Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
File:                     Da7a5Z2cmvUe9UivsMlkOM73IRw.mft (raw, json)
Hash identifier:          58hYlLXjCsvfLweVRtoAk1HGIsOUCI57m0vLd4AVPuI=
Subject key identifier:   D6:37:A5:29:F0:16:FE:7D:0D:00:A0:5B:7F:D5:BA:E6:F4:4E:EB:72
Authority key identifier: 0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C
Certificate issuer:       /CN=0daedae59d9c9af51ef548afb0c96438cef7211c
Certificate serial:       019D371B213147691BFA9FD39593CD931ADF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 01:00:17 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:17 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:17 +0000
Files and hashes:         1: Da7a5Z2cmvUe9UivsMlkOM73IRw.crl (hash: 5d1RcHDy7BvTSn9Pz9+nr74BD86QqK+M7zvw43I/6hE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:21:31:47:69:1b:fa:9f:d3:95:93:cd:93:1a:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0daedae59d9c9af51ef548afb0c96438cef7211c
        Validity
            Not Before: Mar 29 01:00:17 2026 GMT
            Not After : Mar 30 01:00:17 2026 GMT
        Subject: CN=d637a529f016fe7d0d00a05b7fd5bae6f44eeb72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:dc:f8:80:c1:3c:6e:64:f8:60:4a:ba:d4:69:
                    61:5f:76:ab:ab:5c:77:27:0e:b6:85:ab:63:5f:3d:
                    55:69:1e:59:0e:61:d3:99:9a:2d:15:dd:8f:ff:37:
                    c6:d1:e6:00:b1:a3:43:0c:af:4b:f5:b3:70:0d:24:
                    93:b7:f7:99:86:ca:8f:e5:0c:00:5a:ad:99:44:ad:
                    a4:8a:5a:d2:e4:96:10:36:f5:52:c8:21:40:bb:3f:
                    8e:f7:b7:54:ff:46:41:e7:b9:fd:78:af:67:d6:1f:
                    73:0d:2d:6d:d5:e8:cc:1c:97:c2:5f:ec:a0:32:5f:
                    97:fe:70:ef:77:d4:f2:1d:19:a6:39:c9:7e:cc:e8:
                    df:f9:2a:43:ce:5e:e4:f1:9e:bc:76:78:cb:75:9d:
                    7b:d0:af:fa:25:a0:2c:3e:95:e6:05:b0:14:dc:e0:
                    08:c8:e1:2a:3c:4c:c0:26:47:a3:62:92:96:3f:9a:
                    fc:75:80:a6:a2:55:ad:81:0a:5a:1f:77:e7:22:c6:
                    e5:a8:83:27:35:7a:cb:65:a8:54:be:f2:a9:e4:c4:
                    ca:37:46:14:60:a2:5c:16:92:57:c3:4d:36:35:85:
                    b5:a3:eb:e7:8e:c4:95:fd:09:60:80:5c:6c:ea:db:
                    32:e1:02:18:eb:4f:e6:f7:d8:ff:49:06:a2:27:af:
                    5f:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:37:A5:29:F0:16:FE:7D:0D:00:A0:5B:7F:D5:BA:E6:F4:4E:EB:72
            X509v3 Authority Key Identifier:
                keyid:0D:AE:DA:E5:9D:9C:9A:F5:1E:F5:48:AF:B0:C9:64:38:CE:F7:21:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Da7a5Z2cmvUe9UivsMlkOM73IRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d29d3f-1696-4ed4-96d2-e7eb817ede30/1/Da7a5Z2cmvUe9UivsMlkOM73IRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:61:8a:a0:fc:bd:6d:13:5d:82:d2:86:3f:a8:9b:4d:28:41:
         49:4a:89:59:17:bb:0c:3c:9d:b1:c6:4d:7c:a4:29:fe:94:45:
         5f:29:8f:e6:0f:fd:c8:0d:c3:56:0c:19:db:42:1a:ac:64:6b:
         31:6e:eb:84:04:a6:9b:35:de:07:34:03:50:c2:fc:d1:42:b4:
         c1:0b:6b:ef:fd:67:39:ef:20:4c:b8:9c:35:71:ef:0c:3b:95:
         0f:a9:8f:98:c0:f9:a3:6c:9e:7b:2e:73:a6:3e:44:e4:52:3b:
         a0:3b:e4:9a:a1:7d:e2:fc:16:58:8a:56:f2:88:2a:d8:52:e8:
         88:0c:2b:6e:5b:6d:0e:f1:82:91:e7:79:46:57:0f:79:c6:2f:
         b6:ed:1a:36:58:7d:41:fa:15:f7:bd:8a:7b:c6:5f:81:b7:08:
         cb:20:c0:ca:ce:7a:89:d3:07:9a:78:30:58:c6:b5:4a:1c:4d:
         1a:24:0c:c1:d9:b8:46:09:ec:0f:c0:37:bc:c0:f8:9b:1c:eb:
         b5:0a:17:de:49:4e:97:49:ff:c8:86:cf:d7:0b:b0:99:05:49:
         84:b4:7b:2e:e7:16:69:46:e4:3b:e3:28:35:7e:7e:b3:62:a0:
         9f:c1:aa:53:92:d6:3c:0b:12:1b:ed:78:3d:ac:8e:52:80:27:
         fa:27:05:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03GyExR2kb+p/TlZPNkxrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYWVkYWU1OWQ5YzlhZjUxZWY1NDhhZmIwYzk2NDM4Y2Vm
NzIxMWMwHhcNMjYwMzI5MDEwMDE3WhcNMjYwMzMwMDEwMDE3WjAzMTEwLwYDVQQD
EyhkNjM3YTUyOWYwMTZmZTdkMGQwMGEwNWI3ZmQ1YmFlNmY0NGVlYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstz4gME8bmT4YEq61GlhX3arq1x3
Jw62hatjXz1VaR5ZDmHTmZotFd2P/zfG0eYAsaNDDK9L9bNwDSSTt/eZhsqP5QwA
Wq2ZRK2kilrS5JYQNvVSyCFAuz+O97dU/0ZB57n9eK9n1h9zDS1t1ejMHJfCX+yg
Ml+X/nDvd9TyHRmmOcl+zOjf+SpDzl7k8Z68dnjLdZ170K/6JaAsPpXmBbAU3OAI
yOEqPEzAJkejYpKWP5r8dYCmolWtgQpaH3fnIsblqIMnNXrLZahUvvKp5MTKN0YU
YKJcFpJXw002NYW1o+vnjsSV/QlggFxs6tsy4QIY60/m99j/SQaiJ69fUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNY3pSnwFv59DQCgW3/Vuub0TutyMB8GA1UdIwQY
MBaAFA2u2uWdnJr1HvVIr7DJZDjO9yEcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDIt
ZTdlYjgxN2VkZTMwLzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjlkM2YtMTY5Ni00ZWQ0LTk2ZDItZTdlYjgxN2VkZTMw
LzEvRGE3YTVaMmNtdlVlOVVpdnNNbGtPTTczSVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmGKoPy9
bRNdgtKGP6ibTShBSUqJWRe7DDydscZNfKQp/pRFXymP5g/9yA3DVgwZ20IarGRr
MW7rhASmmzXeBzQDUML80UK0wQtr7/1nOe8gTLicNXHvDDuVD6mPmMD5o2yeey5z
pj5E5FI7oDvkmqF94vwWWIpW8ogq2FLoiAwrblttDvGCked5RlcPecYvtu0aNlh9
QfoV972Ke8ZfgbcIyyDAys56idMHmngwWMa1ShxNGiQMwdm4RgnsD8A3vMD4mxzr
tQoX3klOl0n/yIbP1wuwmQVJhLR7LucWaUbkO+MoNX5+s2Kgn8GqU5LWPAsSG+14
PayOUoAn+icFHQ==
-----END CERTIFICATE-----