Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
File:                     _oN5mWfs0ExTYUie5M-gmM5DaHE.mft (raw, json)
Hash identifier:          1uBOB+j4aGwUqJafYReLawXlSQuIk5dV2Cup/SjjeJg=
Subject key identifier:   BE:E8:B0:20:86:AF:A3:24:AF:9F:25:C5:52:69:34:F6:BF:DE:3E:EE
Authority key identifier: FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71
Certificate issuer:       /CN=fe83799967ecd04c5361489ee4cfa098ce436871
Certificate serial:       019D3865B1156B916F5FC0FB5C2BB27649DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:21 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:21 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:21 +0000
Files and hashes:         1: _oN5mWfs0ExTYUie5M-gmM5DaHE.crl (hash: mltvkqvKEuA+QC06ITDOuh+oxm6hqm0SYxRSS5RY3DU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b1:15:6b:91:6f:5f:c0:fb:5c:2b:b2:76:49:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe83799967ecd04c5361489ee4cfa098ce436871
        Validity
            Not Before: Mar 29 07:01:21 2026 GMT
            Not After : Mar 30 07:01:21 2026 GMT
        Subject: CN=bee8b02086afa324af9f25c5526934f6bfde3eee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ee:18:02:ab:1b:9a:04:82:3e:b6:b8:8d:cb:
                    48:b6:42:68:90:cb:7e:8c:08:ab:d5:77:f4:ba:e6:
                    fe:da:f8:c9:84:16:fc:51:21:6f:1d:33:4d:1f:f0:
                    51:75:cb:37:55:9e:6f:ee:c7:05:bb:e5:10:77:61:
                    2e:6d:d1:ef:3e:05:8a:61:a0:8e:a3:5f:3c:9c:6a:
                    70:76:f8:58:1a:da:53:df:10:f6:b1:86:94:d5:63:
                    b9:c0:0e:66:ec:f2:28:2b:e3:d9:7e:f0:0f:03:2b:
                    06:17:96:cb:99:d2:39:80:62:72:7e:33:b4:55:a0:
                    39:c0:37:0a:89:1d:4f:e8:33:83:f6:67:6c:fe:b2:
                    75:45:3f:1f:7b:0e:e9:cd:f0:56:d7:6f:ba:0c:9f:
                    3e:fb:0c:46:13:81:6e:b8:4b:ab:03:f0:1b:6d:0a:
                    f5:b5:e4:3d:db:35:82:ae:75:07:fe:85:20:9e:fe:
                    9a:ac:52:f0:cf:33:2e:67:81:6d:29:b3:f2:58:fc:
                    dd:dc:39:29:f9:e2:67:07:12:a7:9e:2d:50:d5:12:
                    5c:08:15:0c:f3:d4:c8:13:a9:bb:4a:72:d6:21:1b:
                    74:4a:da:27:b7:3c:d9:e7:ea:fd:49:e7:05:8e:a9:
                    24:5d:c8:bb:fd:5b:09:65:65:4f:85:2f:72:84:85:
                    de:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:E8:B0:20:86:AF:A3:24:AF:9F:25:C5:52:69:34:F6:BF:DE:3E:EE
            X509v3 Authority Key Identifier:
                keyid:FE:83:79:99:67:EC:D0:4C:53:61:48:9E:E4:CF:A0:98:CE:43:68:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oN5mWfs0ExTYUie5M-gmM5DaHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9af033-234d-4404-8096-c73bedcdca6d/1/_oN5mWfs0ExTYUie5M-gmM5DaHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:80:06:2d:15:06:87:af:0c:e5:a8:ca:66:1e:80:97:c6:5d:
         22:27:e1:12:5e:b9:b2:67:d9:cf:cb:53:53:38:2b:9a:5a:dd:
         c9:b9:3a:a7:d1:19:d1:bb:59:68:b5:39:d7:f6:3c:01:bc:8c:
         6c:f4:c3:32:8c:ef:d4:c1:a1:fe:85:64:1a:bf:01:b0:3d:d1:
         fa:b1:2c:af:0e:b7:31:5e:d1:97:60:99:18:8c:c6:e3:f0:27:
         b1:df:8c:26:59:3d:2a:b0:5b:3c:f5:27:a8:96:dc:2c:1b:e6:
         09:09:a3:71:5d:f3:98:d3:84:a5:34:70:fb:66:a4:ef:1c:95:
         d3:3c:86:f9:34:73:04:54:24:eb:8e:e8:0f:e4:f5:9d:fb:3b:
         ab:90:25:c2:72:7e:eb:fc:60:5a:3c:4f:2c:e9:53:da:6a:17:
         31:51:1a:e6:ae:8c:74:80:73:d4:52:f5:5f:17:0c:dc:59:ea:
         e2:57:d6:90:ec:39:81:7e:8d:f4:f2:e9:8d:5b:e4:bc:cb:76:
         01:81:95:b7:47:a2:70:75:88:c7:c9:37:99:7d:3d:58:b0:b0:
         f0:da:e8:37:48:83:e8:0a:bf:6f:b7:b6:d0:3d:d3:59:f1:1b:
         7a:aa:88:17:64:d9:cf:c5:6c:6c:2a:54:dd:91:9c:df:00:2f:
         69:e6:24:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbEVa5FvX8D7XCuydkndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODM3OTk5NjdlY2QwNGM1MzYxNDg5ZWU0Y2ZhMDk4Y2U0
MzY4NzEwHhcNMjYwMzI5MDcwMTIxWhcNMjYwMzMwMDcwMTIxWjAzMTEwLwYDVQQD
EyhiZWU4YjAyMDg2YWZhMzI0YWY5ZjI1YzU1MjY5MzRmNmJmZGUzZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO4YAqsbmgSCPra4jctItkJokMt+
jAir1Xf0uub+2vjJhBb8USFvHTNNH/BRdcs3VZ5v7scFu+UQd2EubdHvPgWKYaCO
o188nGpwdvhYGtpT3xD2sYaU1WO5wA5m7PIoK+PZfvAPAysGF5bLmdI5gGJyfjO0
VaA5wDcKiR1P6DOD9mds/rJ1RT8few7pzfBW12+6DJ8++wxGE4FuuEurA/AbbQr1
teQ92zWCrnUH/oUgnv6arFLwzzMuZ4FtKbPyWPzd3Dkp+eJnBxKnni1Q1RJcCBUM
89TIE6m7SnLWIRt0StontzzZ5+r9SecFjqkkXci7/VsJZWVPhS9yhIXeBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7osCCGr6Mkr58lxVJpNPa/3j7uMB8GA1UdIwQY
MBaAFP6DeZln7NBMU2FInuTPoJjOQ2hxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYt
YzczYmVkY2RjYTZkLzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85YWYwMzMtMjM0ZC00NDA0LTgwOTYtYzczYmVkY2RjYTZk
LzEvX29ONW1XZnMwRXhUWVVpZTVNLWdtTTVEYUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApYAGLRUG
h68M5ajKZh6Al8ZdIifhEl65smfZz8tTUzgrmlrdybk6p9EZ0btZaLU51/Y8AbyM
bPTDMozv1MGh/oVkGr8BsD3R+rEsrw63MV7Rl2CZGIzG4/Ansd+MJlk9KrBbPPUn
qJbcLBvmCQmjcV3zmNOEpTRw+2ak7xyV0zyG+TRzBFQk647oD+T1nfs7q5AlwnJ+
6/xgWjxPLOlT2moXMVEa5q6MdIBz1FL1XxcM3Fnq4lfWkOw5gX6N9PLpjVvkvMt2
AYGVt0eicHWIx8k3mX09WLCw8NroN0iD6Aq/b7e20D3TWfEbeqqIF2TZz8VsbCpU
3ZGc3wAvaeYktg==
-----END CERTIFICATE-----