Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/9e9262-d957-4c2f-9076-6e89bc6d433b/1/YmJJH6XuZw3MLCvhaY436ZMXSSM.mft
File:                     YmJJH6XuZw3MLCvhaY436ZMXSSM.mft (raw, json)
Hash identifier:          SjiACOLSXKWtQZZpa2XZ3vZYbWl7pOdIkygoD4a/bvc=
Subject key identifier:   02:0A:80:13:5A:6A:71:66:07:A4:A9:17:3C:DA:2C:C6:0A:44:52:57
Authority key identifier: 62:62:49:1F:A5:EE:67:0D:CC:2C:2B:E1:69:8E:37:E9:93:17:49:23
Certificate issuer:       /CN=6262491fa5ee670dcc2c2be1698e37e993174923
Certificate serial:       019D371BC103EE13713E5327CFE55C124C68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YmJJH6XuZw3MLCvhaY436ZMXSSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/9e9262-d957-4c2f-9076-6e89bc6d433b/1/YmJJH6XuZw3MLCvhaY436ZMXSSM.mft
Manifest number:          0320
Signing time:             Sun 29 Mar 2026 01:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:58 +0000
Files and hashes:         1: YmJJH6XuZw3MLCvhaY436ZMXSSM.crl (hash: 0Kr3ue49DazYnWlZi4cEKa5LRLFJ30a9okZtPUMpmAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/9e9262-d957-4c2f-9076-6e89bc6d433b/1/YmJJH6XuZw3MLCvhaY436ZMXSSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/9e9262-d957-4c2f-9076-6e89bc6d433b/1/YmJJH6XuZw3MLCvhaY436ZMXSSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YmJJH6XuZw3MLCvhaY436ZMXSSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:c1:03:ee:13:71:3e:53:27:cf:e5:5c:12:4c:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6262491fa5ee670dcc2c2be1698e37e993174923
        Validity
            Not Before: Mar 29 01:00:58 2026 GMT
            Not After : Mar 30 01:00:58 2026 GMT
        Subject: CN=020a80135a6a716607a4a9173cda2cc60a445257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6a:e0:c4:41:3b:1e:a5:bc:35:df:17:c6:d5:
                    85:c1:11:3b:b4:75:d7:a0:df:0c:5a:01:20:e4:5c:
                    12:9d:95:94:1f:dd:36:f1:02:b0:dd:7d:23:9a:84:
                    29:1c:85:8c:b1:6e:50:38:1f:de:f1:76:17:97:9a:
                    5e:21:8b:79:92:fc:14:63:6d:68:83:b4:d6:2c:e2:
                    59:f4:1e:8b:a8:8b:1d:03:3f:c1:3a:ce:d9:1d:31:
                    7d:cc:f8:c8:9b:7a:99:3c:61:d6:b2:62:70:ae:40:
                    1e:56:fa:44:08:a2:5f:fd:f7:a6:a4:7b:29:e8:f7:
                    36:4c:99:40:2a:9d:57:db:85:36:ea:9b:22:46:3a:
                    41:83:17:79:25:4b:6e:db:bd:55:97:5c:93:80:8f:
                    a6:fe:96:59:30:3f:d7:0d:53:89:bd:30:b3:30:11:
                    4c:42:75:fc:60:87:96:a7:eb:f6:04:3e:a2:d6:86:
                    6b:b3:1f:2e:f4:37:8d:83:73:69:49:6c:5f:66:c9:
                    ce:38:5b:11:55:99:3a:11:c4:69:84:1d:80:3c:71:
                    f4:4c:01:6a:82:7a:50:b5:7b:77:82:d4:e3:c4:5b:
                    ad:28:6f:e3:b6:bc:86:67:6e:0e:80:67:b3:49:80:
                    c0:59:b9:d5:ed:dd:4d:63:60:93:b7:23:92:93:d6:
                    7c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:0A:80:13:5A:6A:71:66:07:A4:A9:17:3C:DA:2C:C6:0A:44:52:57
            X509v3 Authority Key Identifier:
                keyid:62:62:49:1F:A5:EE:67:0D:CC:2C:2B:E1:69:8E:37:E9:93:17:49:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YmJJH6XuZw3MLCvhaY436ZMXSSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/9e9262-d957-4c2f-9076-6e89bc6d433b/1/YmJJH6XuZw3MLCvhaY436ZMXSSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/9e9262-d957-4c2f-9076-6e89bc6d433b/1/YmJJH6XuZw3MLCvhaY436ZMXSSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:d8:31:0f:79:92:89:57:cb:07:11:86:7e:8c:af:0b:58:77:
         20:8b:cb:b6:cc:1b:e7:1b:1a:32:4f:09:37:fc:1f:83:27:f0:
         c2:58:91:16:f9:ee:10:11:36:36:a9:51:32:b2:6f:35:47:f6:
         d3:41:e7:17:35:b8:ac:45:d8:65:cd:cd:be:af:4e:dd:30:cf:
         76:19:24:8a:e4:6d:e5:14:da:14:ae:81:3b:d9:de:66:53:47:
         d1:1e:ae:9c:b7:54:4d:7f:de:29:d1:f7:92:1d:55:ee:da:4a:
         83:8a:2c:13:bc:60:a6:62:b6:4c:f9:cc:2e:51:bc:bd:c8:88:
         2a:db:93:f9:09:81:14:e7:c8:c8:77:d1:bb:29:00:18:7b:de:
         32:3b:bc:9f:f6:98:07:1f:80:eb:e1:77:01:74:86:65:cf:d5:
         84:26:a4:eb:d5:ff:1f:4b:e0:bf:8d:f0:55:34:0c:e1:17:48:
         a9:24:3e:89:74:5e:84:84:64:60:60:69:b0:eb:c5:1c:e0:62:
         45:35:d5:9a:b2:f1:83:96:5e:f5:a6:da:a2:50:5e:65:1b:cc:
         01:44:c7:11:35:d2:3b:4e:21:58:af:5e:aa:c8:69:4a:55:df:
         89:be:bd:f9:b1:2a:be:25:61:da:03:22:55:97:3c:18:2d:84:
         a5:d3:b5:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G8ED7hNxPlMnz+VcEkxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNjI0OTFmYTVlZTY3MGRjYzJjMmJlMTY5OGUzN2U5OTMx
NzQ5MjMwHhcNMjYwMzI5MDEwMDU4WhcNMjYwMzMwMDEwMDU4WjAzMTEwLwYDVQQD
EygwMjBhODAxMzVhNmE3MTY2MDdhNGE5MTczY2RhMmNjNjBhNDQ1MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2rgxEE7HqW8Nd8XxtWFwRE7tHXX
oN8MWgEg5FwSnZWUH9028QKw3X0jmoQpHIWMsW5QOB/e8XYXl5peIYt5kvwUY21o
g7TWLOJZ9B6LqIsdAz/BOs7ZHTF9zPjIm3qZPGHWsmJwrkAeVvpECKJf/fempHsp
6Pc2TJlAKp1X24U26psiRjpBgxd5JUtu271Vl1yTgI+m/pZZMD/XDVOJvTCzMBFM
QnX8YIeWp+v2BD6i1oZrsx8u9DeNg3NpSWxfZsnOOFsRVZk6EcRphB2APHH0TAFq
gnpQtXt3gtTjxFutKG/jtryGZ24OgGezSYDAWbnV7d1NY2CTtyOSk9Z81QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIKgBNaanFmB6SpFzzaLMYKRFJXMB8GA1UdIwQY
MBaAFGJiSR+l7mcNzCwr4WmON+mTF0kjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1KSkg2WHVadzNNTEN2aGFZNDM2Wk1YU1NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC85ZTkyNjItZDk1Ny00YzJmLTkwNzYt
NmU4OWJjNmQ0MzNiLzEvWW1KSkg2WHVadzNNTEN2aGFZNDM2Wk1YU1NNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC85ZTkyNjItZDk1Ny00YzJmLTkwNzYtNmU4OWJjNmQ0MzNi
LzEvWW1KSkg2WHVadzNNTEN2aGFZNDM2Wk1YU1NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAItgxD3mS
iVfLBxGGfoyvC1h3IIvLtswb5xsaMk8JN/wfgyfwwliRFvnuEBE2NqlRMrJvNUf2
00HnFzW4rEXYZc3Nvq9O3TDPdhkkiuRt5RTaFK6BO9neZlNH0R6unLdUTX/eKdH3
kh1V7tpKg4osE7xgpmK2TPnMLlG8vciIKtuT+QmBFOfIyHfRuykAGHveMju8n/aY
Bx+A6+F3AXSGZc/VhCak69X/H0vgv43wVTQM4RdIqSQ+iXRehIRkYGBpsOvFHOBi
RTXVmrLxg5Ze9abaolBeZRvMAUTHETXSO04hWK9eqshpSlXfib69+bEqviVh2gMi
VZc8GC2EpdO12g==
-----END CERTIFICATE-----