Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
File:                     U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft (raw, json)
Hash identifier:          /iUYC/F+05BhVE7q68/uhyljuMKyHFY15/Y/eg3nDPE=
Subject key identifier:   51:4C:B2:68:14:DC:B0:C1:C2:97:FC:BF:E7:6F:F4:89:B7:F0:11:7E
Authority key identifier: 53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E
Certificate issuer:       /CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
Certificate serial:       019D38664709ED17C209E9555CD87385703F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:02:00 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:00 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:00 +0000
Files and hashes:         1: U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl (hash: 725gTwQ8+uiP6OhswguqNVJ+90RlPylTpr+9OHUEfhs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:47:09:ed:17:c2:09:e9:55:5c:d8:73:85:70:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=538b062cb5426f00e65373eef4e4cd8a1c27f68e
        Validity
            Not Before: Mar 29 07:02:00 2026 GMT
            Not After : Mar 30 07:02:00 2026 GMT
        Subject: CN=514cb26814dcb0c1c297fcbfe76ff489b7f0117e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e3:1a:38:a2:9b:34:95:48:14:99:90:c0:dc:
                    c6:0c:f5:f2:ab:87:51:7f:7b:ca:e8:1e:dc:d9:9a:
                    50:34:4a:a1:2f:c7:96:05:2e:02:33:7c:25:2f:55:
                    1d:18:65:6f:6a:bc:4a:f0:93:ee:94:53:60:16:df:
                    7f:6d:c2:1f:4b:57:12:4e:77:3a:d4:17:f3:bf:92:
                    0e:ce:cd:00:c5:86:5e:bf:f2:1c:4d:ae:c6:ba:a4:
                    3c:8f:7d:46:81:1c:55:b6:7a:c6:2e:61:26:54:fb:
                    1e:51:f6:79:cb:50:ee:9e:b1:cc:76:00:3b:34:63:
                    73:cc:d6:7d:c5:17:f6:60:0e:a9:83:26:82:23:71:
                    5f:a2:44:ae:7d:88:b8:98:3e:a3:8b:25:7a:cd:43:
                    d8:b2:ed:4d:50:ae:25:79:b5:b4:9f:80:10:ab:4a:
                    4e:ab:9a:40:2d:74:3c:8f:c4:34:20:82:9d:0b:7c:
                    83:23:28:ba:24:6a:91:1a:39:5c:cf:14:39:f9:a7:
                    e9:8b:12:69:6c:57:41:35:3b:46:cb:76:89:24:49:
                    50:df:ab:e5:5d:ac:35:16:29:cc:da:34:c2:ac:eb:
                    11:b3:dc:4b:dc:50:49:58:95:5a:be:7d:c3:6f:41:
                    bb:93:5a:79:c4:f9:8e:b1:ad:25:57:8f:af:9b:fe:
                    5e:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:4C:B2:68:14:DC:B0:C1:C2:97:FC:BF:E7:6F:F4:89:B7:F0:11:7E
            X509v3 Authority Key Identifier:
                keyid:53:8B:06:2C:B5:42:6F:00:E6:53:73:EE:F4:E4:CD:8A:1C:27:F6:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U4sGLLVCbwDmU3Pu9OTNihwn9o4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1d457b-40bd-448f-a915-20c8ab92696f/1/U4sGLLVCbwDmU3Pu9OTNihwn9o4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:4a:bd:30:b5:04:fd:e4:07:34:ea:be:c9:fd:79:dc:18:36:
         f9:01:04:f6:01:86:6f:33:e3:fd:93:01:45:e1:cc:ae:15:c4:
         83:d5:8c:16:93:e3:97:8c:fa:fa:0e:65:ab:dc:9b:f6:ee:c2:
         a5:5d:55:fc:9c:04:a6:ec:f3:24:b1:2a:02:7d:6e:99:40:c0:
         d3:83:99:6b:c5:2c:50:7b:12:71:b4:b4:4f:f8:bc:f4:23:a0:
         d0:34:2f:e9:59:7e:77:61:5d:34:6b:c5:47:57:e1:c7:ff:b7:
         8c:e9:0f:28:86:50:75:52:4e:77:8b:d7:33:ce:f6:56:97:eb:
         17:f9:f5:32:ba:69:38:be:cf:46:7f:f6:9f:4b:b7:d6:cc:15:
         4e:c7:a6:a4:9d:7f:07:b8:c1:f9:1b:77:67:0b:d6:f7:cd:46:
         1e:6e:80:38:85:34:fc:09:5c:f2:eb:6a:3b:c2:ba:63:c8:0b:
         c5:2b:dc:f9:03:13:17:f5:82:93:03:af:fd:f4:37:c0:2f:e6:
         9d:64:2c:0c:81:8f:ee:8b:cb:ed:b1:13:c9:4d:e3:b5:51:b4:
         ba:00:1a:23:85:17:02:3a:5b:e3:85:28:8e:9b:29:95:c6:fd:
         ad:49:eb:47:9c:88:b5:58:e6:c4:cd:82:de:fb:b3:74:45:26:
         54:6f:fc:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkcJ7RfCCelVXNhzhXA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzOGIwNjJjYjU0MjZmMDBlNjUzNzNlZWY0ZTRjZDhhMWMy
N2Y2OGUwHhcNMjYwMzI5MDcwMjAwWhcNMjYwMzMwMDcwMjAwWjAzMTEwLwYDVQQD
Eyg1MTRjYjI2ODE0ZGNiMGMxYzI5N2ZjYmZlNzZmZjQ4OWI3ZjAxMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuMaOKKbNJVIFJmQwNzGDPXyq4dR
f3vK6B7c2ZpQNEqhL8eWBS4CM3wlL1UdGGVvarxK8JPulFNgFt9/bcIfS1cSTnc6
1Bfzv5IOzs0AxYZev/IcTa7GuqQ8j31GgRxVtnrGLmEmVPseUfZ5y1DunrHMdgA7
NGNzzNZ9xRf2YA6pgyaCI3FfokSufYi4mD6jiyV6zUPYsu1NUK4lebW0n4AQq0pO
q5pALXQ8j8Q0IIKdC3yDIyi6JGqRGjlczxQ5+afpixJpbFdBNTtGy3aJJElQ36vl
Xaw1FinM2jTCrOsRs9xL3FBJWJVavn3Db0G7k1p5xPmOsa0lV4+vm/5eWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFFMsmgU3LDBwpf8v+dv9Im38BF+MB8GA1UdIwQY
MBaAFFOLBiy1Qm8A5lNz7vTkzYocJ/aOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUt
MjBjOGFiOTI2OTZmLzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xZDQ1N2ItNDBiZC00NDhmLWE5MTUtMjBjOGFiOTI2OTZm
LzEvVTRzR0xMVkNid0RtVTNQdTlPVE5paHduOW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUq9MLUE
/eQHNOq+yf153Bg2+QEE9gGGbzPj/ZMBReHMrhXEg9WMFpPjl4z6+g5lq9yb9u7C
pV1V/JwEpuzzJLEqAn1umUDA04OZa8UsUHsScbS0T/i89COg0DQv6Vl+d2FdNGvF
R1fhx/+3jOkPKIZQdVJOd4vXM872VpfrF/n1MrppOL7PRn/2n0u31swVTsempJ1/
B7jB+Rt3ZwvW981GHm6AOIU0/Alc8utqO8K6Y8gLxSvc+QMTF/WCkwOv/fQ3wC/m
nWQsDIGP7ovL7bETyU3jtVG0ugAaI4UXAjpb44Uojpsplcb9rUnrR5yItVjmxM2C
3vuzdEUmVG/8Vg==
-----END CERTIFICATE-----