Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
File:                     ROzsULCd1G04TQgbUH0juv71HJw.mft (raw, json)
Hash identifier:          MTRh7HIVFB/EyDmIq6kz66d3IpNRHz8BP5mvp0GaZq0=
Subject key identifier:   FC:D6:4F:F0:F7:88:17:A0:05:31:F2:EA:31:C6:4A:5A:B0:0E:10:AA
Authority key identifier: 44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C
Certificate issuer:       /CN=44ecec50b09dd46d384d081b507d23bafef51c9c
Certificate serial:       019D333F27BEE067842B87B3906B238ECDA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
Manifest number:          188A
Signing time:             Sat 28 Mar 2026 07:01:10 +0000
Manifest this update:     Sat 28 Mar 2026 07:01:10 +0000
Manifest next update:     Sun 29 Mar 2026 07:01:10 +0000
Files and hashes:         1: ROzsULCd1G04TQgbUH0juv71HJw.crl (hash: RMRmvSEtbBHS4YixwVQU8CAgCWzNd8Jsf7kvWJ0Xk9I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:33:3f:27:be:e0:67:84:2b:87:b3:90:6b:23:8e:cd:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ecec50b09dd46d384d081b507d23bafef51c9c
        Validity
            Not Before: Mar 28 07:01:10 2026 GMT
            Not After : Mar 29 07:01:10 2026 GMT
        Subject: CN=fcd64ff0f78817a00531f2ea31c64a5ab00e10aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:7c:03:43:da:6b:b8:dd:a1:95:5e:8f:06:cc:
                    11:10:d5:43:bf:31:cd:6f:2f:47:c3:ae:98:40:1e:
                    49:94:6a:82:7a:f4:3e:51:33:d1:6e:04:94:cf:ac:
                    2c:bc:00:d7:fa:85:af:ab:9a:87:73:03:bf:b1:2a:
                    7d:ec:74:32:84:10:9f:a9:e3:93:74:b8:aa:be:8d:
                    75:f5:e8:90:f4:24:49:90:cc:e2:c0:8d:cb:cd:89:
                    4f:57:f4:73:6e:9d:df:40:7a:cf:d1:7d:f3:5b:9d:
                    e2:16:bf:90:5a:34:f4:c2:33:9d:1c:50:d4:53:42:
                    7b:1e:2b:0e:61:8a:8e:42:61:12:7a:80:ad:6a:16:
                    22:e1:ee:8e:36:72:9d:ee:ef:c2:18:6d:07:b5:0c:
                    2d:f4:0f:c0:a0:42:8b:73:94:50:97:d3:61:b5:f1:
                    61:d1:dc:9d:d6:65:c1:91:25:fb:64:c0:56:ca:d6:
                    21:31:cf:4d:35:bf:41:fe:f7:20:94:5a:40:cb:1a:
                    e8:98:5e:9d:38:aa:a1:68:a1:3a:29:62:a7:45:09:
                    65:e2:40:b9:e3:c9:e7:f8:74:9b:85:a7:ad:35:ea:
                    09:4f:ab:e0:d2:bf:c3:65:7f:d6:d2:93:95:5e:1e:
                    6a:a4:fd:71:d0:05:84:4a:1f:82:f5:7e:66:95:23:
                    99:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:D6:4F:F0:F7:88:17:A0:05:31:F2:EA:31:C6:4A:5A:B0:0E:10:AA
            X509v3 Authority Key Identifier:
                keyid:44:EC:EC:50:B0:9D:D4:6D:38:4D:08:1B:50:7D:23:BA:FE:F5:1C:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROzsULCd1G04TQgbUH0juv71HJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3091e8-3c60-41cc-85e0-e32d6f6f3ccc/1/ROzsULCd1G04TQgbUH0juv71HJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:d3:43:d1:b2:f3:fe:37:97:9e:74:16:0e:2a:f0:87:b1:70:
         4a:de:9c:e7:3b:10:28:1e:d3:43:41:7f:78:bb:d2:a6:4c:6b:
         91:a8:96:a0:51:f3:90:ad:51:5e:74:ab:55:d0:d1:6c:22:3d:
         88:05:40:91:51:c7:c5:9f:31:76:e9:a0:28:94:89:07:cc:0e:
         29:91:8e:ee:f1:fb:81:db:7e:d2:06:d3:af:ac:ec:54:35:ee:
         1a:fd:c2:98:81:4c:00:ee:cd:8d:c6:0c:c9:f1:9b:b0:29:67:
         87:97:b3:51:07:0d:e4:a5:b1:e5:87:81:ee:67:6b:d4:1c:45:
         44:3b:1f:38:1f:71:d4:ec:3c:db:49:15:ac:f1:1f:92:c4:0f:
         bd:8b:4c:c1:2d:0b:1f:fc:56:2a:a1:15:5e:ec:2b:48:f7:7f:
         20:c5:71:80:3b:04:87:2b:18:8a:74:24:71:a0:91:70:39:a3:
         d8:9d:ae:99:d4:74:05:2f:7b:63:e5:51:fe:6c:b1:53:8f:e7:
         0c:fc:08:fd:e7:4f:39:46:68:72:a1:ea:19:0e:db:bd:e1:7d:
         ad:bd:fb:40:e5:9c:ce:0e:3d:c4:bb:e0:13:02:5b:62:8c:35:
         e4:d1:50:d4:2b:77:ed:c7:6b:47:a8:36:6f:a4:33:6a:73:a2:
         63:7b:0e:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPye+4GeEK4ezkGsjjs2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZWNlYzUwYjA5ZGQ0NmQzODRkMDgxYjUwN2QyM2JhZmVm
NTFjOWMwHhcNMjYwMzI4MDcwMTEwWhcNMjYwMzI5MDcwMTEwWjAzMTEwLwYDVQQD
EyhmY2Q2NGZmMGY3ODgxN2EwMDUzMWYyZWEzMWM2NGE1YWIwMGUxMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXwDQ9pruN2hlV6PBswRENVDvzHN
by9Hw66YQB5JlGqCevQ+UTPRbgSUz6wsvADX+oWvq5qHcwO/sSp97HQyhBCfqeOT
dLiqvo119eiQ9CRJkMziwI3LzYlPV/Rzbp3fQHrP0X3zW53iFr+QWjT0wjOdHFDU
U0J7HisOYYqOQmESeoCtahYi4e6ONnKd7u/CGG0HtQwt9A/AoEKLc5RQl9NhtfFh
0dyd1mXBkSX7ZMBWytYhMc9NNb9B/vcglFpAyxromF6dOKqhaKE6KWKnRQll4kC5
48nn+HSbhaetNeoJT6vg0r/DZX/W0pOVXh5qpP1x0AWESh+C9X5mlSOZnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzWT/D3iBegBTHy6jHGSlqwDhCqMB8GA1UdIwQY
MBaAFETs7FCwndRtOE0IG1B9I7r+9RycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAt
ZTMyZDZmNmYzY2NjLzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zMDkxZTgtM2M2MC00MWNjLTg1ZTAtZTMyZDZmNmYzY2Nj
LzEvUk96c1VMQ2QxRzA0VFFnYlVIMGp1djcxSEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGNND0bLz
/jeXnnQWDirwh7FwSt6c5zsQKB7TQ0F/eLvSpkxrkaiWoFHzkK1RXnSrVdDRbCI9
iAVAkVHHxZ8xdumgKJSJB8wOKZGO7vH7gdt+0gbTr6zsVDXuGv3CmIFMAO7NjcYM
yfGbsClnh5ezUQcN5KWx5YeB7mdr1BxFRDsfOB9x1Ow820kVrPEfksQPvYtMwS0L
H/xWKqEVXuwrSPd/IMVxgDsEhysYinQkcaCRcDmj2J2umdR0BS97Y+VR/myxU4/n
DPwI/edPOUZocqHqGQ7bveF9rb37QOWczg49xLvgEwJbYow15NFQ1Ct37cdrR6g2
b6QzanOiY3sOhw==
-----END CERTIFICATE-----