Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
File:                     sCnHJ8biLu2PvNHot2k5V40Nygo.mft (raw, json)
Hash identifier:          oQpMyC0uUxRzKcXFR7EITLsNr999jg/tFVNzTF63JVE=
Subject key identifier:   D0:91:E6:14:CC:34:D1:9B:9B:4F:46:CD:BF:13:3F:78:DB:45:45:09
Authority key identifier: B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A
Certificate issuer:       /CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a
Certificate serial:       019D3865DE6BD944CF87C1722B66BB0482E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:01:33 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:33 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:33 +0000
Files and hashes:         1: sCnHJ8biLu2PvNHot2k5V40Nygo.crl (hash: V3w4UCeM1M0kV3PLmTuI/WQix+OvRGoRKuShkAc3rfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:de:6b:d9:44:cf:87:c1:72:2b:66:bb:04:82:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a
        Validity
            Not Before: Mar 29 07:01:33 2026 GMT
            Not After : Mar 30 07:01:33 2026 GMT
        Subject: CN=d091e614cc34d19b9b4f46cdbf133f78db454509
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ec:5e:71:d5:94:31:62:48:24:b9:74:36:b7:
                    59:f3:f8:03:15:45:83:05:49:65:f2:42:b4:c7:82:
                    fa:e5:5e:89:eb:73:ad:19:68:2a:fe:31:8d:71:ca:
                    c6:e2:43:a8:20:9e:a8:d0:a8:84:2b:a0:61:a6:db:
                    08:fb:bb:72:83:3e:f1:1d:ef:3e:a7:5c:26:7a:2f:
                    88:65:9d:3c:05:80:61:1e:d8:52:b9:09:4d:9f:0b:
                    35:cc:67:f2:6e:da:f9:d1:1c:b8:41:45:47:06:4a:
                    0d:2f:c2:23:84:39:5d:e1:d2:7e:c6:ce:98:ec:06:
                    53:a5:6d:49:b7:66:d6:29:d0:a8:36:ab:ab:21:a9:
                    93:e2:a5:60:88:b4:43:c2:9f:2d:73:5c:14:93:99:
                    dc:b1:ec:d1:8f:cc:38:1c:d2:bd:35:cf:80:d6:bd:
                    75:a9:c4:d5:0d:6c:65:b4:5d:f7:5e:19:d6:67:b5:
                    73:79:54:f1:22:6e:77:30:63:d0:66:60:90:43:3b:
                    7e:e7:6b:11:9c:52:d4:a0:f6:99:82:2a:bc:cb:27:
                    83:9b:3c:b6:68:74:a1:9c:5e:59:ab:ab:75:61:ec:
                    2b:46:92:af:ab:a3:06:8b:2f:c8:c2:60:78:1d:15:
                    1a:28:e3:22:37:75:1a:95:a8:be:a9:c4:2d:d4:f0:
                    fd:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:91:E6:14:CC:34:D1:9B:9B:4F:46:CD:BF:13:3F:78:DB:45:45:09
            X509v3 Authority Key Identifier:
                keyid:B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:9e:8e:3a:fe:93:3e:6b:80:06:84:9b:82:93:81:d0:d1:dd:
         0c:12:53:38:13:14:30:5c:9d:67:e3:ae:77:f3:78:f1:cb:52:
         c3:b8:3f:fd:ab:a0:b9:02:60:61:7d:16:59:5d:52:ac:8c:3b:
         93:b1:10:76:3f:98:7d:c5:6d:4b:3e:6a:1d:37:ae:6d:d4:48:
         31:41:cc:6a:1f:f2:63:2c:8e:57:87:69:e7:a3:53:5f:8f:68:
         e5:2f:17:21:75:b3:dc:5f:dd:40:71:21:5a:dd:e7:24:d2:fc:
         1c:5d:43:35:f3:00:9a:f0:6f:d4:71:a2:fb:63:94:db:52:df:
         78:d3:ce:0d:30:3f:52:ae:72:77:cd:68:5f:a2:3e:06:c1:da:
         5b:71:87:95:11:0d:84:af:e6:be:78:42:57:ac:be:f4:42:27:
         87:6c:6e:5b:b6:9f:73:b1:dd:12:36:25:4a:03:5e:77:f9:a9:
         77:11:58:16:ab:5f:aa:71:00:7b:62:20:1b:2d:37:54:81:4d:
         b3:ff:e8:1b:26:87:55:45:91:2c:50:0c:07:78:76:c7:b3:23:
         ec:43:1d:c1:3f:c4:e2:6a:3a:a4:a9:03:2a:40:44:bb:6e:c6:
         4a:8d:eb:13:43:5f:c9:b6:66:5e:61:16:09:0b:cf:76:54:5a:
         90:40:79:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zd5r2UTPh8FyK2a7BILjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjljNzI3YzZlMjJlZWQ4ZmJjZDFlOGI3NjkzOTU3OGQw
ZGNhMGEwHhcNMjYwMzI5MDcwMTMzWhcNMjYwMzMwMDcwMTMzWjAzMTEwLwYDVQQD
EyhkMDkxZTYxNGNjMzRkMTliOWI0ZjQ2Y2RiZjEzM2Y3OGRiNDU0NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+xecdWUMWJIJLl0NrdZ8/gDFUWD
BUll8kK0x4L65V6J63OtGWgq/jGNccrG4kOoIJ6o0KiEK6BhptsI+7tygz7xHe8+
p1wmei+IZZ08BYBhHthSuQlNnws1zGfybtr50Ry4QUVHBkoNL8IjhDld4dJ+xs6Y
7AZTpW1Jt2bWKdCoNqurIamT4qVgiLRDwp8tc1wUk5ncsezRj8w4HNK9Nc+A1r11
qcTVDWxltF33XhnWZ7VzeVTxIm53MGPQZmCQQzt+52sRnFLUoPaZgiq8yyeDmzy2
aHShnF5Zq6t1YewrRpKvq6MGiy/IwmB4HRUaKOMiN3Ualai+qcQt1PD9IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCR5hTMNNGbm09Gzb8TP3jbRUUJMB8GA1UdIwQY
MBaAFLApxyfG4i7tj7zR6LdpOVeNDcoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQt
YTBkNzk5MjRkYjZjLzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQtYTBkNzk5MjRkYjZj
LzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARJ6OOv6T
PmuABoSbgpOB0NHdDBJTOBMUMFydZ+Oud/N48ctSw7g//auguQJgYX0WWV1SrIw7
k7EQdj+YfcVtSz5qHTeubdRIMUHMah/yYyyOV4dp56NTX49o5S8XIXWz3F/dQHEh
Wt3nJNL8HF1DNfMAmvBv1HGi+2OU21LfeNPODTA/Uq5yd81oX6I+BsHaW3GHlREN
hK/mvnhCV6y+9EInh2xuW7afc7HdEjYlSgNed/mpdxFYFqtfqnEAe2IgGy03VIFN
s//oGyaHVUWRLFAMB3h2x7Mj7EMdwT/E4mo6pKkDKkBEu27GSo3rE0NfybZmXmEW
CQvPdlRakEB5QQ==
-----END CERTIFICATE-----