Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
File:                     j3phc572fsR6X9EOVvx6NNy3PHA.mft (raw, json)
Hash identifier:          OvPdAxXy/27ie3+IVHJthEn9WZRoi2J7Awv7VKeEK4c=
Subject key identifier:   59:30:1D:1B:66:E7:44:3C:5C:DF:55:16:22:FF:08:7E:81:88:AA:06
Authority key identifier: 8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70
Certificate issuer:       /CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
Certificate serial:       019D3AF831432961BF66FF6834142878B0D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
Manifest number:          10E3
Signing time:             Sun 29 Mar 2026 19:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 19:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 19:00:37 +0000
Files and hashes:         1: j3phc572fsR6X9EOVvx6NNy3PHA.crl (hash: PAbkbrmVuie7Vrcj2Y0Mbei+2HPHGa+ZVkT9/G8Nhtc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:f8:31:43:29:61:bf:66:ff:68:34:14:28:78:b0:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f7a61739ef67ec47a5fd10e56fc7a34dcb73c70
        Validity
            Not Before: Mar 29 19:00:37 2026 GMT
            Not After : Mar 30 19:00:37 2026 GMT
        Subject: CN=59301d1b66e7443c5cdf551622ff087e8188aa06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d2:f2:d3:22:bc:7b:5a:a6:05:97:59:f4:e2:
                    b1:c2:4d:45:37:83:33:81:00:ca:38:00:f2:8f:52:
                    d1:bc:dc:e8:41:3c:00:d5:20:bf:71:db:77:8e:9b:
                    ae:d2:b8:81:5e:fb:3f:e7:aa:f0:f3:5e:1a:1c:89:
                    f5:c3:0c:cb:77:31:4b:80:c5:ea:52:48:05:17:63:
                    56:d8:17:33:1b:19:9b:87:1d:0a:a9:88:8e:a3:3f:
                    01:44:a5:d6:e7:aa:1d:1e:b3:e3:b8:53:49:5e:46:
                    0d:d7:1d:77:6e:06:78:f6:e5:23:db:20:c4:45:9f:
                    ed:bd:3d:32:1e:a4:1e:dd:8a:f4:85:99:df:eb:01:
                    d3:2c:ab:f8:eb:3e:b0:08:a4:b8:9d:de:20:dd:af:
                    59:91:35:da:b2:0e:53:db:f7:8f:0e:ab:8a:5e:78:
                    47:50:a0:06:d0:19:71:29:e7:e6:de:d2:bc:3a:fe:
                    de:42:7c:69:48:98:94:81:c6:65:c7:40:f7:56:80:
                    11:23:07:1f:e5:be:b0:79:12:6c:84:38:aa:b9:fe:
                    40:66:6a:89:24:cd:bd:74:d1:78:88:13:97:be:ff:
                    a0:54:a0:cc:77:29:07:93:48:19:68:c6:d5:f4:3f:
                    89:a6:47:5c:99:20:50:09:66:47:76:b5:e7:21:2a:
                    c8:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:30:1D:1B:66:E7:44:3C:5C:DF:55:16:22:FF:08:7E:81:88:AA:06
            X509v3 Authority Key Identifier:
                keyid:8F:7A:61:73:9E:F6:7E:C4:7A:5F:D1:0E:56:FC:7A:34:DC:B7:3C:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3phc572fsR6X9EOVvx6NNy3PHA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/f7c14b-4115-4a92-81b5-738940810adf/1/j3phc572fsR6X9EOVvx6NNy3PHA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:6d:25:17:64:d4:f4:15:0a:c6:71:5e:1f:dc:e9:da:f7:3a:
         e1:93:f0:60:82:16:8c:ba:21:4b:1c:69:e8:16:76:8c:a2:b7:
         5d:6e:fa:1e:21:f0:26:fa:d6:ea:2f:5f:d1:f1:a0:f1:1c:f5:
         b3:40:18:99:8a:9d:4c:c5:65:06:02:61:49:3a:a7:0e:02:1b:
         98:30:eb:c6:5d:fb:c5:0e:8d:50:8b:f0:92:f7:fb:74:13:69:
         ce:18:59:a3:57:d3:33:9e:83:30:23:d8:7d:3c:34:25:66:be:
         7d:59:58:f4:fc:d9:1f:21:56:ec:52:54:1c:e6:26:c7:b2:3a:
         af:1d:12:d6:98:83:01:c5:33:e0:89:06:76:8b:67:64:55:2b:
         f6:c5:7a:e4:b8:7f:41:ba:e4:de:2a:74:e0:c3:a0:00:46:ef:
         6b:61:8a:7b:ef:2e:dd:45:14:1b:32:42:46:9f:02:ef:bc:ce:
         7d:20:3e:b6:ef:5d:f8:c8:d5:7e:62:63:9c:a8:9f:12:e9:13:
         2d:c4:6e:06:21:6d:bb:e5:c1:2c:37:99:04:ad:1c:76:fa:10:
         c2:a5:07:69:4a:95:5e:f6:73:96:db:52:cb:4f:f9:b3:6c:8e:
         d1:7c:19:03:49:89:10:60:41:92:f4:8c:d6:98:35:c3:5f:fc:
         48:76:22:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+DFDKWG/Zv9oNBQoeLDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2E2MTczOWVmNjdlYzQ3YTVmZDEwZTU2ZmM3YTM0ZGNi
NzNjNzAwHhcNMjYwMzI5MTkwMDM3WhcNMjYwMzMwMTkwMDM3WjAzMTEwLwYDVQQD
Eyg1OTMwMWQxYjY2ZTc0NDNjNWNkZjU1MTYyMmZmMDg3ZTgxODhhYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdLy0yK8e1qmBZdZ9OKxwk1FN4Mz
gQDKOADyj1LRvNzoQTwA1SC/cdt3jpuu0riBXvs/56rw814aHIn1wwzLdzFLgMXq
UkgFF2NW2BczGxmbhx0KqYiOoz8BRKXW56odHrPjuFNJXkYN1x13bgZ49uUj2yDE
RZ/tvT0yHqQe3Yr0hZnf6wHTLKv46z6wCKS4nd4g3a9ZkTXasg5T2/ePDquKXnhH
UKAG0BlxKefm3tK8Ov7eQnxpSJiUgcZlx0D3VoARIwcf5b6weRJshDiquf5AZmqJ
JM29dNF4iBOXvv+gVKDMdykHk0gZaMbV9D+JpkdcmSBQCWZHdrXnISrIdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkwHRtm50Q8XN9VFiL/CH6BiKoGMB8GA1UdIwQY
MBaAFI96YXOe9n7Eel/RDlb8ejTctzxwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUt
NzM4OTQwODEwYWRmLzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9mN2MxNGItNDExNS00YTkyLTgxYjUtNzM4OTQwODEwYWRm
LzEvajNwaGM1NzJmc1I2WDlFT1Z2eDZOTnkzUEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkW0lF2TU
9BUKxnFeH9zp2vc64ZPwYIIWjLohSxxp6BZ2jKK3XW76HiHwJvrW6i9f0fGg8Rz1
s0AYmYqdTMVlBgJhSTqnDgIbmDDrxl37xQ6NUIvwkvf7dBNpzhhZo1fTM56DMCPY
fTw0JWa+fVlY9PzZHyFW7FJUHOYmx7I6rx0S1piDAcUz4IkGdotnZFUr9sV65Lh/
Qbrk3ip04MOgAEbva2GKe+8u3UUUGzJCRp8C77zOfSA+tu9d+MjVfmJjnKifEukT
LcRuBiFtu+XBLDeZBK0cdvoQwqUHaUqVXvZzlttSy0/5s2yO0XwZA0mJEGBBkvSM
1pg1w1/8SHYi8A==
-----END CERTIFICATE-----