Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
File:                     aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json)
Hash identifier:          I17sC4+8y/TSw58uXcch4sNG96gqZ4mjryVhihx1JQM=
Subject key identifier:   0E:1F:C8:13:E4:AC:C7:C8:72:44:8E:3B:09:A7:47:D0:D8:9D:3C:86
Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62
Certificate issuer:       /CN=69a8e68d12ae293af2369043cd59a020dac24062
Certificate serial:       019D38D32C197B9B1EFD3BC3E159EB225EC9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
Manifest number:          0D81
Signing time:             Sun 29 Mar 2026 09:00:56 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:56 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:56 +0000
Files and hashes:         1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: /WIrv9IS/x9GfDJcQ359nIEXQo/BcfIXaEaTwg4EVT0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:2c:19:7b:9b:1e:fd:3b:c3:e1:59:eb:22:5e:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062
        Validity
            Not Before: Mar 29 09:00:56 2026 GMT
            Not After : Mar 30 09:00:56 2026 GMT
        Subject: CN=0e1fc813e4acc7c872448e3b09a747d0d89d3c86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:7a:dd:24:b0:65:b8:dd:ec:2e:62:7b:c9:43:
                    55:ee:0f:44:b9:3c:d4:49:b8:6d:34:2e:07:a0:3c:
                    d9:7e:5e:5d:9a:4d:fe:33:dc:09:df:b8:8d:92:fb:
                    65:d3:f3:31:f5:46:ed:90:30:14:34:3f:0f:3a:68:
                    ae:2b:86:97:3a:e8:8b:24:79:72:bc:a6:f0:01:fd:
                    ad:48:f7:d7:16:cb:f0:d3:96:cf:40:4f:09:7c:db:
                    71:ad:5c:c8:f1:22:e8:76:af:94:92:53:fa:37:e2:
                    ad:53:03:6f:a2:e8:b3:1f:80:2a:5a:57:7e:53:47:
                    ef:99:d1:26:fc:45:ce:da:a5:c3:24:4c:bd:92:55:
                    80:c7:33:ec:ce:64:d0:2d:5c:e3:fd:f9:1d:81:9b:
                    df:d8:62:71:f2:29:04:16:96:21:23:a4:10:f2:92:
                    53:90:c1:64:db:0a:69:58:cc:c4:77:a9:83:3b:d1:
                    09:ba:35:17:e2:2d:87:a0:59:98:76:05:e1:40:98:
                    e0:7a:d3:ad:9c:5c:89:9e:b8:56:b1:43:6f:0b:94:
                    b9:b2:04:2e:f4:46:d3:ca:15:2e:96:07:9d:a5:fa:
                    77:d1:9a:e7:b1:1a:29:b1:d9:10:e1:69:0d:fb:c8:
                    18:1d:d6:60:d9:b0:06:b5:d4:7c:5b:3d:cb:30:99:
                    db:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1F:C8:13:E4:AC:C7:C8:72:44:8E:3B:09:A7:47:D0:D8:9D:3C:86
            X509v3 Authority Key Identifier:
                keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ac:d9:36:bc:1b:26:a1:32:03:83:e6:de:37:25:93:95:0b:
         ac:d9:d9:c7:59:1d:b9:c8:4a:96:ec:07:2d:a6:36:dd:bb:ca:
         03:e4:ab:b2:e5:31:cf:38:ed:a6:1d:88:ad:0a:ae:0c:bc:c6:
         a7:5a:57:61:0c:b2:6f:34:31:9a:82:90:fa:ad:3e:66:35:bc:
         5c:57:7d:12:95:1f:00:4f:e4:a6:9c:9a:3a:ac:4a:0b:9f:f0:
         49:7e:ed:c1:35:3b:f6:4f:1e:96:7b:f7:32:8e:93:f8:05:d6:
         cf:44:aa:be:c5:e9:83:bb:dc:62:b8:0b:c7:5d:f7:c6:69:cd:
         78:33:8e:d0:6e:80:12:e4:6f:1c:cc:41:5a:a2:cb:58:46:4d:
         e2:7f:7b:86:56:b6:99:a8:10:74:f4:04:9c:00:0a:6e:50:dc:
         8c:6c:8d:db:1f:c9:bf:07:9a:51:9b:03:17:54:0d:ec:78:d9:
         c1:b8:6d:25:ea:2e:50:32:76:b7:cd:8f:11:8f:c0:6c:62:ab:
         67:70:f4:27:7c:ce:2e:fd:20:65:82:84:10:83:44:10:b3:ce:
         db:a2:5c:ab:77:31:db:f8:f7:f3:33:a2:68:5d:8b:b7:0b:7b:
         4f:a9:52:94:6d:06:30:24:87:88:5c:d4:8b:9e:fd:72:f1:dd:
         bc:c6:cd:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040ywZe5se/TvD4VnrIl7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj
MjQwNjIwHhcNMjYwMzI5MDkwMDU2WhcNMjYwMzMwMDkwMDU2WjAzMTEwLwYDVQQD
EygwZTFmYzgxM2U0YWNjN2M4NzI0NDhlM2IwOWE3NDdkMGQ4OWQzYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHrdJLBluN3sLmJ7yUNV7g9EuTzU
SbhtNC4HoDzZfl5dmk3+M9wJ37iNkvtl0/Mx9UbtkDAUND8POmiuK4aXOuiLJHly
vKbwAf2tSPfXFsvw05bPQE8JfNtxrVzI8SLodq+UklP6N+KtUwNvouizH4AqWld+
U0fvmdEm/EXO2qXDJEy9klWAxzPszmTQLVzj/fkdgZvf2GJx8ikEFpYhI6QQ8pJT
kMFk2wppWMzEd6mDO9EJujUX4i2HoFmYdgXhQJjgetOtnFyJnrhWsUNvC5S5sgQu
9EbTyhUulgedpfp30ZrnsRopsdkQ4WkN+8gYHdZg2bAGtdR8Wz3LMJnbgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4fyBPkrMfIckSOOwmnR9DYnTyGMB8GA1UdIwQY
MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt
Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj
LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMKzZNrwb
JqEyA4Pm3jclk5ULrNnZx1kduchKluwHLaY23bvKA+SrsuUxzzjtph2IrQquDLzG
p1pXYQyybzQxmoKQ+q0+ZjW8XFd9EpUfAE/kppyaOqxKC5/wSX7twTU79k8elnv3
Mo6T+AXWz0SqvsXpg7vcYrgLx133xmnNeDOO0G6AEuRvHMxBWqLLWEZN4n97hla2
magQdPQEnAAKblDcjGyN2x/JvweaUZsDF1QN7HjZwbhtJeouUDJ2t82PEY/AbGKr
Z3D0J3zOLv0gZYKEEINEELPO26Jcq3cx2/j38zOiaF2Ltwt7T6lSlG0GMCSHiFzU
i579cvHdvMbNZQ==
-----END CERTIFICATE-----