Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
File:                     y_nNJDztaTe2vqVxAoFP-bpCZiE.mft (raw, json)
Hash identifier:          Oe/ORFeNRAFPgA6JJlVHwzCY6eDguADOM4Bu1A1NGzA=
Subject key identifier:   7C:96:E9:2D:37:20:17:A2:2D:83:AD:D2:34:0A:14:D4:86:A9:7A:73
Authority key identifier: CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21
Certificate issuer:       /CN=cbf9cd243ced6937b6bea57102814ff9ba426621
Certificate serial:       019D38D3116AB1CA3B6273C130E4BC329725
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 09:00:49 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:49 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:49 +0000
Files and hashes:         1: y_nNJDztaTe2vqVxAoFP-bpCZiE.crl (hash: a2EWsVDYoWVlB1x9WQO6neiMYcTWAcoX9KK4bY9g7og=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:11:6a:b1:ca:3b:62:73:c1:30:e4:bc:32:97:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbf9cd243ced6937b6bea57102814ff9ba426621
        Validity
            Not Before: Mar 29 09:00:49 2026 GMT
            Not After : Mar 30 09:00:49 2026 GMT
        Subject: CN=7c96e92d372017a22d83add2340a14d486a97a73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:e2:5a:9e:ce:d4:e2:25:c4:aa:c8:74:cf:58:
                    46:30:f0:b4:0c:52:67:09:d8:76:1b:03:74:82:fd:
                    89:12:1d:23:e2:68:08:48:cf:36:1e:24:32:10:4b:
                    c1:8c:15:57:a5:d7:7b:35:70:db:87:e9:ee:93:f5:
                    d7:f3:7f:02:18:11:e8:41:1a:bc:d5:ad:17:a0:05:
                    ba:94:01:6a:09:91:6c:d9:e6:3f:c2:e8:0e:f8:e9:
                    f0:16:87:18:02:ad:50:c5:e8:75:32:81:f3:b0:a4:
                    9b:fc:cb:50:b2:b3:18:c4:cb:2a:ae:3b:d0:c4:04:
                    3e:0b:f7:74:c5:a8:a5:5b:09:3a:ce:18:d1:21:43:
                    59:0c:fc:e6:ce:b6:08:ae:7e:ae:57:15:3a:e3:b9:
                    a7:c3:ea:54:ab:d5:10:b1:78:aa:2b:4d:ed:10:4d:
                    2e:df:90:35:8d:cf:92:97:59:74:12:aa:3b:f3:4a:
                    4a:41:6d:eb:7d:c8:14:1b:4d:58:8d:1d:51:39:1a:
                    c5:5c:a0:8c:ae:b3:45:99:da:27:cc:ca:d9:35:a0:
                    dd:41:df:0d:4b:80:27:ec:c5:88:84:27:e2:93:64:
                    c7:d7:1a:6f:f9:21:0a:91:0a:51:50:d3:24:0b:a9:
                    8e:89:cb:81:bf:ba:ed:b6:08:75:cb:46:dc:7b:64:
                    c0:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:96:E9:2D:37:20:17:A2:2D:83:AD:D2:34:0A:14:D4:86:A9:7A:73
            X509v3 Authority Key Identifier:
                keyid:CB:F9:CD:24:3C:ED:69:37:B6:BE:A5:71:02:81:4F:F9:BA:42:66:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_nNJDztaTe2vqVxAoFP-bpCZiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/497dd1-755e-442a-b31d-1c13250a6a3c/1/y_nNJDztaTe2vqVxAoFP-bpCZiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:3a:ad:13:d5:25:39:ac:19:fe:e6:17:15:dd:aa:ec:c6:11:
         f2:b2:a5:ee:24:7c:4e:03:6b:0f:aa:b1:a5:63:5c:71:25:a7:
         90:06:25:31:08:1d:10:23:6c:ff:0d:67:21:f4:52:42:99:bf:
         2e:72:1a:be:f3:45:73:22:f5:1f:5d:d5:94:d9:80:c2:1f:eb:
         83:3f:45:8c:34:2f:3c:69:b5:62:57:f4:b7:c8:6b:1d:2a:a3:
         6c:cc:58:35:85:1f:7c:3b:a1:82:b9:8b:e3:0e:67:22:8b:6e:
         86:7c:7d:61:f2:9a:5a:b5:af:46:11:6d:48:93:2a:96:99:e0:
         57:e1:85:80:4a:79:6f:1b:a5:30:1b:db:10:10:42:96:6e:7a:
         ae:ec:c1:14:7c:ac:ad:8a:83:e7:ac:04:8e:e7:24:8a:63:80:
         1f:cd:ed:19:70:2b:d7:97:dc:6e:bc:43:72:6a:de:af:74:d5:
         52:a4:b2:79:f9:08:cb:8a:46:72:f2:96:6e:af:ab:d2:56:f1:
         7a:7b:51:04:d4:ec:39:9b:52:fe:4c:35:49:a6:4f:9a:fd:79:
         f1:7a:50:48:b2:d3:a4:70:46:1f:fc:c9:17:ee:6c:dd:97:77:
         5b:76:0e:21:9a:e5:3b:39:77:58:53:95:5b:2d:a9:36:5c:88:
         d2:7e:c9:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xFqsco7YnPBMOS8MpclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjljZDI0M2NlZDY5MzdiNmJlYTU3MTAyODE0ZmY5YmE0
MjY2MjEwHhcNMjYwMzI5MDkwMDQ5WhcNMjYwMzMwMDkwMDQ5WjAzMTEwLwYDVQQD
Eyg3Yzk2ZTkyZDM3MjAxN2EyMmQ4M2FkZDIzNDBhMTRkNDg2YTk3YTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeJans7U4iXEqsh0z1hGMPC0DFJn
Cdh2GwN0gv2JEh0j4mgISM82HiQyEEvBjBVXpdd7NXDbh+nuk/XX838CGBHoQRq8
1a0XoAW6lAFqCZFs2eY/wugO+OnwFocYAq1Qxeh1MoHzsKSb/MtQsrMYxMsqrjvQ
xAQ+C/d0xailWwk6zhjRIUNZDPzmzrYIrn6uVxU647mnw+pUq9UQsXiqK03tEE0u
35A1jc+Sl1l0Eqo780pKQW3rfcgUG01YjR1RORrFXKCMrrNFmdonzMrZNaDdQd8N
S4An7MWIhCfik2TH1xpv+SEKkQpRUNMkC6mOicuBv7rttgh1y0bce2TAQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHyW6S03IBeiLYOt0jQKFNSGqXpzMB8GA1UdIwQY
MBaAFMv5zSQ87Wk3tr6lcQKBT/m6QmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQt
MWMxMzI1MGE2YTNjLzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80OTdkZDEtNzU1ZS00NDJhLWIzMWQtMWMxMzI1MGE2YTNj
LzEveV9uTkpEenRhVGUydnFWeEFvRlAtYnBDWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTqtE9Ul
OawZ/uYXFd2q7MYR8rKl7iR8TgNrD6qxpWNccSWnkAYlMQgdECNs/w1nIfRSQpm/
LnIavvNFcyL1H13VlNmAwh/rgz9FjDQvPGm1Ylf0t8hrHSqjbMxYNYUffDuhgrmL
4w5nIotuhnx9YfKaWrWvRhFtSJMqlpngV+GFgEp5bxulMBvbEBBClm56ruzBFHys
rYqD56wEjuckimOAH83tGXAr15fcbrxDcmrer3TVUqSyefkIy4pGcvKWbq+r0lbx
entRBNTsOZtS/kw1SaZPmv158XpQSLLTpHBGH/zJF+5s3Zd3W3YOIZrlOzl3WFOV
Wy2pNlyI0n7JKg==
-----END CERTIFICATE-----