Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          E3GdakUB9awJVo3pbypeVTpm1NHO2BVKvu/I2HXE/Do=
Subject key identifier:   15:2F:DE:58:CE:2D:B6:67:28:F1:F0:9D:72:3C:72:A3:92:4B:2E:1F
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       019D3866793270517F73AAF8872AD61124C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:02:12 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:12 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:12 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: Jio4qf1jTcgHIlKQwRZg6ecf48KxUVxnngthTO45gO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:79:32:70:51:7f:73:aa:f8:87:2a:d6:11:24:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Mar 29 07:02:12 2026 GMT
            Not After : Mar 30 07:02:12 2026 GMT
        Subject: CN=152fde58ce2db66728f1f09d723c72a3924b2e1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:c4:aa:ff:50:e7:5a:aa:fb:9a:cc:30:03:f5:
                    dc:31:06:fd:6d:46:00:70:44:26:58:6a:21:f2:e6:
                    3d:c7:f6:ac:50:78:b0:73:1d:87:9c:c5:60:d8:cf:
                    2e:77:dd:29:82:06:33:7e:41:f1:43:86:ab:31:c5:
                    9f:5a:fb:6f:a3:ac:51:10:49:09:26:69:01:6e:4a:
                    d4:3e:2e:03:1d:b8:89:37:b5:47:a9:72:8a:d0:03:
                    24:cd:41:16:8a:c0:83:4b:ab:5b:95:54:af:7e:3d:
                    58:b5:39:17:14:05:44:40:a9:e1:fd:9e:20:d6:a3:
                    17:36:c5:69:48:61:ae:31:3a:e6:54:f9:71:22:66:
                    7d:37:f0:73:ab:dc:ec:41:82:26:f3:bf:7d:48:5c:
                    37:98:1e:13:30:d1:45:50:66:35:a8:4c:65:a3:32:
                    e7:d1:ec:2b:af:e7:33:a8:92:6e:3b:ea:3c:85:fe:
                    f2:15:02:af:28:fc:00:06:3d:88:98:9f:03:13:7b:
                    89:35:99:bf:10:cd:cd:86:66:cc:ea:b6:b9:8b:0a:
                    59:e9:e8:22:d4:4d:79:8b:16:ff:91:d7:dd:98:12:
                    cb:e6:1c:53:eb:5a:1b:a4:73:44:70:28:a9:5b:8b:
                    fe:cc:9b:03:a8:60:00:9a:98:a4:a6:72:de:3e:5b:
                    4f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:2F:DE:58:CE:2D:B6:67:28:F1:F0:9D:72:3C:72:A3:92:4B:2E:1F
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:ff:65:7d:50:10:a1:09:80:30:64:2c:99:37:cb:63:a1:00:
         d7:0f:ec:63:4c:de:6b:f1:14:37:65:14:0c:df:ec:c3:4d:a4:
         6c:0e:82:9b:de:14:c5:ec:b0:32:5f:0b:43:b0:1d:15:eb:54:
         45:4f:0b:b5:17:d1:ff:ae:96:44:a6:90:bb:39:a9:f2:0c:e9:
         e8:2e:7a:91:e3:37:cd:86:aa:97:f2:6b:a4:6f:86:3c:20:6e:
         0f:c2:15:e5:03:53:e2:c0:a8:ea:a4:73:4d:d3:ad:ce:27:e2:
         df:95:79:15:d0:16:f0:54:df:08:f1:61:a9:8f:70:e9:ae:24:
         f3:30:84:ba:7a:d4:26:f8:22:10:c9:e6:cf:c9:ab:3f:bc:6c:
         dd:eb:94:84:1c:e0:ae:d4:60:4f:d9:17:97:07:93:0a:a2:51:
         7e:94:ba:6a:41:9d:92:3f:96:9b:ba:0f:7d:f6:40:5a:71:03:
         31:a6:cb:59:32:d0:ad:a9:fb:07:7c:d8:f1:35:33:9d:0f:a4:
         20:8c:55:6c:f3:2e:89:55:de:3d:c8:bd:01:f9:f2:a9:e0:04:
         af:7a:f6:fb:aa:b5:15:28:f0:e6:83:62:30:8e:7e:94:7c:07:
         e3:66:7f:19:0f:f3:56:cb:58:d2:94:14:a6:c3:43:0d:cc:06:
         4d:b9:4c:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZnkycFF/c6r4hyrWESTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjYwMzI5MDcwMjEyWhcNMjYwMzMwMDcwMjEyWjAzMTEwLwYDVQQD
EygxNTJmZGU1OGNlMmRiNjY3MjhmMWYwOWQ3MjNjNzJhMzkyNGIyZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysSq/1DnWqr7mswwA/XcMQb9bUYA
cEQmWGoh8uY9x/asUHiwcx2HnMVg2M8ud90pggYzfkHxQ4arMcWfWvtvo6xREEkJ
JmkBbkrUPi4DHbiJN7VHqXKK0AMkzUEWisCDS6tblVSvfj1YtTkXFAVEQKnh/Z4g
1qMXNsVpSGGuMTrmVPlxImZ9N/Bzq9zsQYIm8799SFw3mB4TMNFFUGY1qExlozLn
0ewrr+czqJJuO+o8hf7yFQKvKPwABj2ImJ8DE3uJNZm/EM3NhmbM6ra5iwpZ6egi
1E15ixb/kdfdmBLL5hxT61obpHNEcCipW4v+zJsDqGAAmpikpnLePltPEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUv3ljOLbZnKPHwnXI8cqOSSy4fMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZv9lfVAQ
oQmAMGQsmTfLY6EA1w/sY0zea/EUN2UUDN/sw02kbA6Cm94UxeywMl8LQ7AdFetU
RU8LtRfR/66WRKaQuzmp8gzp6C56keM3zYaql/JrpG+GPCBuD8IV5QNT4sCo6qRz
TdOtzifi35V5FdAW8FTfCPFhqY9w6a4k8zCEunrUJvgiEMnmz8mrP7xs3euUhBzg
rtRgT9kXlweTCqJRfpS6akGdkj+Wm7oPffZAWnEDMabLWTLQran7B3zY8TUznQ+k
IIxVbPMuiVXePci9AfnyqeAEr3r2+6q1FSjw5oNiMI5+lHwH42Z/GQ/zVstY0pQU
psNDDcwGTblMIw==
-----END CERTIFICATE-----