Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
File:                     gbv0m8K-YG6m9Ivb-WJX3natfMA.mft (raw, json)
Hash identifier:          WWYyqka11JL/iny1H6xKw40V00hFw0fGNidU5xjJeA0=
Subject key identifier:   55:69:D0:DE:B1:9E:BB:AD:4D:EE:A2:3D:28:A7:41:05:1E:A6:4C:9C
Authority key identifier: 81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0
Certificate issuer:       /CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
Certificate serial:       019D386632E0E06463B1E94E8DAEE19383C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:54 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:54 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:54 +0000
Files and hashes:         1: gbv0m8K-YG6m9Ivb-WJX3natfMA.crl (hash: 4r3dUsZfiP8tWC5ifnzIgbVu9UjIvatREmbRAm09Fqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:32:e0:e0:64:63:b1:e9:4e:8d:ae:e1:93:83:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=81bbf49bc2be606ea6f48bdbf96257de76ad7cc0
        Validity
            Not Before: Mar 29 07:01:54 2026 GMT
            Not After : Mar 30 07:01:54 2026 GMT
        Subject: CN=5569d0deb19ebbad4deea23d28a741051ea64c9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:82:be:b2:e4:88:f3:e8:d0:f1:62:f8:11:43:
                    4f:14:ff:a3:4c:10:34:db:b1:e5:2d:16:ab:da:a1:
                    8c:7a:0f:42:76:50:3a:0f:2d:79:27:21:56:ca:7d:
                    93:39:e7:de:8c:7f:ad:e5:11:17:4d:a5:56:93:25:
                    6a:d1:20:91:17:37:75:cf:8f:54:7f:2a:4d:91:8e:
                    e1:20:58:7c:58:ca:1b:18:d3:2d:99:b7:b5:d1:ec:
                    db:99:2a:03:65:8b:14:8f:61:2c:c3:48:41:c1:1b:
                    f0:b0:06:bb:39:d7:20:d5:73:c4:59:d0:ad:9e:eb:
                    d3:c4:77:74:8d:c9:4c:e0:85:b9:94:c2:10:fa:88:
                    91:7d:7e:2a:c3:db:73:1b:9a:7a:79:52:43:3b:8a:
                    17:5d:7c:db:f0:e9:69:0b:bd:d1:2d:f6:aa:e7:e0:
                    32:8a:c9:6b:18:74:89:9a:94:1e:71:a7:1f:0c:5c:
                    ee:fc:e1:c4:85:3d:0f:9b:35:e5:b4:2d:0f:01:a3:
                    35:2e:79:10:3f:03:86:73:71:04:3d:d3:7b:c8:b8:
                    7a:64:6a:cb:90:bc:63:0b:be:29:5a:97:95:6e:1d:
                    c7:1e:8a:e2:f6:20:15:2a:52:3b:01:4d:eb:1f:dd:
                    07:cf:b7:31:f6:65:19:f0:2a:14:fc:7d:5d:83:b7:
                    30:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:69:D0:DE:B1:9E:BB:AD:4D:EE:A2:3D:28:A7:41:05:1E:A6:4C:9C
            X509v3 Authority Key Identifier:
                keyid:81:BB:F4:9B:C2:BE:60:6E:A6:F4:8B:DB:F9:62:57:DE:76:AD:7C:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gbv0m8K-YG6m9Ivb-WJX3natfMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/863eee-7714-4bc4-9268-41694202de68/1/gbv0m8K-YG6m9Ivb-WJX3natfMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:b1:31:84:92:8b:23:79:3f:d2:e0:f3:4f:77:83:4b:7e:01:
         14:a9:fb:c8:92:79:24:09:2f:9e:99:37:87:79:1c:29:e5:ee:
         7b:0c:c6:bf:70:22:46:3a:88:90:b5:38:bf:cb:21:4d:84:b9:
         ca:ea:2e:5f:ab:00:e1:d1:f1:cd:ac:5e:66:3e:a9:7b:2f:a9:
         7d:fe:b6:a0:d4:4d:b8:01:8f:f0:bc:29:91:1b:82:2e:6c:ce:
         bd:ee:69:e8:1a:26:4a:58:36:70:67:c6:30:a5:1f:f9:25:21:
         e1:dc:ba:95:cf:29:22:99:81:05:58:1e:42:97:29:80:3a:43:
         d9:90:87:fc:b3:01:34:63:b9:84:2c:28:5d:d2:f5:76:6c:f3:
         6e:55:bb:71:00:7c:a0:73:55:11:56:62:96:fc:2c:5f:e1:b0:
         ad:75:ff:60:86:3e:d5:18:32:92:17:c2:95:ff:22:4e:c3:f2:
         4f:06:4c:45:ed:64:2b:e6:0b:4a:39:34:7c:f7:9e:58:3d:cb:
         9e:b9:d7:8c:3e:ec:e2:cf:dc:c9:5a:43:00:31:a8:42:26:77:
         fd:5c:c0:80:38:c6:a5:f9:e5:a4:a4:76:7e:ed:d0:20:7a:de:
         8b:37:e0:f2:bc:07:ba:5d:bf:a1:c9:65:c0:ab:bd:e3:cc:e0:
         79:5b:66:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjLg4GRjselOja7hk4PCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYmJmNDliYzJiZTYwNmVhNmY0OGJkYmY5NjI1N2RlNzZh
ZDdjYzAwHhcNMjYwMzI5MDcwMTU0WhcNMjYwMzMwMDcwMTU0WjAzMTEwLwYDVQQD
Eyg1NTY5ZDBkZWIxOWViYmFkNGRlZWEyM2QyOGE3NDEwNTFlYTY0YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4K+suSI8+jQ8WL4EUNPFP+jTBA0
27HlLRar2qGMeg9CdlA6Dy15JyFWyn2TOefejH+t5REXTaVWkyVq0SCRFzd1z49U
fypNkY7hIFh8WMobGNMtmbe10ezbmSoDZYsUj2Esw0hBwRvwsAa7Odcg1XPEWdCt
nuvTxHd0jclM4IW5lMIQ+oiRfX4qw9tzG5p6eVJDO4oXXXzb8OlpC73RLfaq5+Ay
islrGHSJmpQecacfDFzu/OHEhT0PmzXltC0PAaM1LnkQPwOGc3EEPdN7yLh6ZGrL
kLxjC74pWpeVbh3HHori9iAVKlI7AU3rH90Hz7cx9mUZ8CoU/H1dg7cwkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFVp0N6xnrutTe6iPSinQQUepkycMB8GA1UdIwQY
MBaAFIG79JvCvmBupvSL2/liV952rXzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgt
NDE2OTQyMDJkZTY4LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS84NjNlZWUtNzcxNC00YmM0LTkyNjgtNDE2OTQyMDJkZTY4
LzEvZ2J2MG04Sy1ZRzZtOUl2Yi1XSlgzbmF0Zk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe7ExhJKL
I3k/0uDzT3eDS34BFKn7yJJ5JAkvnpk3h3kcKeXuewzGv3AiRjqIkLU4v8shTYS5
yuouX6sA4dHxzaxeZj6pey+pff62oNRNuAGP8LwpkRuCLmzOve5p6BomSlg2cGfG
MKUf+SUh4dy6lc8pIpmBBVgeQpcpgDpD2ZCH/LMBNGO5hCwoXdL1dmzzblW7cQB8
oHNVEVZilvwsX+GwrXX/YIY+1RgykhfClf8iTsPyTwZMRe1kK+YLSjk0fPeeWD3L
nrnXjD7s4s/cyVpDADGoQiZ3/VzAgDjGpfnlpKR2fu3QIHreizfg8rwHul2/ocll
wKu948zgeVtmSA==
-----END CERTIFICATE-----