Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
File:                     dtAtj564761YOO-TGIVJb8-vHGE.mft (raw, json)
Hash identifier:          LVSSWpQkG4no6DMQW+F19C/UEqCzmRMThaDnrcF13UI=
Subject key identifier:   D7:FC:72:70:71:F7:85:A4:52:5E:D0:FC:D7:E4:8E:A5:D8:37:2A:C8
Authority key identifier: 76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61
Certificate issuer:       /CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
Certificate serial:       019D38668D54E1D4C410078BC23D8365B385
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:02:18 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:18 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:18 +0000
Files and hashes:         1: dtAtj564761YOO-TGIVJb8-vHGE.crl (hash: 0aSSMNBCcIqqP7Rqpsy9jj5mpAv32U1DD0uWGHbsSCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:8d:54:e1:d4:c4:10:07:8b:c2:3d:83:65:b3:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76d02d8f9eb8efad5838ef931885496fcfaf1c61
        Validity
            Not Before: Mar 29 07:02:18 2026 GMT
            Not After : Mar 30 07:02:18 2026 GMT
        Subject: CN=d7fc727071f785a4525ed0fcd7e48ea5d8372ac8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b5:a0:0b:a5:a3:00:6f:de:50:53:c4:b5:04:
                    50:de:d5:7f:db:5f:ad:4b:41:9c:eb:88:e6:f4:fa:
                    81:47:80:36:31:5c:36:55:06:0b:65:c8:47:e1:e9:
                    20:45:26:a0:46:d7:cd:51:33:69:d1:89:4e:30:5b:
                    5d:df:42:29:a0:57:48:d9:be:7f:87:97:74:7d:e8:
                    d2:e8:c4:b1:be:02:0b:78:bd:20:28:4c:ae:5d:50:
                    8d:00:b5:e0:6f:18:e2:43:2d:ae:c3:e8:c4:47:16:
                    94:72:7e:c2:5e:df:0e:70:a6:21:37:bd:6d:2b:31:
                    fb:2e:36:eb:54:ff:c7:eb:72:4f:82:b3:76:d1:76:
                    50:d1:3c:51:b3:11:a3:8b:9f:49:e7:0a:69:e4:8a:
                    0e:11:5d:22:81:2b:e0:52:58:02:d7:bf:2c:ee:73:
                    c5:67:ec:77:29:e2:19:77:13:3f:6a:d6:b2:89:b0:
                    72:a3:3c:bc:60:e4:9b:c4:71:e1:20:c3:81:35:a9:
                    ca:64:e2:4c:a4:9a:38:69:04:3f:6f:82:84:62:6e:
                    ac:1d:5f:ee:24:02:fc:bc:94:65:30:77:0f:d5:58:
                    ed:df:67:04:ee:f1:4f:df:d5:71:dc:f6:00:2f:c3:
                    82:d2:90:29:ca:18:c8:73:d9:3f:31:b3:e0:07:a5:
                    4d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:FC:72:70:71:F7:85:A4:52:5E:D0:FC:D7:E4:8E:A5:D8:37:2A:C8
            X509v3 Authority Key Identifier:
                keyid:76:D0:2D:8F:9E:B8:EF:AD:58:38:EF:93:18:85:49:6F:CF:AF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dtAtj564761YOO-TGIVJb8-vHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/232763-26f8-441b-96b8-05161ff71d80/1/dtAtj564761YOO-TGIVJb8-vHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:a1:d7:49:cb:82:e3:b8:86:95:81:3b:58:a7:77:2b:b5:4a:
         aa:5e:4f:b2:a8:68:35:f1:6b:a6:82:86:4e:76:d5:d8:a9:4e:
         03:57:17:0f:de:54:72:43:06:f8:f2:b6:d2:5a:4c:bc:fb:f2:
         98:3a:6b:b7:bc:13:d5:5a:91:b5:c5:64:bf:3e:7d:e8:1a:0c:
         ec:75:98:30:98:5c:48:24:d2:da:d2:53:ec:1c:db:c7:98:8c:
         b1:b7:c4:b4:1b:7b:f1:32:12:c1:df:8d:af:7a:5b:d5:a9:01:
         a3:5c:ea:2f:06:20:94:23:dc:d8:71:2b:04:9a:a3:3f:46:86:
         16:c7:d7:7a:ba:c5:e3:44:16:e0:93:35:31:6c:87:c6:69:8a:
         68:93:6e:57:45:19:d0:96:73:ec:db:26:86:5a:6a:36:60:bd:
         68:af:41:ed:40:b4:4d:71:75:50:07:5d:74:63:7f:e2:15:f0:
         14:d9:d9:1d:57:76:f0:b9:34:da:42:84:92:5d:0d:1e:46:c2:
         4d:7d:cb:e7:cb:b9:3d:05:4a:30:91:13:24:4b:60:9c:e7:cb:
         d8:74:f9:43:bd:72:04:e9:48:b5:ff:14:cb:b1:40:a4:72:ac:
         3d:a3:9a:a1:99:d0:b0:38:94:98:80:7a:da:67:d7:9f:6b:cc:
         f5:78:bb:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zo1U4dTEEAeLwj2DZbOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZDAyZDhmOWViOGVmYWQ1ODM4ZWY5MzE4ODU0OTZmY2Zh
ZjFjNjEwHhcNMjYwMzI5MDcwMjE4WhcNMjYwMzMwMDcwMjE4WjAzMTEwLwYDVQQD
EyhkN2ZjNzI3MDcxZjc4NWE0NTI1ZWQwZmNkN2U0OGVhNWQ4MzcyYWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorWgC6WjAG/eUFPEtQRQ3tV/21+t
S0Gc64jm9PqBR4A2MVw2VQYLZchH4ekgRSagRtfNUTNp0YlOMFtd30IpoFdI2b5/
h5d0fejS6MSxvgILeL0gKEyuXVCNALXgbxjiQy2uw+jERxaUcn7CXt8OcKYhN71t
KzH7LjbrVP/H63JPgrN20XZQ0TxRsxGji59J5wpp5IoOEV0igSvgUlgC178s7nPF
Z+x3KeIZdxM/atayibByozy8YOSbxHHhIMOBNanKZOJMpJo4aQQ/b4KEYm6sHV/u
JAL8vJRlMHcP1Vjt32cE7vFP39Vx3PYAL8OC0pApyhjIc9k/MbPgB6VN3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNf8cnBx94WkUl7Q/NfkjqXYNyrIMB8GA1UdIwQY
MBaAFHbQLY+euO+tWDjvkxiFSW/PrxxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2Yjgt
MDUxNjFmZjcxZDgwLzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8yMzI3NjMtMjZmOC00NDFiLTk2YjgtMDUxNjFmZjcxZDgw
LzEvZHRBdGo1NjQ3NjFZT08tVEdJVkpiOC12SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArKHXScuC
47iGlYE7WKd3K7VKql5PsqhoNfFrpoKGTnbV2KlOA1cXD95UckMG+PK20lpMvPvy
mDprt7wT1VqRtcVkvz596BoM7HWYMJhcSCTS2tJT7Bzbx5iMsbfEtBt78TISwd+N
r3pb1akBo1zqLwYglCPc2HErBJqjP0aGFsfXerrF40QW4JM1MWyHxmmKaJNuV0UZ
0JZz7NsmhlpqNmC9aK9B7UC0TXF1UAdddGN/4hXwFNnZHVd28Lk02kKEkl0NHkbC
TX3L58u5PQVKMJETJEtgnOfL2HT5Q71yBOlItf8Uy7FApHKsPaOaoZnQsDiUmIB6
2mfXn2vM9Xi77w==
-----END CERTIFICATE-----