Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
File:                     20iBY9r1DbZG3k3yTTTLrJk_RX8.mft (raw, json)
Hash identifier:          VGE3sPIO9nq0Ge1GG5xYwIJOXJ9DvckWy8T6KOZDaoY=
Subject key identifier:   40:D9:7B:F9:8A:BF:4D:43:7E:9D:6A:CF:67:0A:73:2D:67:6A:8B:64
Authority key identifier: DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F
Certificate issuer:       /CN=db488163daf50db646de4df24d34cbac993f457f
Certificate serial:       019D37C05ECDB340E7365C5E0922C13C2873
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 04:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 04:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 04:00:47 +0000
Files and hashes:         1: 20iBY9r1DbZG3k3yTTTLrJk_RX8.crl (hash: g+c0h+yXcSjBdNTR0yv/DCfK6tem/uv/8z25C+LgOLg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:5e:cd:b3:40:e7:36:5c:5e:09:22:c1:3c:28:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db488163daf50db646de4df24d34cbac993f457f
        Validity
            Not Before: Mar 29 04:00:47 2026 GMT
            Not After : Mar 30 04:00:47 2026 GMT
        Subject: CN=40d97bf98abf4d437e9d6acf670a732d676a8b64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:52:b7:86:92:f5:dd:62:00:a8:9b:c8:d6:69:
                    04:8d:c9:c6:bc:a8:41:9e:a2:48:7b:6e:af:4a:6b:
                    3a:e7:59:8c:79:2c:fc:a5:37:c4:b7:bc:49:b3:5c:
                    47:5a:73:f2:fe:43:96:b5:df:1b:63:4f:22:34:4e:
                    a8:01:61:70:8b:70:90:67:fb:22:bb:68:af:69:08:
                    da:77:41:e0:93:d6:0b:d7:27:a5:73:49:3d:cd:42:
                    5c:d2:5b:6e:b8:be:88:b3:0a:78:0b:91:0b:54:80:
                    46:09:c8:90:21:1f:e2:2c:bc:89:02:e6:a3:3e:b5:
                    7c:04:e7:90:47:46:10:a5:52:5e:2e:5b:c9:b7:90:
                    cf:b1:0b:3b:8a:00:36:a1:7b:b2:2c:ca:3a:b7:e7:
                    45:10:3a:96:5d:d8:e7:a9:ae:4c:0c:36:f8:bf:7e:
                    00:a8:c8:8a:96:53:73:ed:38:6c:9b:ee:1d:97:22:
                    b6:9e:e6:7f:12:d4:78:b9:d1:56:e8:fa:e0:b1:54:
                    e9:c2:09:97:0e:c5:59:e2:f3:b8:1f:30:fb:f1:5d:
                    37:3a:b5:a2:a5:1a:34:d6:e8:21:81:8d:5d:ca:0d:
                    8c:26:68:0f:14:09:3c:b4:82:3c:77:fb:95:cc:6c:
                    be:12:b8:97:30:38:4d:d5:a8:26:cd:25:a5:a3:22:
                    7f:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:D9:7B:F9:8A:BF:4D:43:7E:9D:6A:CF:67:0A:73:2D:67:6A:8B:64
            X509v3 Authority Key Identifier:
                keyid:DB:48:81:63:DA:F5:0D:B6:46:DE:4D:F2:4D:34:CB:AC:99:3F:45:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20iBY9r1DbZG3k3yTTTLrJk_RX8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4e5c10-71ed-4deb-b4e0-19d57ff1fbd9/1/20iBY9r1DbZG3k3yTTTLrJk_RX8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:25:e2:b4:07:48:1f:d3:b5:12:d1:5d:43:85:1c:5a:c8:a2:
         c6:d4:49:bd:7d:fd:57:ec:79:e2:fc:c3:d8:d3:4a:69:9f:08:
         e2:76:c7:3e:1f:95:25:8c:03:54:a4:c0:a6:bb:fd:c4:4c:5d:
         5e:d8:6a:ce:e1:52:76:b3:a8:79:7c:8b:48:c9:26:c8:7b:fa:
         69:0f:3a:60:ba:d1:a0:d1:f4:78:82:39:1d:41:86:5d:78:fd:
         2d:38:cd:fc:0d:af:84:8f:56:57:70:29:4f:23:9b:21:3b:2d:
         1a:20:64:c2:41:c6:19:df:3b:51:64:3d:f5:db:ef:76:77:d0:
         52:55:d8:d5:48:40:e0:24:4e:80:cd:b6:28:82:3a:cd:ba:59:
         d2:59:fb:15:e8:7a:c5:ea:98:93:26:e0:dc:ee:34:9a:34:91:
         48:b5:0b:8b:22:69:92:0c:33:00:be:2e:ea:86:42:00:c6:bb:
         47:fc:ed:72:ec:d4:7a:f2:0d:40:c6:5a:79:7f:71:35:ad:00:
         c5:c0:f6:e5:87:16:dc:79:f5:4f:18:01:4e:be:d1:8e:a9:8d:
         6d:8c:a9:97:3b:9b:39:61:6a:c0:00:c1:81:60:3f:56:e0:72:
         fc:7d:9d:58:4a:37:b8:83:e6:b2:9f:a2:31:8c:94:fc:56:47:
         d4:92:ed:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wF7Ns0DnNlxeCSLBPChzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDg4MTYzZGFmNTBkYjY0NmRlNGRmMjRkMzRjYmFjOTkz
ZjQ1N2YwHhcNMjYwMzI5MDQwMDQ3WhcNMjYwMzMwMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg0MGQ5N2JmOThhYmY0ZDQzN2U5ZDZhY2Y2NzBhNzMyZDY3NmE4YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFK3hpL13WIAqJvI1mkEjcnGvKhB
nqJIe26vSms651mMeSz8pTfEt7xJs1xHWnPy/kOWtd8bY08iNE6oAWFwi3CQZ/si
u2ivaQjad0Hgk9YL1yelc0k9zUJc0ltuuL6Iswp4C5ELVIBGCciQIR/iLLyJAuaj
PrV8BOeQR0YQpVJeLlvJt5DPsQs7igA2oXuyLMo6t+dFEDqWXdjnqa5MDDb4v34A
qMiKllNz7Thsm+4dlyK2nuZ/EtR4udFW6PrgsVTpwgmXDsVZ4vO4HzD78V03OrWi
pRo01ughgY1dyg2MJmgPFAk8tII8d/uVzGy+EriXMDhN1agmzSWloyJ/FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDZe/mKv01Dfp1qz2cKcy1naotkMB8GA1UdIwQY
MBaAFNtIgWPa9Q22Rt5N8k00y6yZP0V/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAt
MTlkNTdmZjFmYmQ5LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZTVjMTAtNzFlZC00ZGViLWI0ZTAtMTlkNTdmZjFmYmQ5
LzEvMjBpQlk5cjFEYlpHM2szeVRUVExySmtfUlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyCXitAdI
H9O1EtFdQ4UcWsiixtRJvX39V+x54vzD2NNKaZ8I4nbHPh+VJYwDVKTAprv9xExd
XthqzuFSdrOoeXyLSMkmyHv6aQ86YLrRoNH0eII5HUGGXXj9LTjN/A2vhI9WV3Ap
TyObITstGiBkwkHGGd87UWQ99dvvdnfQUlXY1UhA4CROgM22KII6zbpZ0ln7Feh6
xeqYkybg3O40mjSRSLULiyJpkgwzAL4u6oZCAMa7R/ztcuzUevINQMZaeX9xNa0A
xcD25YcW3Hn1TxgBTr7RjqmNbYyplzubOWFqwADBgWA/VuBy/H2dWEo3uIPmsp+i
MYyU/FZH1JLtCg==
-----END CERTIFICATE-----