Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
File:                     YcGgEMsk-ZbneJixJHJbVbY0OOA.mft (raw, json)
Hash identifier:          L/gTkW5zdy7kh1z6S9qWscD7xAuR860gAzPzJvks5zw=
Subject key identifier:   55:88:CD:67:AD:4C:5F:FF:27:6A:32:FB:FF:00:19:69:BB:13:DD:00
Authority key identifier: 61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0
Certificate issuer:       /CN=61c1a010cb24f996e77898b124725b55b63438e0
Certificate serial:       019D3866901DC97CAEC1FFDC9982FE9E4DE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:02:18 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:18 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:18 +0000
Files and hashes:         1: YcGgEMsk-ZbneJixJHJbVbY0OOA.crl (hash: isyr33FxMQoGLHzN0PNihipP6qzIBHMGV8mKRCONbM0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:90:1d:c9:7c:ae:c1:ff:dc:99:82:fe:9e:4d:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61c1a010cb24f996e77898b124725b55b63438e0
        Validity
            Not Before: Mar 29 07:02:18 2026 GMT
            Not After : Mar 30 07:02:18 2026 GMT
        Subject: CN=5588cd67ad4c5fff276a32fbff001969bb13dd00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:6f:df:41:21:26:5c:b7:17:16:04:bd:3e:a0:
                    36:33:83:d2:e4:6a:d2:d5:8b:49:c2:c3:89:42:5d:
                    f5:49:51:a6:26:e3:36:31:39:e3:fa:8d:74:20:06:
                    b4:34:3a:c1:c2:51:2a:82:4e:2d:23:33:d4:db:b9:
                    fb:06:9a:09:cf:6a:b2:9b:83:fc:31:01:5c:fe:b6:
                    ec:80:f0:de:05:85:aa:65:d9:fd:77:10:83:74:19:
                    a5:42:1e:30:cb:e1:ea:f5:29:43:86:0e:2f:d6:be:
                    10:24:fa:d0:09:36:96:28:17:37:a6:5a:b9:b4:c2:
                    37:86:b0:81:fc:a8:c5:cb:93:0f:0e:5c:95:92:4c:
                    91:ae:c4:60:2a:89:0a:95:97:dd:d0:3a:0e:af:f0:
                    34:ca:58:31:72:f3:73:79:dc:c4:4d:23:76:27:38:
                    9b:4f:aa:f1:9c:66:45:38:1c:76:4a:5a:08:da:1b:
                    e7:08:e5:ba:b2:06:04:3a:5e:dd:94:fc:63:86:31:
                    ec:34:d5:05:aa:9c:82:1e:01:69:3d:f3:85:4d:e3:
                    21:be:9d:7d:43:eb:24:45:2f:8d:c1:ce:5d:c6:b0:
                    c6:2b:0d:7e:10:45:5d:75:36:e7:1b:c2:77:2a:b1:
                    c8:1e:43:b1:dd:da:80:59:be:82:c8:6a:5d:5b:8e:
                    60:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:88:CD:67:AD:4C:5F:FF:27:6A:32:FB:FF:00:19:69:BB:13:DD:00
            X509v3 Authority Key Identifier:
                keyid:61:C1:A0:10:CB:24:F9:96:E7:78:98:B1:24:72:5B:55:B6:34:38:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcGgEMsk-ZbneJixJHJbVbY0OOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/33c1c0-4cb8-44b9-a3e9-e9e9937b8dce/1/YcGgEMsk-ZbneJixJHJbVbY0OOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:d1:ed:f1:93:cb:68:bf:c5:f2:73:14:71:ff:db:63:3f:e0:
         08:f0:db:82:f6:e7:b8:2d:03:eb:d9:2b:65:b3:44:06:a7:73:
         0a:0a:4f:13:43:1c:a1:db:8f:22:cd:c5:78:e1:17:d1:1b:d5:
         db:dc:75:a6:6a:15:59:dd:b2:da:3a:61:5a:d7:0e:53:41:fe:
         48:d8:cc:d8:1b:1f:cf:be:5d:f3:d4:97:19:dd:4b:e7:06:d5:
         de:fc:91:e6:5d:09:0c:55:2e:2d:82:6d:dc:4c:d3:6a:9d:58:
         e2:a0:10:4f:0a:5f:ce:89:25:a5:0e:12:58:3e:a9:b4:5b:c2:
         33:85:71:29:b6:24:4a:26:2a:16:a3:9b:1e:e1:96:6e:45:c7:
         c5:05:b6:98:e8:dd:df:e1:ad:49:59:99:ff:9b:fe:58:53:af:
         d4:0f:b0:3c:cd:ec:00:7b:62:40:95:40:ba:03:ed:be:98:91:
         df:08:5d:b6:18:5f:6d:dd:af:b0:ce:b8:fb:9c:f4:ef:1f:05:
         fe:dd:ab:a2:c9:54:2f:27:89:64:2f:80:52:e8:ba:e8:5f:e9:
         91:a5:0e:17:f5:0c:a8:b2:85:45:9b:0d:45:ce:e6:40:a8:36:
         db:d2:2c:fc:79:9f:8e:e2:3c:f6:a6:b4:58:f3:d2:de:d5:86:
         6e:be:f9:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZpAdyXyuwf/cmYL+nk3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzFhMDEwY2IyNGY5OTZlNzc4OThiMTI0NzI1YjU1YjYz
NDM4ZTAwHhcNMjYwMzI5MDcwMjE4WhcNMjYwMzMwMDcwMjE4WjAzMTEwLwYDVQQD
Eyg1NTg4Y2Q2N2FkNGM1ZmZmMjc2YTMyZmJmZjAwMTk2OWJiMTNkZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG/fQSEmXLcXFgS9PqA2M4PS5GrS
1YtJwsOJQl31SVGmJuM2MTnj+o10IAa0NDrBwlEqgk4tIzPU27n7BpoJz2qym4P8
MQFc/rbsgPDeBYWqZdn9dxCDdBmlQh4wy+Hq9SlDhg4v1r4QJPrQCTaWKBc3plq5
tMI3hrCB/KjFy5MPDlyVkkyRrsRgKokKlZfd0DoOr/A0ylgxcvNzedzETSN2Jzib
T6rxnGZFOBx2SloI2hvnCOW6sgYEOl7dlPxjhjHsNNUFqpyCHgFpPfOFTeMhvp19
Q+skRS+Nwc5dxrDGKw1+EEVddTbnG8J3KrHIHkOx3dqAWb6CyGpdW45ghQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFWIzWetTF//J2oy+/8AGWm7E90AMB8GA1UdIwQY
MBaAFGHBoBDLJPmW53iYsSRyW1W2NDjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTkt
ZTllOTkzN2I4ZGNlLzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zM2MxYzAtNGNiOC00NGI5LWEzZTktZTllOTkzN2I4ZGNl
LzEvWWNHZ0VNc2stWmJuZUppeEpISmJWYlkwT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuNHt8ZPL
aL/F8nMUcf/bYz/gCPDbgvbnuC0D69krZbNEBqdzCgpPE0McoduPIs3FeOEX0RvV
29x1pmoVWd2y2jphWtcOU0H+SNjM2Bsfz75d89SXGd1L5wbV3vyR5l0JDFUuLYJt
3EzTap1Y4qAQTwpfzoklpQ4SWD6ptFvCM4VxKbYkSiYqFqObHuGWbkXHxQW2mOjd
3+GtSVmZ/5v+WFOv1A+wPM3sAHtiQJVAugPtvpiR3whdthhfbd2vsM64+5z07x8F
/t2roslULyeJZC+AUui66F/pkaUOF/UMqLKFRZsNRc7mQKg229Is/HmfjuI89qa0
WPPS3tWGbr75Xw==
-----END CERTIFICATE-----