Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
File:                     USd7w4wS4ELt31bX519QVjxL0ic.mft (raw, json)
Hash identifier:          viJRShHF1t36oR+ZJHun0p1kD3nTWOZo6Tz/6DscCcA=
Subject key identifier:   91:AA:3E:55:62:84:B6:7C:A0:A3:FE:71:E3:A8:3B:68:5B:7E:30:66
Authority key identifier: 51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27
Certificate issuer:       /CN=51277bc38c12e042eddf56d7e75f50563c4bd227
Certificate serial:       019D3866032976944A4FDD73DD581D9BD331
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
Manifest number:          188B
Signing time:             Sun 29 Mar 2026 07:01:42 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:42 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:42 +0000
Files and hashes:         1: USd7w4wS4ELt31bX519QVjxL0ic.crl (hash: +JTWRaIzv3m9y7j/+MxrzUxRhVG/GBakMw7UU11zWt8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:03:29:76:94:4a:4f:dd:73:dd:58:1d:9b:d3:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51277bc38c12e042eddf56d7e75f50563c4bd227
        Validity
            Not Before: Mar 29 07:01:42 2026 GMT
            Not After : Mar 30 07:01:42 2026 GMT
        Subject: CN=91aa3e556284b67ca0a3fe71e3a83b685b7e3066
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:69:34:2c:c6:2b:54:fb:14:62:61:cc:2c:43:
                    2d:21:2d:01:7f:19:8a:02:61:a6:a0:3a:7e:86:ab:
                    3b:cb:1f:1d:d6:2a:15:0f:c6:76:2f:d9:6e:4e:0d:
                    78:cc:6e:3b:56:a3:76:21:e9:02:6b:8c:03:a4:45:
                    95:2b:29:1e:90:bc:a4:56:a6:82:96:9c:05:76:45:
                    5b:c3:85:48:15:c3:c5:cf:19:77:58:c5:48:5b:c1:
                    6b:12:34:c5:f9:db:a6:8e:1e:71:4e:ad:a4:2a:f1:
                    79:c0:a5:11:66:2c:c6:44:00:3e:2a:8b:55:3b:da:
                    3e:5e:8a:8b:31:b9:9b:c9:8b:a4:8b:70:97:8b:66:
                    dc:51:a7:5a:65:7f:00:47:82:84:3b:af:5b:a3:45:
                    a7:be:ec:39:52:13:ed:a9:a6:11:6c:ee:c9:eb:98:
                    90:52:f8:9e:e6:65:d0:88:53:6c:0f:80:5f:c7:87:
                    d0:f7:77:09:b9:ff:b2:65:3d:80:81:8b:a8:8a:fc:
                    f0:a7:5e:92:af:d2:08:09:fd:c0:b2:4e:56:c3:ec:
                    70:e8:58:ac:9e:8d:8f:0c:c6:f9:23:b7:df:ee:b8:
                    9d:c0:02:a0:20:e2:05:13:2b:30:45:78:4f:30:57:
                    19:ea:ef:ba:7d:16:b2:32:1f:64:ce:08:53:07:bb:
                    90:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:AA:3E:55:62:84:B6:7C:A0:A3:FE:71:E3:A8:3B:68:5B:7E:30:66
            X509v3 Authority Key Identifier:
                keyid:51:27:7B:C3:8C:12:E0:42:ED:DF:56:D7:E7:5F:50:56:3C:4B:D2:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USd7w4wS4ELt31bX519QVjxL0ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/3ba160-e945-4d56-b129-52c19758fa15/1/USd7w4wS4ELt31bX519QVjxL0ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:13:4b:3d:6d:c6:59:7c:aa:ec:3e:af:5f:31:d9:c1:9c:d6:
         59:86:35:40:50:bf:40:79:7b:8c:3f:76:5a:5f:e3:8b:2b:5c:
         30:db:73:c1:a8:91:e7:69:02:48:e1:4b:51:e8:89:14:67:fa:
         ad:f2:de:c5:44:6f:ad:a8:be:9b:ff:df:92:1c:c2:04:f0:bf:
         06:a5:04:23:0c:06:9f:45:ae:03:fb:9c:74:eb:7b:a0:89:9e:
         8f:b5:e9:2c:00:53:3d:db:e6:16:60:08:dd:e4:21:bb:f5:0f:
         9f:45:e0:f8:e8:c8:08:da:26:0f:2b:77:34:9f:63:ee:7d:87:
         d5:55:ad:ba:48:3a:e7:84:53:22:24:c2:7d:d7:c0:56:9f:02:
         0b:99:db:3e:e1:19:c1:0b:4d:81:ba:12:9d:81:b5:c5:bc:00:
         e7:23:c7:71:27:8f:19:7e:fc:0b:dc:17:b9:78:de:58:61:38:
         77:c6:2d:09:0b:8d:19:47:32:b9:af:69:4c:af:98:dc:75:b4:
         33:81:e4:c3:d7:a7:6c:60:ba:6c:18:d7:84:d6:3f:aa:29:bf:
         ee:a9:f8:74:f1:b8:fd:7e:0d:40:48:6c:f9:ff:80:a2:0a:c6:
         32:72:3b:28:13:a9:65:db:86:11:4d:fa:e7:fe:0e:ff:ba:7e:
         c0:2c:dc:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgMpdpRKT91z3Vgdm9MxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjc3YmMzOGMxMmUwNDJlZGRmNTZkN2U3NWY1MDU2M2M0
YmQyMjcwHhcNMjYwMzI5MDcwMTQyWhcNMjYwMzMwMDcwMTQyWjAzMTEwLwYDVQQD
Eyg5MWFhM2U1NTYyODRiNjdjYTBhM2ZlNzFlM2E4M2I2ODViN2UzMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2k0LMYrVPsUYmHMLEMtIS0BfxmK
AmGmoDp+hqs7yx8d1ioVD8Z2L9luTg14zG47VqN2IekCa4wDpEWVKykekLykVqaC
lpwFdkVbw4VIFcPFzxl3WMVIW8FrEjTF+dumjh5xTq2kKvF5wKURZizGRAA+KotV
O9o+XoqLMbmbyYuki3CXi2bcUadaZX8AR4KEO69bo0Wnvuw5UhPtqaYRbO7J65iQ
Uvie5mXQiFNsD4Bfx4fQ93cJuf+yZT2AgYuoivzwp16Sr9IICf3Ask5Ww+xw6Fis
no2PDMb5I7ff7ridwAKgIOIFEyswRXhPMFcZ6u+6fRayMh9kzghTB7uQNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJGqPlVihLZ8oKP+ceOoO2hbfjBmMB8GA1UdIwQY
MBaAFFEne8OMEuBC7d9W1+dfUFY8S9InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjkt
NTJjMTk3NThmYTE1LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zYmExNjAtZTk0NS00ZDU2LWIxMjktNTJjMTk3NThmYTE1
LzEvVVNkN3c0d1M0RUx0MzFiWDUxOVFWanhMMGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjBNLPW3G
WXyq7D6vXzHZwZzWWYY1QFC/QHl7jD92Wl/jiytcMNtzwaiR52kCSOFLUeiJFGf6
rfLexURvrai+m//fkhzCBPC/BqUEIwwGn0WuA/ucdOt7oImej7XpLABTPdvmFmAI
3eQhu/UPn0Xg+OjICNomDyt3NJ9j7n2H1VWtukg654RTIiTCfdfAVp8CC5nbPuEZ
wQtNgboSnYG1xbwA5yPHcSePGX78C9wXuXjeWGE4d8YtCQuNGUcyua9pTK+Y3HW0
M4Hkw9enbGC6bBjXhNY/qim/7qn4dPG4/X4NQEhs+f+AogrGMnI7KBOpZduGEU36
5/4O/7p+wCzcEw==
-----END CERTIFICATE-----