Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          PTPZgSHgnPq52LoiU4aB3DGiInk3iDlMoRVoUt5oGUM=
Subject key identifier:   5F:D6:73:C3:1A:85:4D:C3:04:F6:F4:15:21:A8:41:33:12:25:35:AD
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019D37523A956E1F3EDA33A80747CF4F1DF3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          078B
Signing time:             Sun 29 Mar 2026 02:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:28 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: 07cjKbjheib5cGX3emtFrfysCubV02zL9HIJwEkC5vk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:3a:95:6e:1f:3e:da:33:a8:07:47:cf:4f:1d:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Mar 29 02:00:28 2026 GMT
            Not After : Mar 30 02:00:28 2026 GMT
        Subject: CN=5fd673c31a854dc304f6f41521a84133122535ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e9:e0:d6:66:b3:50:be:6f:cf:42:23:6b:34:
                    2b:7d:66:0e:38:0e:aa:bd:a4:4a:c5:0b:b2:b0:76:
                    81:c3:f8:5d:a5:d5:d7:07:cc:31:e2:4f:30:7c:37:
                    25:0c:c5:ce:be:92:bb:98:09:5e:20:87:6a:33:8e:
                    9a:56:ab:d0:18:30:42:4d:ef:ff:60:88:31:eb:c4:
                    40:87:00:df:0c:fb:90:70:45:df:d0:55:74:34:b9:
                    9b:ed:14:01:29:af:9e:36:5e:d1:ff:09:9e:c5:99:
                    38:41:31:dd:9a:bb:cc:01:1e:ea:89:f1:aa:05:7f:
                    0f:bb:97:b1:29:e2:c4:fe:43:10:c6:f6:ef:cd:7d:
                    40:e1:2e:56:81:cb:c5:84:3a:b2:0f:9f:ca:b9:4d:
                    66:0a:66:40:c2:bc:9f:e3:ba:80:2c:5f:5a:1b:59:
                    b9:4b:ba:ce:72:14:6e:0a:a1:5c:42:f2:b8:42:0b:
                    e8:77:a5:c5:76:41:31:c6:ff:70:5d:c1:76:f7:4d:
                    88:90:58:4f:5c:e4:1e:0c:e2:3a:e1:78:c0:85:51:
                    a8:b6:29:23:38:1a:12:be:53:9e:3e:c8:19:74:56:
                    e8:e7:7b:36:c2:3b:40:25:8c:03:60:c3:7f:b5:18:
                    e0:5b:5e:24:f4:e2:e6:db:27:60:b0:e9:a1:f2:12:
                    ce:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:D6:73:C3:1A:85:4D:C3:04:F6:F4:15:21:A8:41:33:12:25:35:AD
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:65:19:90:41:66:9b:31:0e:3e:e7:f7:38:80:01:29:48:7d:
         c1:69:7a:89:0b:ba:8c:0b:33:2d:5e:4f:84:c4:77:19:be:ca:
         ce:32:88:8e:d7:d5:b2:fc:5a:c4:d6:ac:60:b9:82:2e:48:21:
         ed:f9:76:83:49:32:b7:95:e3:7e:4c:6b:c2:59:da:fb:5c:15:
         46:fb:0b:cc:2f:9f:ae:92:09:f6:28:59:af:4d:9c:29:9d:63:
         7c:9c:a3:85:cb:b8:6d:88:fc:1f:e1:44:14:8d:4c:d0:0a:cd:
         a0:6b:86:6a:7c:ea:c9:ad:36:33:b6:7b:39:01:63:65:12:c9:
         77:33:d1:a9:e6:82:e7:31:81:85:0c:0f:0d:b6:da:00:0b:4e:
         cb:78:b9:eb:1e:13:ab:5e:ee:bf:61:bd:69:12:30:ef:f9:b2:
         62:ce:be:c6:9e:32:b3:2a:0e:82:6f:04:0c:b4:fd:f0:79:9f:
         fd:09:5e:f7:29:27:e8:dd:11:95:9f:18:af:a0:82:f2:4a:64:
         53:bc:86:59:f1:bf:38:ad:78:d0:e9:68:e6:72:79:ae:87:e4:
         2c:60:3b:fb:51:e1:e8:35:28:79:16:9f:b2:f5:be:d7:22:7e:
         c0:7f:45:73:e1:5a:f3:6f:72:a3:42:41:ab:9e:dc:30:8c:24:
         62:b8:dc:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UjqVbh8+2jOoB0fPTx3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjYwMzI5MDIwMDI4WhcNMjYwMzMwMDIwMDI4WjAzMTEwLwYDVQQD
Eyg1ZmQ2NzNjMzFhODU0ZGMzMDRmNmY0MTUyMWE4NDEzMzEyMjUzNWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeng1mazUL5vz0IjazQrfWYOOA6q
vaRKxQuysHaBw/hdpdXXB8wx4k8wfDclDMXOvpK7mAleIIdqM46aVqvQGDBCTe//
YIgx68RAhwDfDPuQcEXf0FV0NLmb7RQBKa+eNl7R/wmexZk4QTHdmrvMAR7qifGq
BX8Pu5exKeLE/kMQxvbvzX1A4S5WgcvFhDqyD5/KuU1mCmZAwryf47qALF9aG1m5
S7rOchRuCqFcQvK4Qgvod6XFdkExxv9wXcF2902IkFhPXOQeDOI64XjAhVGotikj
OBoSvlOePsgZdFbo53s2wjtAJYwDYMN/tRjgW14k9OLm2ydgsOmh8hLOPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/Wc8MahU3DBPb0FSGoQTMSJTWtMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdWUZkEFm
mzEOPuf3OIABKUh9wWl6iQu6jAszLV5PhMR3Gb7KzjKIjtfVsvxaxNasYLmCLkgh
7fl2g0kyt5Xjfkxrwlna+1wVRvsLzC+frpIJ9ihZr02cKZ1jfJyjhcu4bYj8H+FE
FI1M0ArNoGuGanzqya02M7Z7OQFjZRLJdzPRqeaC5zGBhQwPDbbaAAtOy3i56x4T
q17uv2G9aRIw7/myYs6+xp4ysyoOgm8EDLT98Hmf/Qle9ykn6N0RlZ8Yr6CC8kpk
U7yGWfG/OK140Olo5nJ5rofkLGA7+1Hh6DUoeRafsvW+1yJ+wH9Fc+Fa829yo0JB
q57cMIwkYrjczw==
-----END CERTIFICATE-----