Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          7zczC1ntC8RQX8QF4OKKp5gQrRle/nNfa4b0/vnha4Q=
Subject key identifier:   EB:B3:D3:78:07:DD:6B:A4:DC:5E:14:10:0E:4E:6D:89:F4:96:82:47
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       019D38D39BF095EA6E25448390292B3C5F73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 09:01:25 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:25 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:25 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: G4uuV+AVw2du+jU6bYmYCHUXhHSGPTG9xZoJ6+v0nbw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:9b:f0:95:ea:6e:25:44:83:90:29:2b:3c:5f:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Mar 29 09:01:25 2026 GMT
            Not After : Mar 30 09:01:25 2026 GMT
        Subject: CN=ebb3d37807dd6ba4dc5e14100e4e6d89f4968247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:0a:3b:f8:a8:d4:3e:61:ef:fc:fd:54:5c:54:
                    20:d3:24:73:c3:e7:63:a9:35:82:57:75:9b:21:bd:
                    bc:df:1c:fc:c1:69:1e:4c:50:ce:fa:e9:39:a8:b4:
                    21:84:87:75:c9:a5:8d:d5:2a:2e:85:3f:aa:ed:de:
                    ab:91:c9:73:17:07:f0:6e:b2:ce:79:85:96:93:6e:
                    ea:5c:43:96:90:92:d6:a5:51:09:b5:11:fc:75:60:
                    23:27:6d:83:cc:a6:a2:98:e4:31:62:27:66:cc:82:
                    45:bf:8c:20:93:e9:44:09:f9:1f:f6:f9:e7:9b:3b:
                    87:ff:83:5f:50:fd:77:9d:d3:9c:8d:f0:d1:97:d5:
                    db:cb:49:0a:27:5c:da:08:99:33:a9:02:a5:ca:d9:
                    72:05:92:a6:80:9e:6a:3e:f2:5a:cc:b3:6a:6b:f4:
                    5b:93:89:29:0a:03:c3:ed:1a:39:19:a1:89:84:86:
                    d3:e5:92:00:c7:5a:2c:ee:b0:72:13:a4:84:06:d7:
                    21:14:04:21:2e:f5:62:22:50:ee:44:9c:d7:13:2f:
                    15:d0:27:1d:56:2f:17:4e:23:59:3f:3f:76:15:9c:
                    1b:c8:7c:19:89:15:65:81:ca:fc:99:ed:c3:4e:c9:
                    8b:41:e1:f0:a6:d1:98:f5:f2:52:92:5d:94:71:74:
                    4c:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:B3:D3:78:07:DD:6B:A4:DC:5E:14:10:0E:4E:6D:89:F4:96:82:47
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:65:11:a0:0b:51:80:05:b0:42:b5:fe:25:47:de:4a:a3:ed:
         da:5b:e6:13:60:01:55:ff:94:ad:70:07:06:0c:82:e4:a7:d6:
         61:fb:b6:ff:1d:9a:cf:4b:cb:b4:72:64:a4:78:73:d1:cb:2f:
         78:88:3a:ef:59:1b:e2:86:35:7f:db:8e:78:46:47:62:ab:4e:
         d8:dd:35:57:37:de:d7:f4:83:34:66:7b:f1:dc:cc:52:65:31:
         74:d1:11:c4:76:f1:23:85:60:23:e9:2c:a3:70:3c:7f:83:c6:
         a0:67:e7:ed:06:a9:c1:92:d2:02:33:e1:53:0d:f5:a0:28:09:
         a8:97:fd:c5:65:a9:e4:69:ba:66:51:dc:bc:11:ea:62:e7:4c:
         eb:24:b9:8e:2b:65:21:e7:8b:2b:e7:8f:77:57:23:20:a1:fe:
         2d:20:dd:d4:44:46:26:dd:02:ea:60:ef:91:c2:5e:cc:50:e9:
         69:68:91:f6:35:86:60:c6:6b:d3:d4:d2:3f:2c:80:11:65:2d:
         34:f9:dd:8a:bb:25:8c:56:93:2a:ce:7e:43:72:97:76:2e:10:
         5c:16:83:ee:44:42:b0:e5:ec:fb:5c:51:98:f4:0b:c9:66:a9:
         c0:69:3e:52:2c:02:69:58:64:28:2e:09:ef:cf:23:dd:70:50:
         11:6e:60:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0405vwlepuJUSDkCkrPF9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjYwMzI5MDkwMTI1WhcNMjYwMzMwMDkwMTI1WjAzMTEwLwYDVQQD
EyhlYmIzZDM3ODA3ZGQ2YmE0ZGM1ZTE0MTAwZTRlNmQ4OWY0OTY4MjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgo7+KjUPmHv/P1UXFQg0yRzw+dj
qTWCV3WbIb283xz8wWkeTFDO+uk5qLQhhId1yaWN1SouhT+q7d6rkclzFwfwbrLO
eYWWk27qXEOWkJLWpVEJtRH8dWAjJ22DzKaimOQxYidmzIJFv4wgk+lECfkf9vnn
mzuH/4NfUP13ndOcjfDRl9Xby0kKJ1zaCJkzqQKlytlyBZKmgJ5qPvJazLNqa/Rb
k4kpCgPD7Ro5GaGJhIbT5ZIAx1os7rByE6SEBtchFAQhLvViIlDuRJzXEy8V0Ccd
Vi8XTiNZPz92FZwbyHwZiRVlgcr8me3DTsmLQeHwptGY9fJSkl2UcXRMyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuz03gH3Wuk3F4UEA5ObYn0loJHMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmURoAtR
gAWwQrX+JUfeSqPt2lvmE2ABVf+UrXAHBgyC5KfWYfu2/x2az0vLtHJkpHhz0csv
eIg671kb4oY1f9uOeEZHYqtO2N01Vzfe1/SDNGZ78dzMUmUxdNERxHbxI4VgI+ks
o3A8f4PGoGfn7QapwZLSAjPhUw31oCgJqJf9xWWp5Gm6ZlHcvBHqYudM6yS5jitl
IeeLK+ePd1cjIKH+LSDd1ERGJt0C6mDvkcJezFDpaWiR9jWGYMZr09TSPyyAEWUt
NPndirsljFaTKs5+Q3KXdi4QXBaD7kRCsOXs+1xRmPQLyWapwGk+UiwCaVhkKC4J
788j3XBQEW5gvQ==
-----END CERTIFICATE-----