Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
File:                     XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft (raw, json)
Hash identifier:          F+H0PSJiBJ+6S3R3gfxDefhc53Ht+ijd0iVqrMdkQ3U=
Subject key identifier:   A2:A9:E5:8E:3B:8B:1C:1D:7B:7E:0D:67:1F:D7:A9:78:CF:1B:32:C2
Authority key identifier: 5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B
Certificate issuer:       /CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
Certificate serial:       019D3865C5CB1484FDDDC27C292EF659A0B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:01:26 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:26 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:26 +0000
Files and hashes:         1: XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl (hash: UKn57LjVuyOFj1SqjIonOPHYFLeA/miIcOTkU0na+us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:c5:cb:14:84:fd:dd:c2:7c:29:2e:f6:59:a0:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c344a1ac0cbfc40c75a0cfc7bec96c7c35bd27b
        Validity
            Not Before: Mar 29 07:01:26 2026 GMT
            Not After : Mar 30 07:01:26 2026 GMT
        Subject: CN=a2a9e58e3b8b1c1d7b7e0d671fd7a978cf1b32c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4c:73:12:3e:fe:37:dc:a6:f6:e8:35:68:fa:
                    7e:c6:af:fd:66:99:bf:51:3d:34:ac:2c:da:99:60:
                    14:ef:dc:d0:8e:4a:95:dd:8c:f6:9a:d9:46:95:36:
                    d8:7b:3b:df:84:18:3a:00:7f:5b:9a:0d:24:54:2d:
                    66:59:83:e1:9e:4b:8b:20:3f:b0:5c:9c:26:b7:3a:
                    3f:68:1c:de:27:c4:43:dc:6b:2b:b4:b0:98:bf:73:
                    b0:ec:c7:55:52:5e:19:ed:c5:48:17:54:c5:27:da:
                    4c:11:d3:95:bb:3a:3c:ee:2e:38:7b:de:83:95:59:
                    44:9b:b2:ed:d5:b2:e8:d2:68:e1:fe:dc:72:bb:3d:
                    ac:76:e0:99:1c:3e:78:34:ac:c2:17:dc:bb:be:ba:
                    07:ec:95:75:90:18:93:58:48:1c:a6:41:dc:9a:ca:
                    65:1c:25:a7:9f:44:a3:29:cb:ba:88:39:a1:ab:82:
                    73:fe:18:0c:8b:46:4a:32:8b:02:04:7b:74:83:81:
                    27:48:07:87:ac:8a:97:4f:49:fb:89:1f:97:a4:bf:
                    41:ab:d6:ca:6d:b6:95:cd:05:08:f4:83:22:8d:2c:
                    15:bb:81:b3:97:21:91:1a:26:71:00:a2:a3:a2:66:
                    1f:1b:bb:7a:46:37:9c:ff:1e:78:88:b3:a8:07:85:
                    12:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A9:E5:8E:3B:8B:1C:1D:7B:7E:0D:67:1F:D7:A9:78:CF:1B:32:C2
            X509v3 Authority Key Identifier:
                keyid:5C:34:4A:1A:C0:CB:FC:40:C7:5A:0C:FC:7B:EC:96:C7:C3:5B:D2:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329ab8-b1d9-4f9f-a9c8-cd18510edcdf/1/XDRKGsDL_EDHWgz8e-yWx8Nb0ns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:a4:e8:a4:60:e6:20:41:36:6c:cf:b1:13:65:d5:a2:cd:37:
         9d:c3:ea:f6:46:dd:84:64:e1:bf:7c:0a:8f:2f:5e:2b:8b:d9:
         53:80:39:35:7c:d2:54:6b:ba:30:d8:14:3b:2b:bd:47:b9:5c:
         2d:96:96:c2:e9:e2:2b:a8:c9:c0:8f:7c:70:49:17:ae:b0:3a:
         38:62:10:b1:c2:66:bd:b5:d7:69:3f:44:7a:7a:05:1a:15:36:
         ee:82:9a:50:91:d2:4f:c2:75:38:3b:ed:34:f3:fd:8a:83:cb:
         3d:cf:4f:16:70:c4:fb:5b:8d:ab:93:b5:93:17:b2:cd:7f:40:
         ce:46:b8:d0:e0:f6:ca:14:91:29:6b:47:22:a3:79:d0:7e:4a:
         ea:ce:7e:43:aa:88:e6:6a:5d:8b:4d:92:09:15:20:7c:e0:58:
         5c:c5:e0:f3:a7:05:55:9d:3e:dc:65:cb:cb:3d:42:5f:2e:3a:
         35:46:89:b0:85:c8:af:d4:7e:fb:0a:af:f2:29:b6:2d:96:43:
         c9:1d:d3:18:92:cb:b2:5e:07:c1:f5:f5:56:46:ec:6c:2a:96:
         24:1a:c1:a9:8a:52:09:71:a7:19:58:3a:97:66:21:5b:3a:1f:
         64:23:ed:b2:d4:3e:45:f2:9b:9e:12:04:e6:9c:87:0a:cc:0f:
         85:cc:05:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZcXLFIT93cJ8KS72WaC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzQ0YTFhYzBjYmZjNDBjNzVhMGNmYzdiZWM5NmM3YzM1
YmQyN2IwHhcNMjYwMzI5MDcwMTI2WhcNMjYwMzMwMDcwMTI2WjAzMTEwLwYDVQQD
EyhhMmE5ZTU4ZTNiOGIxYzFkN2I3ZTBkNjcxZmQ3YTk3OGNmMWIzMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0xzEj7+N9ym9ug1aPp+xq/9Zpm/
UT00rCzamWAU79zQjkqV3Yz2mtlGlTbYezvfhBg6AH9bmg0kVC1mWYPhnkuLID+w
XJwmtzo/aBzeJ8RD3GsrtLCYv3Ow7MdVUl4Z7cVIF1TFJ9pMEdOVuzo87i44e96D
lVlEm7Lt1bLo0mjh/txyuz2sduCZHD54NKzCF9y7vroH7JV1kBiTWEgcpkHcmspl
HCWnn0SjKcu6iDmhq4Jz/hgMi0ZKMosCBHt0g4EnSAeHrIqXT0n7iR+XpL9Bq9bK
bbaVzQUI9IMijSwVu4GzlyGRGiZxAKKjomYfG7t6Rjec/x54iLOoB4USiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKp5Y47ixwde34NZx/XqXjPGzLCMB8GA1UdIwQY
MBaAFFw0ShrAy/xAx1oM/HvslsfDW9J7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5Yzgt
Y2QxODUxMGVkY2RmLzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlhYjgtYjFkOS00ZjlmLWE5YzgtY2QxODUxMGVkY2Rm
LzEvWERSS0dzRExfRURIV2d6OGUteVd4OE5iMG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZqTopGDm
IEE2bM+xE2XVos03ncPq9kbdhGThv3wKjy9eK4vZU4A5NXzSVGu6MNgUOyu9R7lc
LZaWwuniK6jJwI98cEkXrrA6OGIQscJmvbXXaT9EenoFGhU27oKaUJHST8J1ODvt
NPP9ioPLPc9PFnDE+1uNq5O1kxeyzX9Azka40OD2yhSRKWtHIqN50H5K6s5+Q6qI
5mpdi02SCRUgfOBYXMXg86cFVZ0+3GXLyz1CXy46NUaJsIXIr9R++wqv8im2LZZD
yR3TGJLLsl4HwfX1VkbsbCqWJBrBqYpSCXGnGVg6l2YhWzofZCPtstQ+RfKbnhIE
5pyHCswPhcwFlQ==
-----END CERTIFICATE-----