Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          LjDC99DFuuJ2Ug7o0hDcFIsoNnFe9DEXFt16cxuU76Q=
Subject key identifier:   D4:19:9B:05:C2:0E:2C:1E:6F:83:75:8D:F0:8C:96:C6:48:2E:E5:F8
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019D39AEA106CB41B6D0507D3D8A20C5502E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 13:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:38 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: CZCwhNMtDHcp9SncX6KoQ8yHt6tnxZSkoWD2AIWr5Ik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:a1:06:cb:41:b6:d0:50:7d:3d:8a:20:c5:50:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Mar 29 13:00:38 2026 GMT
            Not After : Mar 30 13:00:38 2026 GMT
        Subject: CN=d4199b05c20e2c1e6f83758df08c96c6482ee5f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8e:83:5c:21:c7:37:ff:66:1d:42:68:2b:74:
                    45:eb:d9:1e:b3:51:97:d8:8a:98:67:b7:df:01:ea:
                    b2:8a:f8:88:7b:c9:d8:f5:5f:37:2e:76:3a:91:8e:
                    c7:96:e8:2e:8f:9e:6a:14:5d:8f:99:be:1f:27:3e:
                    f5:bd:16:11:0e:15:d7:f1:70:a5:77:20:4d:05:7d:
                    2c:1d:ec:b2:58:44:f1:38:ac:f0:60:85:08:7a:db:
                    c1:e5:a9:67:58:68:07:a5:72:eb:1f:a8:1d:2a:e5:
                    d5:e7:5b:7c:4a:ba:9a:6f:45:90:be:cf:6c:aa:f8:
                    93:7f:8e:80:f0:d1:81:82:7f:9d:79:27:97:65:42:
                    4c:de:66:65:d3:17:6d:a5:6a:ff:80:5e:5d:61:c3:
                    86:b1:5a:8e:66:11:25:c5:6c:d8:ff:97:fa:bc:17:
                    e0:fd:78:d7:e2:40:c3:0c:0e:d3:6e:d3:f2:0e:80:
                    73:a6:62:e0:20:17:49:df:45:ba:bc:f6:43:0a:cf:
                    e4:bd:15:0c:bb:da:fd:bf:04:ed:35:2f:04:ee:78:
                    d4:16:8d:88:82:d9:51:e6:4f:fd:2a:e7:e5:06:2e:
                    61:c5:43:46:49:e3:b3:ec:c6:ec:43:10:02:e5:ae:
                    4b:a6:5b:73:a1:b0:a9:f4:6a:7d:93:d2:e8:00:f4:
                    9d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:19:9B:05:C2:0E:2C:1E:6F:83:75:8D:F0:8C:96:C6:48:2E:E5:F8
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:37:75:14:ca:fa:44:58:6a:61:a4:24:cf:34:76:be:73:fa:
         37:b0:18:f5:9d:0b:13:b3:02:9b:a9:9e:b9:8c:34:7a:d2:c5:
         77:bc:bb:77:59:4a:25:68:d0:84:fa:41:11:86:34:84:47:4c:
         09:27:a0:a3:68:4c:39:89:26:b0:b8:de:ae:7f:cb:99:53:64:
         af:cf:2f:68:9d:6b:76:7f:4b:1b:e3:d0:30:f9:95:d1:1c:f7:
         64:73:dd:9b:f7:28:18:e0:e3:f8:bf:dd:97:92:42:60:d6:65:
         9f:a7:30:22:df:47:75:00:d6:bb:d9:cb:95:97:a6:44:a1:6d:
         85:32:aa:df:79:c9:e4:89:60:1e:d7:c2:09:53:1d:f7:c6:ab:
         d5:8e:f8:ec:87:8a:c7:66:cf:0a:25:a5:c7:a0:75:77:28:e6:
         19:c2:8a:2b:f6:f7:68:48:76:ed:3d:ad:62:fd:af:bc:3e:6f:
         ee:49:4e:79:b2:80:d1:0a:df:d1:b1:3a:b2:80:8d:0c:33:37:
         20:da:64:a8:c4:7b:6f:d9:16:62:fa:93:57:6d:8c:a4:d4:15:
         eb:b6:50:ec:34:70:75:5e:eb:52:61:ee:75:80:49:f3:ab:1a:
         57:74:96:00:8c:47:b8:26:ee:4e:78:89:0b:43:18:0c:b3:70:
         7a:be:44:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rqEGy0G20FB9PYogxVAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjYwMzI5MTMwMDM4WhcNMjYwMzMwMTMwMDM4WjAzMTEwLwYDVQQD
EyhkNDE5OWIwNWMyMGUyYzFlNmY4Mzc1OGRmMDhjOTZjNjQ4MmVlNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw46DXCHHN/9mHUJoK3RF69kes1GX
2IqYZ7ffAeqyiviIe8nY9V83LnY6kY7Hluguj55qFF2Pmb4fJz71vRYRDhXX8XCl
dyBNBX0sHeyyWETxOKzwYIUIetvB5alnWGgHpXLrH6gdKuXV51t8Srqab0WQvs9s
qviTf46A8NGBgn+deSeXZUJM3mZl0xdtpWr/gF5dYcOGsVqOZhElxWzY/5f6vBfg
/XjX4kDDDA7TbtPyDoBzpmLgIBdJ30W6vPZDCs/kvRUMu9r9vwTtNS8E7njUFo2I
gtlR5k/9KuflBi5hxUNGSeOz7MbsQxAC5a5LpltzobCp9Gp9k9LoAPSdbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQZmwXCDiweb4N1jfCMlsZILuX4MB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAezd1FMr6
RFhqYaQkzzR2vnP6N7AY9Z0LE7MCm6meuYw0etLFd7y7d1lKJWjQhPpBEYY0hEdM
CSego2hMOYkmsLjern/LmVNkr88vaJ1rdn9LG+PQMPmV0Rz3ZHPdm/coGODj+L/d
l5JCYNZln6cwIt9HdQDWu9nLlZemRKFthTKq33nJ5IlgHtfCCVMd98ar1Y747IeK
x2bPCiWlx6B1dyjmGcKKK/b3aEh27T2tYv2vvD5v7klOebKA0Qrf0bE6soCNDDM3
INpkqMR7b9kWYvqTV22MpNQV67ZQ7DRwdV7rUmHudYBJ86saV3SWAIxHuCbuTniJ
C0MYDLNwer5Eqg==
-----END CERTIFICATE-----