Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          LjhHGUoA0F5IshTgx70N9xuVzdPv/qsU/EQP6Ej0vAM=
Subject key identifier:   65:4A:4E:64:E3:A4:F1:BF:50:4E:C3:2E:02:B0:6F:E3:FD:B1:F0:0E
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       019D3909A23FBEC2916896CA1E29102C3B50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          17CB
Signing time:             Sun 29 Mar 2026 10:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:25 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: Oj0s5riap6ZlFJvZmHiOLdNul5k/Lnp68x0kEyruLbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:a2:3f:be:c2:91:68:96:ca:1e:29:10:2c:3b:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Mar 29 10:00:25 2026 GMT
            Not After : Mar 30 10:00:25 2026 GMT
        Subject: CN=654a4e64e3a4f1bf504ec32e02b06fe3fdb1f00e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d1:35:b8:0f:53:0d:ba:45:ae:be:43:de:89:
                    16:5b:1b:6a:f7:12:21:cf:f4:8b:34:dd:05:89:ae:
                    12:1f:cf:a9:59:ad:33:9e:f9:6d:66:12:dd:4b:ba:
                    84:9f:67:5f:ae:a1:0b:d8:12:0d:2d:73:9b:e4:e6:
                    67:2b:ef:55:a0:b0:3e:d6:07:72:43:54:ca:21:21:
                    2e:91:7d:2a:0a:3b:3d:da:ca:0b:88:1d:4d:a2:e2:
                    db:34:e9:91:78:4d:3f:3e:d8:28:72:59:29:16:bd:
                    49:61:83:93:88:55:34:c0:ea:99:07:e4:10:4a:ed:
                    a5:44:78:0a:22:93:16:9c:ba:49:53:c9:69:27:07:
                    35:13:b6:fa:1b:e4:c2:c2:28:65:05:c5:e2:19:ff:
                    5d:c2:01:17:2e:cd:9f:ab:04:d3:2a:4e:27:8c:20:
                    d8:17:24:4f:da:09:06:a7:35:68:33:d6:2c:b9:d2:
                    a0:16:05:62:40:c3:fe:41:c9:95:d6:9b:34:00:fb:
                    e0:71:d1:e5:e2:60:a8:76:06:b3:3e:ce:fc:5a:a7:
                    4b:16:02:63:d3:0d:4a:40:4a:05:ff:39:0f:09:fd:
                    dc:87:72:18:6e:b8:0d:68:f8:72:79:45:3d:27:5b:
                    2e:ba:18:5c:87:a4:44:f0:ab:18:a2:4d:c7:3d:63:
                    9f:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:4A:4E:64:E3:A4:F1:BF:50:4E:C3:2E:02:B0:6F:E3:FD:B1:F0:0E
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:c1:31:e1:98:1e:f3:2d:b5:28:b9:08:1e:9c:da:c1:4f:62:
         d0:45:bf:67:89:9c:4a:be:00:9f:38:e9:80:0a:9c:ba:69:95:
         35:44:f9:21:5f:b0:1d:21:77:60:a6:05:f4:70:d5:bf:90:1c:
         d0:e0:30:b6:0c:e9:63:4e:66:6f:09:f8:9c:73:e0:6b:4b:7c:
         e9:93:b5:a0:cf:0a:c6:4f:23:76:8f:7a:cb:9f:d5:62:9b:ad:
         bc:29:af:5b:c5:45:6a:94:63:54:f0:d5:c7:7f:af:dc:92:44:
         89:21:3d:9f:dd:88:c5:83:f5:dc:a9:6d:48:9e:de:e2:5b:8d:
         62:b4:09:5d:2f:4e:1a:3e:30:60:4a:4e:1f:56:09:9c:0e:43:
         be:0f:e5:b6:50:34:f3:b5:21:26:70:57:19:44:a5:16:aa:0b:
         25:5d:83:a0:6d:15:da:96:d5:10:4f:52:f8:3a:30:68:08:d0:
         21:f0:5c:b2:39:c2:f1:ac:1c:c9:d9:fd:b8:2c:4e:9e:a5:76:
         39:81:0c:7e:e9:09:8b:f2:e8:e1:a8:7e:ab:7a:a3:5a:8d:f1:
         d3:7f:0e:a8:3b:de:16:30:f7:90:31:ee:8e:1f:ca:a5:04:9a:
         7c:01:ef:91:94:09:34:00:7f:2b:7d:14:44:73:1a:38:ec:09:
         07:25:66:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CaI/vsKRaJbKHikQLDtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjYwMzI5MTAwMDI1WhcNMjYwMzMwMTAwMDI1WjAzMTEwLwYDVQQD
Eyg2NTRhNGU2NGUzYTRmMWJmNTA0ZWMzMmUwMmIwNmZlM2ZkYjFmMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNE1uA9TDbpFrr5D3okWWxtq9xIh
z/SLNN0Fia4SH8+pWa0znvltZhLdS7qEn2dfrqEL2BINLXOb5OZnK+9VoLA+1gdy
Q1TKISEukX0qCjs92soLiB1NouLbNOmReE0/PtgoclkpFr1JYYOTiFU0wOqZB+QQ
Su2lRHgKIpMWnLpJU8lpJwc1E7b6G+TCwihlBcXiGf9dwgEXLs2fqwTTKk4njCDY
FyRP2gkGpzVoM9YsudKgFgViQMP+QcmV1ps0APvgcdHl4mCodgazPs78WqdLFgJj
0w1KQEoF/zkPCf3ch3IYbrgNaPhyeUU9J1suuhhch6RE8KsYok3HPWOfgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVKTmTjpPG/UE7DLgKwb+P9sfAOMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgcEx4Zge
8y21KLkIHpzawU9i0EW/Z4mcSr4AnzjpgAqcummVNUT5IV+wHSF3YKYF9HDVv5Ac
0OAwtgzpY05mbwn4nHPga0t86ZO1oM8Kxk8jdo96y5/VYputvCmvW8VFapRjVPDV
x3+v3JJEiSE9n92IxYP13KltSJ7e4luNYrQJXS9OGj4wYEpOH1YJnA5Dvg/ltlA0
87UhJnBXGUSlFqoLJV2DoG0V2pbVEE9S+DowaAjQIfBcsjnC8awcydn9uCxOnqV2
OYEMfukJi/Lo4ah+q3qjWo3x038OqDveFjD3kDHujh/KpQSafAHvkZQJNAB/K30U
RHMaOOwJByVmnA==
-----END CERTIFICATE-----