51XnV8r1kJ+2eGj4vddL45OW/Y=
Subject key identifier:   03:9E:25:32:EF:14:96:B8:16:41:EC:B9:7A:01:B6:86:BB:32:27:7E
Authority key identifier: D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD
Certificate issuer:       /CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
Certificate serial:       019D39AEC804B991E0298B54A47262CD603C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 13:00:48 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:48 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:48 +0000
Files and hashes:         1: 0IpNevM5v1JVcjk3VdHPszzdta0.crl (hash: 2Uxcz/gJQm6b6GzEfU/lZw5OgZVgjdQnDF53MW8RVDE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 13:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:c8:04:b9:91:e0:29:8b:54:a4:72:62:cd:60:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
        Validity
            Not Before: Mar 29 13:00:48 2026 GMT
            Not After : Mar 30 13:00:48 2026 GMT
        Subject: CN=039e2532ef1496b81641ecb97a01b686bb32277e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:96:c5:71:7f:30:d0:19:37:67:cd:3d:5a:13:
                    81:ce:01:63:96:57:71:df:5c:e9:b6:e5:b7:d8:8e:
                    6b:36:44:51:b0:db:fb:17:23:b8:e6:85:84:e5:06:
                    3b:53:68:f4:51:58:da:92:be:70:30:15:05:81:2c:
                    15:19:5b:67:e6:e5:c2:e8:32:e5:58:d1:8b:3d:07:
                    60:38:da:da:7f:b4:03:0f:97:2e:19:e9:37:cb:96:
                    a1:55:23:9a:5f:de:7f:2c:d9:73:96:fc:27:fa:2e:
                    89:35:c4:1b:5d:23:84:fe:4a:9a:59:2b:08:ab:ba:
                    ac:19:6b:dd:15:d0:71:01:2e:40:a3:8c:6e:65:8c:
                    8a:cb:10:cd:9d:da:18:59:da:44:1b:70:c9:9b:3b:
                    5a:41:81:28:77:94:19:b6:c4:51:88:2e:c2:06:4e:
                    46:96:e5:72:62:60:b9:9f:59:e3:fe:6e:b6:31:ed:
                    48:51:cb:03:97:41:87:66:d8:3d:d2:4a:64:10:ee:
                    65:5d:78:f9:53:78:a5:a0:67:f7:3c:a8:33:53:96:
                    4e:c7:3f:cc:b7:dd:35:bc:0e:1f:78:0b:89:8a:a3:
                    66:13:4c:bb:43:bc:e0:ba:1a:48:9f:c3:23:ff:ce:
                    f4:a6:69:1f:35:0f:b3:6f:83:26:d8:25:0b:44:6f:
                    e8:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:9E:25:32:EF:14:96:B8:16:41:EC:B9:7A:01:B6:86:BB:32:27:7E
            X509v3 Authority Key Identifier:
                keyid:D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:c7:a4:93:03:60:ab:04:a2:cf:54:02:c6:57:69:85:8c:30:
         7a:d3:b1:00:21:b1:1e:64:f1:b4:f5:a3:a9:ed:2a:53:29:6d:
         60:fa:53:30:32:a8:39:60:2f:c5:67:d7:7d:60:cd:60:9d:48:
         99:81:5e:cd:8b:d7:4c:5f:53:b7:b1:fc:23:54:d2:a3:f2:d8:
         45:f7:34:30:b0:05:57:5c:91:71:6e:c6:41:16:a2:0e:e6:58:
         a6:db:41:ab:fd:61:dd:af:9e:53:72:a6:20:1f:ba:37:88:6e:
         d5:f5:66:a0:d2:4f:79:23:09:f8:07:45:27:9b:54:59:05:18:
         e2:1c:40:09:a7:a7:c2:63:61:bd:9d:6f:fc:1f:6e:cf:b9:07:
         7b:97:fe:8f:d7:c6:23:8b:bd:1f:f0:d9:42:b4:c7:0b:35:40:
         58:e5:db:9e:c6:c6:38:2b:93:98:c1:37:45:52:83:56:03:db:
         dd:38:00:f4:37:ed:b7:b8:3f:18:1c:cb:76:90:c8:ef:c1:d5:
         f8:c8:fe:17:14:b7:c0:ad:f5:6e:7e:90:a2:ac:b4:fb:10:dd:
         90:60:6b:51:42:2e:ca:3c:d4:78:9c:c9:60:bd:fb:3f:ae:31:
         55:6e:27:05:12:82:7f:7e:9a:83:fe:42:aa:ed:60:c5:e8:73:
         4c:ea:e7:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rsgEuZHgKYtUpHJizWA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGE0ZDdhZjMzOWJmNTI1NTcyMzkzNzU1ZDFjZmIzM2Nk
ZGI1YWQwHhcNMjYwMzI5MTMwMDQ4WhcNMjYwMzMwMTMwMDQ4WjAzMTEwLwYDVQQD
EygwMzllMjUzMmVmMTQ5NmI4MTY0MWVjYjk3YTAxYjY4NmJiMzIyNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5bFcX8w0Bk3Z809WhOBzgFjlldx
31zptuW32I5rNkRRsNv7FyO45oWE5QY7U2j0UVjakr5wMBUFgSwVGVtn5uXC6DLl
WNGLPQdgONraf7QDD5cuGek3y5ahVSOaX95/LNlzlvwn+i6JNcQbXSOE/kqaWSsI
q7qsGWvdFdBxAS5Ao4xuZYyKyxDNndoYWdpEG3DJmztaQYEod5QZtsRRiC7CBk5G
luVyYmC5n1nj/m62Me1IUcsDl0GHZtg90kpkEO5lXXj5U3iloGf3PKgzU5ZOxz/M
t901vA4feAuJiqNmE0y7Q7zguhpIn8Mj/870pmkfNQ+zb4Mm2CULRG/owwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOeJTLvFJa4FkHsuXoBtoa7Mid+MB8GA1UdIwQY
MBaAFNCKTXrzOb9SVXI5N1XRz7M83bWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMt
ZDVhMWVhOWVkYjA4LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMtZDVhMWVhOWVkYjA4
LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWMekkwNg
qwSiz1QCxldphYwwetOxACGxHmTxtPWjqe0qUyltYPpTMDKoOWAvxWfXfWDNYJ1I
mYFezYvXTF9Tt7H8I1TSo/LYRfc0MLAFV1yRcW7GQRaiDuZYpttBq/1h3a+eU3Km
IB+6N4hu1fVmoNJPeSMJ+AdFJ5tUWQUY4hxACaenwmNhvZ1v/B9uz7kHe5f+j9fG
I4u9H/DZQrTHCzVAWOXbnsbGOCuTmME3RVKDVgPb3TgA9Dftt7g/GBzLdpDI78HV
+Mj+FxS3wK31bn6Qoqy0+xDdkGBrUUIuyjzUeJzJYL37P64xVW4nBRKCf36ag/5C
qu1gxehzTOrnAw==
-----END CERTIFICATE-----