Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
File:                     ya3PjO-lllmLJLm2q2UHDdkcp5w.mft (raw, json)
Hash identifier:          ZnQJ89IsfSjIw4AVD5I2tO2JlwnohW3r+fG8AnKp3gw=
Subject key identifier:   12:7A:D5:FC:AD:03:11:4F:C6:F2:BD:C8:D8:3F:DD:52:04:CD:4A:D4
Authority key identifier: C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
Certificate issuer:       /CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Certificate serial:       019D3865B97105217A69CFCC85EA99D627CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
Manifest number:          0936
Signing time:             Sun 29 Mar 2026 07:01:23 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:23 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:23 +0000
Files and hashes:         1: ya3PjO-lllmLJLm2q2UHDdkcp5w.crl (hash: 3vnS7pDrz6zS5AuizmnKvql6AM01VQwXClShzj8joKY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b9:71:05:21:7a:69:cf:cc:85:ea:99:d6:27:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
        Validity
            Not Before: Mar 29 07:01:23 2026 GMT
            Not After : Mar 30 07:01:23 2026 GMT
        Subject: CN=127ad5fcad03114fc6f2bdc8d83fdd5204cd4ad4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:1b:6e:03:0e:38:30:48:2e:a0:5e:c3:ca:2a:
                    66:75:f5:63:57:7d:c0:db:67:96:42:12:14:b8:55:
                    9f:80:78:d6:7d:f3:f1:11:24:c8:e9:cb:62:f7:76:
                    c8:ab:3b:1e:f9:49:27:9d:35:07:3c:25:da:8a:29:
                    c7:f1:9a:dc:dc:2a:48:c1:60:f3:59:88:92:70:7f:
                    c9:0e:30:f8:2f:93:22:0d:f1:f3:52:7a:2e:e3:27:
                    f4:5a:c4:b1:54:a8:e4:a1:ed:b1:5d:5a:34:ae:9c:
                    36:3f:2c:be:ba:5b:42:c9:14:7c:c6:41:0d:96:a3:
                    01:d4:3c:de:a2:fd:86:47:46:e1:4f:7b:00:74:06:
                    f6:28:e6:2a:6c:70:09:94:d4:dd:54:c2:2a:7c:b2:
                    82:09:2c:8b:37:32:ee:78:ab:f2:76:f6:4d:83:24:
                    c5:78:2f:06:75:c9:29:4f:16:83:15:d7:60:fe:c0:
                    99:05:79:9f:19:ee:5f:bb:d6:b1:9c:48:54:9d:75:
                    4a:cf:2a:d6:c9:84:55:9f:bf:c5:a1:c4:62:37:d1:
                    c6:1b:1e:09:7c:6a:64:37:8e:cf:39:d1:e0:b7:46:
                    6b:03:bf:2a:32:c4:79:02:d2:6f:f1:45:3d:97:bb:
                    93:02:db:e1:97:c5:99:03:90:27:d8:8d:99:7a:79:
                    2c:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:7A:D5:FC:AD:03:11:4F:C6:F2:BD:C8:D8:3F:DD:52:04:CD:4A:D4
            X509v3 Authority Key Identifier:
                keyid:C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:62:cd:e0:26:c3:96:b4:1a:41:00:a5:24:2f:3a:c0:8c:f8:
         73:ec:6b:15:50:32:0a:8f:2f:01:1b:d9:61:a6:61:39:14:75:
         a1:aa:64:2e:89:28:4d:40:4d:d6:80:07:4e:57:c1:0d:eb:c8:
         aa:eb:b9:b6:3e:c3:2f:24:aa:87:22:17:b0:af:b5:3c:16:62:
         6b:a7:0d:fb:08:6b:4b:3a:54:c8:d2:40:04:04:7e:49:1f:b0:
         f0:3a:34:28:68:a8:3e:31:f4:0d:a8:7e:8e:9c:4a:a7:93:bc:
         f3:ac:fe:46:d9:bc:24:64:93:b7:34:9b:f7:12:02:f9:5a:2f:
         b6:5f:2c:be:14:a9:62:79:65:c8:27:a2:ff:48:a6:bb:06:01:
         48:42:eb:f8:e0:22:38:a1:a7:e1:c8:61:b5:b5:b9:32:6c:c2:
         49:5d:d5:01:51:b1:ef:0d:91:10:75:11:0b:98:64:e9:87:40:
         e5:29:20:00:67:8e:26:9c:6f:e0:5b:51:89:3b:fa:b5:37:e6:
         4f:b2:ea:fe:67:5d:18:e0:81:53:f8:0d:2e:96:91:e4:43:8c:
         d2:ae:28:c1:be:8b:6d:ba:1d:4b:28:f1:c1:50:68:36:52:1f:
         d1:42:f1:e3:c0:6c:13:50:06:eb:12:f8:40:48:89:23:22:8b:
         d3:5e:b8:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZblxBSF6ac/MheqZ1ifKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWRjZjhjZWZhNTk2NTk4YjI0YjliNmFiNjUwNzBkZDkx
Y2E3OWMwHhcNMjYwMzI5MDcwMTIzWhcNMjYwMzMwMDcwMTIzWjAzMTEwLwYDVQQD
EygxMjdhZDVmY2FkMDMxMTRmYzZmMmJkYzhkODNmZGQ1MjA0Y2Q0YWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthtuAw44MEguoF7DyipmdfVjV33A
22eWQhIUuFWfgHjWffPxESTI6cti93bIqzse+UknnTUHPCXaiinH8Zrc3CpIwWDz
WYiScH/JDjD4L5MiDfHzUnou4yf0WsSxVKjkoe2xXVo0rpw2Pyy+ultCyRR8xkEN
lqMB1Dzeov2GR0bhT3sAdAb2KOYqbHAJlNTdVMIqfLKCCSyLNzLueKvydvZNgyTF
eC8GdckpTxaDFddg/sCZBXmfGe5fu9axnEhUnXVKzyrWyYRVn7/FocRiN9HGGx4J
fGpkN47POdHgt0ZrA78qMsR5AtJv8UU9l7uTAtvhl8WZA5An2I2ZenksRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJ61fytAxFPxvK9yNg/3VIEzUrUMB8GA1UdIwQY
MBaAFMmtz4zvpZZZiyS5tqtlBw3ZHKecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDct
YzU1MzcyZmFiMzM1LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDctYzU1MzcyZmFiMzM1
LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd2LN4CbD
lrQaQQClJC86wIz4c+xrFVAyCo8vARvZYaZhORR1oapkLokoTUBN1oAHTlfBDevI
quu5tj7DLySqhyIXsK+1PBZia6cN+whrSzpUyNJABAR+SR+w8Do0KGioPjH0Dah+
jpxKp5O886z+Rtm8JGSTtzSb9xIC+Vovtl8svhSpYnllyCei/0imuwYBSELr+OAi
OKGn4chhtbW5MmzCSV3VAVGx7w2REHURC5hk6YdA5SkgAGeOJpxv4FtRiTv6tTfm
T7Lq/mddGOCBU/gNLpaR5EOM0q4owb6LbbodSyjxwVBoNlIf0ULx48BsE1AG6xL4
QEiJIyKL0164cQ==
-----END CERTIFICATE-----