Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
File:                     PKE4ItxLDjEIGkhX_QQHDW2svgw.mft (raw, json)
Hash identifier:          yHTg4ZL/OeKtoKM5zmw/hoCNhHmDPSi+XG7eS1adiwo=
Subject key identifier:   20:FA:02:B5:05:BF:D5:AE:C3:00:C5:6D:6B:32:89:07:AC:BB:08:9A
Authority key identifier: 3C:A1:38:22:DC:4B:0E:31:08:1A:48:57:FD:04:07:0D:6D:AC:BE:0C
Certificate issuer:       /CN=3ca13822dc4b0e31081a4857fd04070d6dacbe0c
Certificate serial:       019D37C03917649761370A07FF15279F7023
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 04:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:37 +0000
Files and hashes:         1: PKE4ItxLDjEIGkhX_QQHDW2svgw.crl (hash: 6D3wriMKwE4ll/k5S70X1FbyFmi2Nn83MOlOb6tkEss=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:39:17:64:97:61:37:0a:07:ff:15:27:9f:70:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ca13822dc4b0e31081a4857fd04070d6dacbe0c
        Validity
            Not Before: Mar 29 04:00:37 2026 GMT
            Not After : Mar 30 04:00:37 2026 GMT
        Subject: CN=20fa02b505bfd5aec300c56d6b328907acbb089a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d2:f8:bc:a7:39:7e:2b:11:3d:5b:4e:b6:17:
                    15:32:65:50:a8:9c:b8:55:9e:db:6b:21:ec:77:c7:
                    d8:c3:b5:ad:08:87:87:ad:df:b7:23:0c:0a:3f:20:
                    ee:17:70:73:f7:db:f8:4e:bd:15:e7:63:da:58:44:
                    99:c1:57:df:a6:9b:4f:ce:aa:fc:db:cc:22:89:d1:
                    2b:5b:c2:5c:e0:1a:10:fe:c0:a7:db:1c:db:af:61:
                    13:9b:86:59:63:42:31:3f:56:eb:7a:2a:9d:6f:1d:
                    9c:d6:7e:fb:3f:d3:50:87:43:84:30:73:17:db:67:
                    b2:d7:a7:16:8d:b4:9f:58:c2:ba:ba:aa:fa:50:77:
                    65:b5:47:1d:d3:6c:d1:96:3f:f0:9d:c3:53:d0:a1:
                    1b:7b:0c:a9:32:9c:f8:c7:9f:2a:ab:b1:e6:29:d5:
                    8f:c1:b1:df:d0:64:0f:4b:b7:95:ed:fd:40:8e:cb:
                    48:d1:c9:9a:de:b7:75:02:6b:20:56:60:3c:a1:cb:
                    5a:30:57:cf:6f:68:9e:35:08:c2:91:2a:fe:1d:10:
                    3a:4a:4b:66:c7:eb:93:00:21:ad:75:2b:65:57:77:
                    cb:5c:70:98:42:17:45:9d:45:67:5c:92:93:15:5d:
                    53:83:a3:7d:bb:5e:7d:37:0f:44:ec:04:90:02:50:
                    9d:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:FA:02:B5:05:BF:D5:AE:C3:00:C5:6D:6B:32:89:07:AC:BB:08:9A
            X509v3 Authority Key Identifier:
                keyid:3C:A1:38:22:DC:4B:0E:31:08:1A:48:57:FD:04:07:0D:6D:AC:BE:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKE4ItxLDjEIGkhX_QQHDW2svgw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/37f0bd-ad1a-42f9-b948-b294f6bf8137/1/PKE4ItxLDjEIGkhX_QQHDW2svgw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:fe:bc:fe:14:fe:88:1f:19:2d:a5:dc:b1:78:85:b5:79:a6:
         f4:84:9e:ff:5e:24:4e:30:34:c8:ea:35:b7:c2:69:91:25:8a:
         12:7a:72:5f:f2:37:3e:30:c5:b3:19:3a:4b:b3:80:41:00:ec:
         ea:70:6c:7d:1b:30:a6:ea:09:60:54:4d:b2:a9:30:5d:29:83:
         df:b0:4b:3b:fb:da:5a:55:1c:c5:23:41:7b:7d:4e:98:5d:95:
         5d:ad:4c:37:89:b7:fd:ee:76:30:23:8a:a4:93:6d:e3:cc:44:
         dc:e1:c5:3f:a4:d4:d8:0f:f0:cc:b5:dc:8c:c5:3c:64:93:7e:
         57:ce:57:6f:c4:ae:77:70:e2:cd:fd:11:0c:0a:8b:c1:05:c8:
         94:56:4c:8b:89:93:93:be:62:d5:c3:22:ba:8d:17:33:c2:fb:
         8a:bd:da:7c:c7:2a:4a:d9:d7:5f:bb:a6:df:7c:2d:c5:24:06:
         9e:bf:70:56:62:80:f9:fb:28:b0:21:ba:af:f1:4f:fe:02:7b:
         f3:f5:0c:af:51:16:a9:16:44:0a:37:09:13:ab:8e:5f:ba:f9:
         5b:55:10:6d:aa:70:1b:d7:7c:65:21:f3:f3:10:aa:47:3c:0d:
         c3:65:ba:78:dd:58:30:87:aa:b4:cf:0f:2e:52:20:95:d5:08:
         d7:cf:48:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wDkXZJdhNwoH/xUnn3AjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYTEzODIyZGM0YjBlMzEwODFhNDg1N2ZkMDQwNzBkNmRh
Y2JlMGMwHhcNMjYwMzI5MDQwMDM3WhcNMjYwMzMwMDQwMDM3WjAzMTEwLwYDVQQD
EygyMGZhMDJiNTA1YmZkNWFlYzMwMGM1NmQ2YjMyODkwN2FjYmIwODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9L4vKc5fisRPVtOthcVMmVQqJy4
VZ7bayHsd8fYw7WtCIeHrd+3IwwKPyDuF3Bz99v4Tr0V52PaWESZwVffpptPzqr8
28wiidErW8Jc4BoQ/sCn2xzbr2ETm4ZZY0IxP1breiqdbx2c1n77P9NQh0OEMHMX
22ey16cWjbSfWMK6uqr6UHdltUcd02zRlj/wncNT0KEbewypMpz4x58qq7HmKdWP
wbHf0GQPS7eV7f1AjstI0cma3rd1AmsgVmA8octaMFfPb2ieNQjCkSr+HRA6Sktm
x+uTACGtdStlV3fLXHCYQhdFnUVnXJKTFV1Tg6N9u159Nw9E7ASQAlCdxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCD6ArUFv9WuwwDFbWsyiQesuwiaMB8GA1UdIwQY
MBaAFDyhOCLcSw4xCBpIV/0EBw1trL4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zN2YwYmQtYWQxYS00MmY5LWI5NDgt
YjI5NGY2YmY4MTM3LzEvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zN2YwYmQtYWQxYS00MmY5LWI5NDgtYjI5NGY2YmY4MTM3
LzEvUEtFNEl0eExEakVJR2toWF9RUUhEVzJzdmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh/68/hT+
iB8ZLaXcsXiFtXmm9ISe/14kTjA0yOo1t8JpkSWKEnpyX/I3PjDFsxk6S7OAQQDs
6nBsfRswpuoJYFRNsqkwXSmD37BLO/vaWlUcxSNBe31OmF2VXa1MN4m3/e52MCOK
pJNt48xE3OHFP6TU2A/wzLXcjMU8ZJN+V85Xb8Sud3Dizf0RDAqLwQXIlFZMi4mT
k75i1cMiuo0XM8L7ir3afMcqStnXX7um33wtxSQGnr9wVmKA+fsosCG6r/FP/gJ7
8/UMr1EWqRZECjcJE6uOX7r5W1UQbapwG9d8ZSHz8xCqRzwNw2W6eN1YMIeqtM8P
LlIgldUI189Iog==
-----END CERTIFICATE-----