Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft
File:                     iAhHmt0p6po2NI6J5dIhVSygh8g.mft (raw, json)
Hash identifier:          eSlzA1F9XBT5+LID7AHwnobBSzaTcYFF1XjmYDBT4O4=
Subject key identifier:   15:15:74:64:21:D1:41:CF:FD:A2:E4:1D:34:79:83:23:CC:8C:1E:08
Authority key identifier: 88:08:47:9A:DD:29:EA:9A:36:34:8E:89:E5:D2:21:55:2C:A0:87:C8
Certificate issuer:       /CN=8808479add29ea9a36348e89e5d221552ca087c8
Certificate serial:       019D37C10D0500C0F6D4B6E4535216831E9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iAhHmt0p6po2NI6J5dIhVSygh8g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft
Manifest number:          C3
Signing time:             Sun 29 Mar 2026 04:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:31 +0000
Files and hashes:         1: iAhHmt0p6po2NI6J5dIhVSygh8g.crl (hash: sgzwvOXP/IfN2XQdR8mH+h7k+2adGQkKyDc/fDXEi50=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iAhHmt0p6po2NI6J5dIhVSygh8g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:0d:05:00:c0:f6:d4:b6:e4:53:52:16:83:1e:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8808479add29ea9a36348e89e5d221552ca087c8
        Validity
            Not Before: Mar 29 04:01:31 2026 GMT
            Not After : Mar 30 04:01:31 2026 GMT
        Subject: CN=1515746421d141cffda2e41d34798323cc8c1e08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e4:91:17:4b:95:94:a0:f2:2e:41:bb:1a:4d:
                    13:fb:fb:ba:06:5d:e9:10:6b:a3:3b:56:5b:64:85:
                    45:74:29:43:70:1c:80:40:d4:fd:c1:b3:78:84:6e:
                    e2:76:48:04:38:41:ee:5d:4f:ac:8b:9b:a0:c3:e5:
                    0a:16:e4:2a:af:f2:01:25:58:1e:48:79:2b:2f:d1:
                    63:c8:bf:eb:92:14:f1:bc:3b:49:46:15:20:f4:03:
                    d2:79:77:e5:ae:ed:c8:47:81:16:a3:bf:96:b6:ca:
                    72:79:cd:cc:ce:9a:4f:85:9e:37:88:b9:65:f8:7e:
                    ad:7c:de:e7:f9:f1:04:b3:b1:d5:af:51:0e:1d:5a:
                    ff:b8:1a:df:1e:a8:d9:d0:8e:a2:b6:b9:b5:ef:17:
                    ff:42:3d:81:47:ed:29:d5:23:b3:37:be:f5:36:e8:
                    83:d1:55:71:5e:39:c2:bd:49:1f:ce:ff:9c:b5:84:
                    2e:92:d7:71:12:fd:cc:9a:98:d1:2d:bb:17:70:0a:
                    82:36:8a:76:42:a8:d1:ff:ef:e7:2d:0e:6b:4d:42:
                    4d:8a:a3:7e:79:2b:88:ff:86:a3:e7:82:ed:91:66:
                    0f:cb:af:19:69:33:69:f5:bf:b0:c2:da:e8:2a:05:
                    6e:91:f9:23:83:f2:25:4a:a8:54:50:66:96:5a:32:
                    95:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:15:74:64:21:D1:41:CF:FD:A2:E4:1D:34:79:83:23:CC:8C:1E:08
            X509v3 Authority Key Identifier:
                keyid:88:08:47:9A:DD:29:EA:9A:36:34:8E:89:E5:D2:21:55:2C:A0:87:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iAhHmt0p6po2NI6J5dIhVSygh8g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8a4f5-de32-499f-8188-02b715ce0048/1/iAhHmt0p6po2NI6J5dIhVSygh8g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:73:72:a9:dd:02:c7:f4:3b:dc:cc:5a:0c:1d:ac:38:1f:44:
         1b:70:40:92:68:7f:e9:34:d2:e0:8b:e6:4c:b7:16:54:52:54:
         27:8c:5d:4d:14:c8:56:87:a3:49:86:6a:bf:57:cf:51:00:65:
         29:a0:59:81:66:49:e6:e7:b7:cd:7c:61:10:55:77:0a:46:33:
         e8:d9:db:d0:aa:37:1f:ec:4f:d1:11:1a:a1:89:3c:20:a3:2e:
         0c:6a:72:37:a8:ef:0d:90:24:d5:bd:a9:bc:46:76:af:95:a2:
         7a:96:e7:ee:93:49:f4:ca:d2:ed:28:ee:fe:05:f0:ab:19:0e:
         c0:23:3e:21:a9:f9:63:ca:db:26:1f:01:80:83:6d:d8:00:7a:
         04:c0:9d:56:c2:f8:3c:d5:e7:6e:ad:6c:8d:a7:a7:a2:ed:25:
         60:84:fc:2d:97:9a:a1:50:d3:6b:f0:6c:b8:42:64:68:c1:ea:
         47:da:c5:67:b1:a6:9d:ae:14:97:78:55:97:2a:0b:ef:41:29:
         ef:da:bf:31:c6:ef:5e:f5:63:28:92:68:9e:b4:c9:0d:e8:7a:
         a0:8e:56:ef:31:80:9b:cb:b0:09:a9:66:c9:4e:a3:5b:0d:e9:
         37:f7:94:56:f0:9b:a7:c3:8d:8a:f9:64:4a:bf:17:1e:de:cd:
         d6:dd:20:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wQ0FAMD21LbkU1IWgx6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MDg0NzlhZGQyOWVhOWEzNjM0OGU4OWU1ZDIyMTU1MmNh
MDg3YzgwHhcNMjYwMzI5MDQwMTMxWhcNMjYwMzMwMDQwMTMxWjAzMTEwLwYDVQQD
EygxNTE1NzQ2NDIxZDE0MWNmZmRhMmU0MWQzNDc5ODMyM2NjOGMxZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOSRF0uVlKDyLkG7Gk0T+/u6Bl3p
EGujO1ZbZIVFdClDcByAQNT9wbN4hG7idkgEOEHuXU+si5ugw+UKFuQqr/IBJVge
SHkrL9FjyL/rkhTxvDtJRhUg9APSeXflru3IR4EWo7+Wtspyec3MzppPhZ43iLll
+H6tfN7n+fEEs7HVr1EOHVr/uBrfHqjZ0I6itrm17xf/Qj2BR+0p1SOzN771NuiD
0VVxXjnCvUkfzv+ctYQuktdxEv3MmpjRLbsXcAqCNop2QqjR/+/nLQ5rTUJNiqN+
eSuI/4aj54LtkWYPy68ZaTNp9b+wwtroKgVukfkjg/IlSqhUUGaWWjKVAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBUVdGQh0UHP/aLkHTR5gyPMjB4IMB8GA1UdIwQY
MBaAFIgIR5rdKeqaNjSOieXSIVUsoIfIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUFoSG10MHA2cG8yTkk2SjVkSWhWU3lnaDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jOGE0ZjUtZGUzMi00OTlmLTgxODgt
MDJiNzE1Y2UwMDQ4LzEvaUFoSG10MHA2cG8yTkk2SjVkSWhWU3lnaDhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jOGE0ZjUtZGUzMi00OTlmLTgxODgtMDJiNzE1Y2UwMDQ4
LzEvaUFoSG10MHA2cG8yTkk2SjVkSWhWU3lnaDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUnNyqd0C
x/Q73MxaDB2sOB9EG3BAkmh/6TTS4IvmTLcWVFJUJ4xdTRTIVoejSYZqv1fPUQBl
KaBZgWZJ5ue3zXxhEFV3CkYz6Nnb0Ko3H+xP0REaoYk8IKMuDGpyN6jvDZAk1b2p
vEZ2r5Wiepbn7pNJ9MrS7Sju/gXwqxkOwCM+Ian5Y8rbJh8BgINt2AB6BMCdVsL4
PNXnbq1sjaenou0lYIT8LZeaoVDTa/BsuEJkaMHqR9rFZ7Gmna4Ul3hVlyoL70Ep
79q/McbvXvVjKJJonrTJDeh6oI5W7zGAm8uwCalmyU6jWw3pN/eUVvCbp8ONivlk
Sr8XHt7N1t0gUw==
-----END CERTIFICATE-----