Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          htt4Btxwc1Ek1gjjA0ro5jH+iXIEkcxGg0F496g16nY=
Subject key identifier:   B8:91:21:80:8C:3D:2C:AE:C6:66:70:60:3B:7F:26:0B:2E:2B:1A:2F
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       019D382E0EF09380AA2A48296E8929171C7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 06:00:35 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:35 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:35 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: hfinXUsMkjjbHIla6sZbaHDNpITQCeN+rybWmqKz7Fg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:0e:f0:93:80:aa:2a:48:29:6e:89:29:17:1c:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Mar 29 06:00:35 2026 GMT
            Not After : Mar 30 06:00:35 2026 GMT
        Subject: CN=b89121808c3d2caec66670603b7f260b2e2b1a2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:2f:d2:52:76:28:97:22:54:34:07:14:3e:dd:
                    4b:13:be:21:96:e2:49:5f:be:88:7a:66:b7:90:6a:
                    be:a6:ac:3b:ea:c2:2f:af:3a:3f:5b:47:de:5d:bd:
                    81:25:b8:a7:b1:c7:97:ae:53:f2:8d:ff:c2:d2:0d:
                    8f:5b:e3:75:3d:b5:d0:1f:ec:83:9a:bf:19:51:cb:
                    7e:ea:b3:eb:30:f4:34:01:57:e8:65:d3:7d:6e:0f:
                    85:22:60:a8:46:a8:28:b6:6a:ef:61:f4:fb:bb:97:
                    c7:7a:57:e2:9e:39:d5:ab:88:ae:e4:79:a5:22:4b:
                    d5:45:c8:cc:3e:2c:7a:7d:27:d8:b8:d9:b6:8f:b4:
                    79:b2:b2:62:6c:a3:17:e3:49:42:13:5f:36:d0:93:
                    fe:4f:f0:17:6e:2d:2d:bf:fc:00:c7:a1:7a:3b:a7:
                    07:c8:7a:e8:76:cb:50:37:72:2c:4e:f7:e8:19:7d:
                    5b:ba:4a:e0:1f:ae:52:c2:65:22:b6:30:09:52:0c:
                    d8:fb:00:6f:c2:99:66:bf:d8:3d:ca:49:34:8f:07:
                    71:f6:4c:3a:a2:f5:25:25:eb:05:84:6f:5a:f8:d0:
                    f7:d6:5c:a9:b0:73:72:72:84:65:27:9b:fa:70:70:
                    c5:3c:ba:de:7b:0c:af:2b:12:75:ff:3e:59:40:30:
                    9c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:91:21:80:8C:3D:2C:AE:C6:66:70:60:3B:7F:26:0B:2E:2B:1A:2F
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:a4:0f:5e:d4:41:26:af:86:11:f8:f3:ff:bd:99:6b:03:93:
         42:60:69:aa:f6:86:0a:aa:1e:fc:dc:bc:96:40:27:f0:04:62:
         19:30:d7:15:fd:bd:de:3c:d8:1e:23:04:a4:1a:d7:96:28:ef:
         53:d7:25:1d:f8:32:68:52:9a:f5:84:bc:fb:71:2b:78:e5:39:
         b8:a7:41:c5:5f:81:b8:3d:2d:ad:95:a9:7c:8f:0b:4b:40:5a:
         15:55:e7:f3:a8:77:8b:f8:dc:e7:7b:f8:b5:43:95:23:33:c9:
         d3:9c:28:ad:85:7e:21:b4:04:85:89:9e:92:ab:27:28:3a:d4:
         df:83:c0:bb:68:3e:16:14:ad:c8:10:5e:54:fc:7f:19:19:97:
         0d:4b:54:94:42:50:0b:d1:0e:b3:c8:f7:30:e7:74:f8:38:93:
         20:1b:47:1c:a2:1d:91:ee:1b:2d:d0:ff:6e:99:85:0c:0c:de:
         e1:d0:2b:29:e2:74:7b:9b:29:b5:93:60:fc:fc:57:66:18:fc:
         a2:38:1f:39:59:b9:5a:df:9d:09:0c:59:0c:12:c1:4d:95:3f:
         a6:f1:fd:a4:0d:97:23:fa:db:51:25:3a:f6:5f:1b:95:41:c3:
         b8:5b:42:db:10:ba:b3:08:d5:ad:3a:b7:e4:e6:13:66:12:c9:
         70:0a:21:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lg7wk4CqKkgpbokpFxx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjYwMzI5MDYwMDM1WhcNMjYwMzMwMDYwMDM1WjAzMTEwLwYDVQQD
EyhiODkxMjE4MDhjM2QyY2FlYzY2NjcwNjAzYjdmMjYwYjJlMmIxYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty/SUnYolyJUNAcUPt1LE74hluJJ
X76Iema3kGq+pqw76sIvrzo/W0feXb2BJbinsceXrlPyjf/C0g2PW+N1PbXQH+yD
mr8ZUct+6rPrMPQ0AVfoZdN9bg+FImCoRqgotmrvYfT7u5fHelfinjnVq4iu5Hml
IkvVRcjMPix6fSfYuNm2j7R5srJibKMX40lCE1820JP+T/AXbi0tv/wAx6F6O6cH
yHrodstQN3IsTvfoGX1bukrgH65SwmUitjAJUgzY+wBvwplmv9g9ykk0jwdx9kw6
ovUlJesFhG9a+ND31lypsHNycoRlJ5v6cHDFPLreewyvKxJ1/z5ZQDCceQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLiRIYCMPSyuxmZwYDt/JgsuKxovMB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUaQPXtRB
Jq+GEfjz/72ZawOTQmBpqvaGCqoe/Ny8lkAn8ARiGTDXFf293jzYHiMEpBrXlijv
U9clHfgyaFKa9YS8+3EreOU5uKdBxV+BuD0trZWpfI8LS0BaFVXn86h3i/jc53v4
tUOVIzPJ05worYV+IbQEhYmekqsnKDrU34PAu2g+FhStyBBeVPx/GRmXDUtUlEJQ
C9EOs8j3MOd0+DiTIBtHHKIdke4bLdD/bpmFDAze4dArKeJ0e5sptZNg/PxXZhj8
ojgfOVm5Wt+dCQxZDBLBTZU/pvH9pA2XI/rbUSU69l8blUHDuFtC2xC6swjVrTq3
5OYTZhLJcAohIw==
-----END CERTIFICATE-----