Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
File:                     R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json)
Hash identifier:          fp3q4a8poAxo2Bh85PI6RSh9xalcXLOWFcNkxEvQAK8=
Subject key identifier:   A7:55:DC:51:75:65:B5:30:E5:97:AB:46:80:D1:2D:92:00:84:41:53
Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA
Certificate issuer:       /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
Certificate serial:       019D386561787890550C48CF83BC46E5F63B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:01 +0000
Files and hashes:         1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: F/Uo8yGBER255cnSsovS/g3dRefDk5Xqj8gDRSSgBUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:61:78:78:90:55:0c:48:cf:83:bc:46:e5:f6:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
        Validity
            Not Before: Mar 29 07:01:01 2026 GMT
            Not After : Mar 30 07:01:01 2026 GMT
        Subject: CN=a755dc517565b530e597ab4680d12d9200844153
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:66:ce:67:8e:40:64:60:aa:36:47:1d:8a:d9:
                    1a:67:30:2a:c8:1a:70:6d:ac:14:35:0c:6d:bf:17:
                    84:bd:28:c0:21:c0:e4:e8:cf:de:bd:46:97:59:da:
                    31:59:72:24:7f:42:0e:35:e9:91:c1:7b:9b:91:f2:
                    93:51:7e:69:f5:54:57:34:9c:17:80:92:bc:41:da:
                    f1:26:31:b0:38:e3:21:fb:a6:c9:bc:46:4a:ee:62:
                    bb:f7:a8:8b:42:df:27:5b:29:11:88:8c:c8:27:03:
                    99:8c:d9:10:77:ea:f9:96:dd:40:14:68:a9:81:ff:
                    f0:b8:12:6a:28:ea:6a:20:bc:89:14:2a:d3:8e:81:
                    33:53:c5:cf:7d:f4:02:4e:6b:6d:82:82:b0:c5:75:
                    59:5f:53:84:05:40:9c:e0:8c:a7:d8:cf:d5:0e:c8:
                    c2:ee:8f:15:e8:d9:49:05:d0:9b:a1:b5:a7:23:c3:
                    42:e3:7c:bd:bd:ec:48:b0:88:af:41:dc:31:fe:1d:
                    60:ec:64:27:f1:d0:7e:a4:76:11:bb:d6:82:8b:e5:
                    c4:78:d5:23:c7:c7:2a:9e:c1:f4:57:28:2b:3b:3a:
                    87:2e:23:54:64:3d:73:7d:94:d7:ca:77:c5:42:cb:
                    a6:46:99:91:70:53:e4:37:32:5b:2a:18:83:9f:e7:
                    60:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:55:DC:51:75:65:B5:30:E5:97:AB:46:80:D1:2D:92:00:84:41:53
            X509v3 Authority Key Identifier:
                keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:12:9e:5c:a4:6e:bc:dc:f2:09:3b:1f:d8:07:27:32:9c:f4:
         1c:3f:2f:75:8a:d2:bd:c9:8a:76:ee:be:c4:34:a0:8a:2c:9e:
         91:23:7d:b2:5c:e5:59:6a:32:97:29:00:9d:a5:b6:15:eb:f9:
         82:f4:8f:b9:57:91:cb:0f:e4:db:88:5b:e0:e2:21:eb:e4:1d:
         eb:94:2b:a7:67:dd:3d:69:27:b3:1f:2e:e7:a1:8c:a4:ed:43:
         16:dc:9c:b2:61:d9:ab:d6:1a:9e:9b:2d:d3:79:7d:34:20:21:
         b8:b4:ee:c4:bc:ee:e9:b5:0d:66:9c:76:09:0f:59:2e:7a:ec:
         a8:34:f1:ce:7b:2d:e5:b1:3d:7b:6a:10:d2:37:3a:8d:ab:3b:
         e2:6f:bd:9d:49:b6:29:7d:f8:72:fe:3f:de:0a:7e:dd:24:1c:
         ec:11:9d:1d:cf:cb:4b:9a:3a:92:84:9c:77:b2:5b:2c:c1:4b:
         7a:91:70:f3:dd:28:25:b0:0b:27:25:c1:be:92:ea:73:d1:9a:
         c4:f8:d2:0a:86:16:c4:35:6c:ce:f0:62:f1:da:19:ca:63:6b:
         6d:b4:6b:ae:fe:ec:ed:3d:72:cb:11:ea:96:fe:08:16:a8:78:
         d9:ab:11:a2:4f:ef:a1:36:31:25:b1:42:39:02:92:cd:a0:48:
         4d:52:02:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZWF4eJBVDEjPg7xG5fY7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy
Nzc0ZGEwHhcNMjYwMzI5MDcwMTAxWhcNMjYwMzMwMDcwMTAxWjAzMTEwLwYDVQQD
EyhhNzU1ZGM1MTc1NjViNTMwZTU5N2FiNDY4MGQxMmQ5MjAwODQ0MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGbOZ45AZGCqNkcditkaZzAqyBpw
bawUNQxtvxeEvSjAIcDk6M/evUaXWdoxWXIkf0IONemRwXubkfKTUX5p9VRXNJwX
gJK8QdrxJjGwOOMh+6bJvEZK7mK796iLQt8nWykRiIzIJwOZjNkQd+r5lt1AFGip
gf/wuBJqKOpqILyJFCrTjoEzU8XPffQCTmttgoKwxXVZX1OEBUCc4Iyn2M/VDsjC
7o8V6NlJBdCbobWnI8NC43y9vexIsIivQdwx/h1g7GQn8dB+pHYRu9aCi+XEeNUj
x8cqnsH0VygrOzqHLiNUZD1zfZTXynfFQsumRpmRcFPkNzJbKhiDn+dgkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdV3FF1ZbUw5ZerRoDRLZIAhEFTMB8GA1UdIwQY
MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt
N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw
LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABKeXKRu
vNzyCTsf2AcnMpz0HD8vdYrSvcmKdu6+xDSgiiyekSN9slzlWWoylykAnaW2Fev5
gvSPuVeRyw/k24hb4OIh6+Qd65Qrp2fdPWknsx8u56GMpO1DFtycsmHZq9Yanpst
03l9NCAhuLTuxLzu6bUNZpx2CQ9ZLnrsqDTxznst5bE9e2oQ0jc6jas74m+9nUm2
KX34cv4/3gp+3SQc7BGdHc/LS5o6koScd7JbLMFLepFw890oJbALJyXBvpLqc9Ga
xPjSCoYWxDVszvBi8doZymNrbbRrrv7s7T1yyxHqlv4IFqh42asRok/voTYxJbFC
OQKSzaBITVICoQ==
-----END CERTIFICATE-----