Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
File:                     wq8ZpG9azIz4_QNiSmG3koqBjNA.mft (raw, json)
Hash identifier:          bQNSZO+p+Aw7G8tcQlt2dbTWfHOXvS5Yy4N8Krofvk4=
Subject key identifier:   A0:7C:A1:28:22:94:DA:C7:F4:41:24:B6:AF:3A:DB:98:CA:7E:79:31
Authority key identifier: C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0
Certificate issuer:       /CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
Certificate serial:       019D386647FF74F8F28630C38131EAD4F86D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
Manifest number:          188A
Signing time:             Sun 29 Mar 2026 07:02:00 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:00 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:00 +0000
Files and hashes:         1: wq8ZpG9azIz4_QNiSmG3koqBjNA.crl (hash: UWRkJyJREilE+/csQrFxajsSszMRauzVDDpBM6SMR8g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:47:ff:74:f8:f2:86:30:c3:81:31:ea:d4:f8:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
        Validity
            Not Before: Mar 29 07:02:00 2026 GMT
            Not After : Mar 30 07:02:00 2026 GMT
        Subject: CN=a07ca1282294dac7f44124b6af3adb98ca7e7931
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2e:59:cb:e4:b4:97:74:22:5a:ab:0f:40:29:
                    dc:5f:e2:e2:c2:0b:7c:97:21:82:eb:40:da:ab:ba:
                    8c:61:df:66:90:51:35:ab:b6:d9:5a:4d:56:f0:ec:
                    2a:cf:c9:fc:b6:4b:79:df:03:67:ad:20:75:d0:96:
                    83:0d:eb:aa:be:3a:28:88:27:a2:19:8b:4d:7e:e5:
                    c2:43:fe:41:8f:17:72:50:0f:55:28:d6:69:da:7a:
                    ad:69:df:b9:59:9c:2e:88:d8:cd:da:18:73:fa:45:
                    f9:a3:e0:55:0d:53:b5:27:ba:bb:bd:67:10:82:75:
                    58:7e:88:f7:d2:d8:2e:9d:35:b7:38:b4:70:ee:49:
                    4c:6b:36:3c:f5:fb:7b:ab:5c:f8:eb:91:54:8f:07:
                    2f:cc:5f:85:b2:85:ca:b5:9a:0b:d7:d3:45:6a:8c:
                    bc:b8:c5:8d:17:d1:df:9c:16:5e:b7:46:f1:ef:3b:
                    99:01:ea:3f:d8:23:37:f9:0a:77:0e:15:03:48:af:
                    c6:96:c9:fb:71:c9:c6:69:d5:e1:8e:b4:0f:a3:7f:
                    f3:fa:fe:e5:f4:6b:34:fc:57:ea:61:f9:40:60:58:
                    1f:c7:c3:1c:ab:c2:75:76:de:6b:f2:37:2f:2e:fb:
                    2d:3d:fd:00:5f:30:af:a6:68:f1:16:67:57:f4:c4:
                    9a:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:7C:A1:28:22:94:DA:C7:F4:41:24:B6:AF:3A:DB:98:CA:7E:79:31
            X509v3 Authority Key Identifier:
                keyid:C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:f0:e6:0f:7c:c6:5f:6f:59:08:3d:64:ad:53:75:e7:d7:96:
         87:18:cc:8f:54:a8:ca:8c:6e:78:9a:9d:0c:70:78:1c:24:4e:
         f0:c0:59:f4:05:70:fc:a6:c3:52:a0:01:22:b0:84:eb:f1:55:
         79:6e:62:ff:46:c6:c7:7e:6d:81:82:cc:3e:21:51:83:61:16:
         e8:42:e1:c3:24:1c:cd:44:1f:dd:89:26:0b:5d:f9:34:b2:bb:
         b8:cb:b5:08:62:56:91:df:c9:a0:7e:f8:57:d2:8b:97:79:7a:
         53:f1:ee:e3:22:3c:b0:18:43:0a:f5:87:3e:fb:a0:77:0e:dc:
         7b:ba:38:03:be:a7:26:83:1e:df:5e:68:b5:49:81:f5:34:40:
         88:88:20:82:9e:6b:e3:dd:85:ea:da:44:bf:6b:d4:7f:86:10:
         04:e4:cc:2a:e8:97:61:ac:89:d7:fa:3e:ea:7d:13:3c:6a:83:
         71:52:eb:76:74:77:93:71:03:66:81:07:17:cf:36:ee:f3:7d:
         9e:29:26:41:e1:e6:a0:ec:db:17:85:cc:a5:8a:5e:93:8a:6d:
         59:ec:d0:a2:34:e4:f7:7d:ac:b7:88:32:d0:fe:a7:74:e3:f7:
         9f:00:b2:d5:fd:d5:bd:96:e5:d9:cd:43:2d:bc:52:a7:3e:96:
         63:91:37:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zkf/dPjyhjDDgTHq1PhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWYxOWE0NmY1YWNjOGNmOGZkMDM2MjRhNjFiNzkyOGE4
MThjZDAwHhcNMjYwMzI5MDcwMjAwWhcNMjYwMzMwMDcwMjAwWjAzMTEwLwYDVQQD
EyhhMDdjYTEyODIyOTRkYWM3ZjQ0MTI0YjZhZjNhZGI5OGNhN2U3OTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti5Zy+S0l3QiWqsPQCncX+Liwgt8
lyGC60Daq7qMYd9mkFE1q7bZWk1W8Owqz8n8tkt53wNnrSB10JaDDeuqvjooiCei
GYtNfuXCQ/5BjxdyUA9VKNZp2nqtad+5WZwuiNjN2hhz+kX5o+BVDVO1J7q7vWcQ
gnVYfoj30tgunTW3OLRw7klMazY89ft7q1z465FUjwcvzF+FsoXKtZoL19NFaoy8
uMWNF9HfnBZet0bx7zuZAeo/2CM3+Qp3DhUDSK/Glsn7ccnGadXhjrQPo3/z+v7l
9Gs0/FfqYflAYFgfx8Mcq8J1dt5r8jcvLvstPf0AXzCvpmjxFmdX9MSaeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKB8oSgilNrH9EEktq8625jKfnkxMB8GA1UdIwQY
MBaAFMKvGaRvWsyM+P0DYkpht5KKgYzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMt
NTYzNjgxNGE5MzM3LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMtNTYzNjgxNGE5MzM3
LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp/DmD3zG
X29ZCD1krVN159eWhxjMj1SoyoxueJqdDHB4HCRO8MBZ9AVw/KbDUqABIrCE6/FV
eW5i/0bGx35tgYLMPiFRg2EW6ELhwyQczUQf3YkmC135NLK7uMu1CGJWkd/JoH74
V9KLl3l6U/Hu4yI8sBhDCvWHPvugdw7ce7o4A76nJoMe315otUmB9TRAiIgggp5r
492F6tpEv2vUf4YQBOTMKuiXYayJ1/o+6n0TPGqDcVLrdnR3k3EDZoEHF8827vN9
nikmQeHmoOzbF4XMpYpek4ptWezQojTk932st4gy0P6ndOP3nwCy1f3VvZbl2c1D
LbxSpz6WY5E39g==
-----END CERTIFICATE-----