Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
File:                     UNorr8N6OYjdKUyROuUiDgONuWQ.mft (raw, json)
Hash identifier:          I+tN0lK11eCDeswYQCsIV2yp0Xf18FAMAW5azpADbiE=
Subject key identifier:   C8:C3:16:90:67:2C:0B:8C:B6:43:62:6F:A2:77:E6:96:13:F9:9A:08
Authority key identifier: 50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64
Certificate issuer:       /CN=50da2bafc37a3988dd294c913ae5220e038db964
Certificate serial:       019D39AF3ED429811D9BA28232DC283B7FDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
Manifest number:          17DC
Signing time:             Sun 29 Mar 2026 13:01:19 +0000
Manifest this update:     Sun 29 Mar 2026 13:01:19 +0000
Manifest next update:     Mon 30 Mar 2026 13:01:19 +0000
Files and hashes:         1: UNorr8N6OYjdKUyROuUiDgONuWQ.crl (hash: VT9f9q8QeS1O0x8+9Su8fnl+hKOGjim4sYeF/vk7XEs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:af:3e:d4:29:81:1d:9b:a2:82:32:dc:28:3b:7f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=50da2bafc37a3988dd294c913ae5220e038db964
        Validity
            Not Before: Mar 29 13:01:19 2026 GMT
            Not After : Mar 30 13:01:19 2026 GMT
        Subject: CN=c8c31690672c0b8cb643626fa277e69613f99a08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:fc:4a:55:3e:47:83:3e:3d:7b:ff:63:17:66:
                    95:37:d6:a4:60:e0:35:1c:8d:f4:6b:cc:bd:6a:b9:
                    f6:78:b6:4b:f7:f3:c8:15:91:c9:fd:31:f7:90:21:
                    c1:24:4f:b4:13:d7:c9:0f:98:f2:60:dd:8e:49:63:
                    10:38:24:61:98:8a:e9:be:ab:b9:3b:0e:c2:cd:74:
                    32:47:6e:f0:5c:b5:9c:b5:5b:4f:d5:86:c2:3b:93:
                    1d:9b:c8:31:a9:d7:a2:15:1f:57:70:1b:5a:d5:4c:
                    a7:6d:a3:d5:b7:74:92:85:2e:a3:32:50:06:cf:e8:
                    dc:b9:24:46:b2:05:0e:01:8b:10:27:18:47:2f:c4:
                    99:87:32:5f:12:eb:ae:ca:a6:21:3c:69:8b:13:1c:
                    fc:ae:12:88:69:6e:57:db:85:3a:c2:c5:af:7d:9a:
                    1a:e8:31:1f:23:a3:1a:e6:1b:f1:98:5e:31:c2:90:
                    a3:30:c0:eb:75:df:ef:09:1e:5a:d3:f3:40:fa:23:
                    84:ae:15:a0:8d:e4:f9:9b:76:c2:5e:28:f2:8f:f1:
                    fc:80:cb:03:c3:3f:2e:b1:f8:b3:d0:89:a3:a5:67:
                    32:52:d7:c3:57:95:ab:02:2f:05:4c:3c:21:b9:33:
                    39:d0:c2:b8:38:be:97:07:2b:11:bf:eb:c5:7b:78:
                    f9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:C3:16:90:67:2C:0B:8C:B6:43:62:6F:A2:77:E6:96:13:F9:9A:08
            X509v3 Authority Key Identifier:
                keyid:50:DA:2B:AF:C3:7A:39:88:DD:29:4C:91:3A:E5:22:0E:03:8D:B9:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNorr8N6OYjdKUyROuUiDgONuWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/16453d-28d0-46dd-8577-bdd57751c673/1/UNorr8N6OYjdKUyROuUiDgONuWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:28:9d:b6:a3:4a:1f:2f:a1:b6:3c:b9:f3:7d:3d:7a:d4:32:
         58:6f:99:2d:0a:64:30:fb:f4:c2:17:eb:1b:47:3c:2f:cb:4e:
         f9:bb:76:9b:59:28:e6:df:ac:d2:16:e0:30:47:fe:c1:9f:a1:
         c9:0d:a9:55:ba:88:f6:03:73:e1:eb:87:d5:0a:b2:fa:39:cf:
         38:96:b6:96:42:55:a1:41:3a:b2:88:81:c6:29:74:1c:49:e4:
         ce:c5:e7:e6:f5:aa:97:af:63:b7:08:97:06:59:14:f4:b8:af:
         80:f3:18:5c:b8:8c:39:e2:0e:cc:7e:6f:42:a4:75:10:6f:19:
         a6:f9:98:80:21:04:05:65:d6:57:c3:d5:82:20:ea:1d:fa:1b:
         66:eb:2e:38:69:cc:35:bd:e8:04:ef:4d:41:e2:47:39:1e:17:
         63:2a:ff:8a:b0:9b:49:4e:b9:2f:23:36:26:6e:c7:ca:40:7d:
         53:26:39:39:16:5e:80:f0:8b:ec:91:8e:36:d9:1c:d1:5c:3f:
         fc:b5:61:a4:99:1c:54:d9:b9:d6:f8:22:31:8e:9a:85:44:af:
         a3:55:52:7f:1b:9f:3f:25:37:e0:15:59:1b:48:b2:c3:b9:dc:
         e9:50:ec:a7:99:34:66:d2:3a:b5:ef:e2:34:b2:20:c1:75:9c:
         37:df:eb:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rz7UKYEdm6KCMtwoO3/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZGEyYmFmYzM3YTM5ODhkZDI5NGM5MTNhZTUyMjBlMDM4
ZGI5NjQwHhcNMjYwMzI5MTMwMTE5WhcNMjYwMzMwMTMwMTE5WjAzMTEwLwYDVQQD
EyhjOGMzMTY5MDY3MmMwYjhjYjY0MzYyNmZhMjc3ZTY5NjEzZjk5YTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/xKVT5Hgz49e/9jF2aVN9akYOA1
HI30a8y9arn2eLZL9/PIFZHJ/TH3kCHBJE+0E9fJD5jyYN2OSWMQOCRhmIrpvqu5
Ow7CzXQyR27wXLWctVtP1YbCO5Mdm8gxqdeiFR9XcBta1UynbaPVt3SShS6jMlAG
z+jcuSRGsgUOAYsQJxhHL8SZhzJfEuuuyqYhPGmLExz8rhKIaW5X24U6wsWvfZoa
6DEfI6Ma5hvxmF4xwpCjMMDrdd/vCR5a0/NA+iOErhWgjeT5m3bCXijyj/H8gMsD
wz8usfiz0ImjpWcyUtfDV5WrAi8FTDwhuTM50MK4OL6XBysRv+vFe3j50QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjDFpBnLAuMtkNib6J35pYT+ZoIMB8GA1UdIwQY
MBaAFFDaK6/DejmI3SlMkTrlIg4DjblkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1Nzct
YmRkNTc3NTFjNjczLzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xNjQ1M2QtMjhkMC00NmRkLTg1NzctYmRkNTc3NTFjNjcz
LzEvVU5vcnI4TjZPWWpkS1V5Uk91VWlEZ09OdVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMCidtqNK
Hy+htjy58309etQyWG+ZLQpkMPv0whfrG0c8L8tO+bt2m1ko5t+s0hbgMEf+wZ+h
yQ2pVbqI9gNz4euH1Qqy+jnPOJa2lkJVoUE6soiBxil0HEnkzsXn5vWql69jtwiX
BlkU9LivgPMYXLiMOeIOzH5vQqR1EG8ZpvmYgCEEBWXWV8PVgiDqHfobZusuOGnM
Nb3oBO9NQeJHOR4XYyr/irCbSU65LyM2Jm7HykB9UyY5ORZegPCL7JGONtkc0Vw/
/LVhpJkcVNm51vgiMY6ahUSvo1VSfxufPyU34BVZG0iyw7nc6VDsp5k0ZtI6te/i
NLIgwXWcN9/rzg==
-----END CERTIFICATE-----