Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          vAomUIQOYwYIzMsPnOB1567i63DjEo5aD3y6Kj4morA=
Subject key identifier:   CE:49:7E:AB:40:EC:93:DE:F5:D1:09:69:93:55:66:AE:ED:B0:AB:35
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       019D3865B565541E9EB6332780AA43D8D2E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          0D33
Signing time:             Sun 29 Mar 2026 07:01:22 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:22 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:22 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: U/lAPgHaoYvdZk7vin3o1DyvkaYVps41wdu61W0Eow4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:b5:65:54:1e:9e:b6:33:27:80:aa:43:d8:d2:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: Mar 29 07:01:22 2026 GMT
            Not After : Mar 30 07:01:22 2026 GMT
        Subject: CN=ce497eab40ec93def5d10969935566aeedb0ab35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f2:9f:29:93:0a:9d:5c:78:2f:3b:0f:5b:66:
                    04:84:a4:8f:6d:19:fb:23:5d:ee:0a:fa:d6:54:20:
                    3b:8a:4d:b4:af:bb:c9:4d:5f:fa:b5:11:53:00:cd:
                    ff:97:b8:2c:66:78:34:11:6c:d6:72:76:dc:b0:c7:
                    22:da:b9:92:1e:c2:2b:43:f9:b7:84:21:b1:85:6c:
                    08:9d:09:7e:21:c2:d3:a4:a6:b2:3f:49:db:d4:1f:
                    84:37:00:94:b6:36:3b:de:3f:7a:d5:a3:79:98:8f:
                    91:11:36:77:ec:57:47:40:fc:d6:c4:79:b7:52:fb:
                    74:df:5e:9e:6a:5b:b1:e1:44:bb:92:a8:73:22:db:
                    cf:49:e3:7b:13:fa:fe:f2:e1:78:db:7b:66:a9:60:
                    16:a2:21:16:62:f1:fc:33:cc:6a:e2:d6:26:68:48:
                    de:f5:84:5f:81:3f:7d:81:a7:1d:3b:29:7e:76:d5:
                    71:76:3b:f6:e5:11:71:6f:c9:47:12:48:79:12:aa:
                    21:55:58:98:ce:79:5f:53:e0:69:b8:e0:42:a0:3c:
                    c9:36:6e:62:86:fa:d4:ef:e7:e5:8c:30:3b:57:20:
                    7c:ac:7c:21:ee:7d:87:62:f0:ca:ac:4b:c1:84:67:
                    d7:eb:fa:c8:b6:cc:92:89:24:e1:1b:25:73:44:24:
                    19:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:49:7E:AB:40:EC:93:DE:F5:D1:09:69:93:55:66:AE:ED:B0:AB:35
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:58:39:6b:e6:7f:2e:c5:6a:e3:a3:57:c0:e2:88:3e:a3:8b:
         47:f2:21:21:ec:4d:f9:6d:e2:70:c7:22:fb:02:c9:5d:b8:fa:
         0d:ab:7c:7e:6d:9c:93:fa:88:e6:db:91:1a:2b:80:29:93:dc:
         18:7a:1b:9f:5c:21:78:67:6a:21:74:68:62:52:be:9d:78:f4:
         85:92:74:35:88:94:b5:64:30:93:c7:79:c2:e5:35:67:5a:de:
         2b:23:ae:60:6e:f9:76:66:63:a2:d9:ad:ac:66:b6:03:92:79:
         00:e7:1d:80:98:e2:7d:c9:94:dd:05:7e:0b:1a:25:63:76:db:
         c2:46:a6:f7:db:a2:1c:0c:66:3f:e1:2f:c3:54:80:4c:83:3f:
         d6:8d:29:36:39:8d:16:3a:66:c0:eb:fb:cd:d0:5c:d8:7c:bb:
         91:30:e8:42:bb:31:4f:51:de:3c:2d:05:c5:56:35:41:15:f0:
         c6:21:bf:ad:d5:c2:00:76:8b:cb:d3:b3:ea:c0:87:25:c2:ed:
         55:5e:aa:aa:90:c4:cc:ea:63:e7:9f:97:34:e9:8d:b3:44:8f:
         e3:ea:75:26:d5:10:44:52:be:cd:70:d1:d2:b8:64:c1:09:4f:
         87:54:14:82:5c:dc:ce:88:ea:51:fd:34:23:a0:7e:66:8b:b2:
         6e:93:0a:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZbVlVB6etjMngKpD2NLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjYwMzI5MDcwMTIyWhcNMjYwMzMwMDcwMTIyWjAzMTEwLwYDVQQD
EyhjZTQ5N2VhYjQwZWM5M2RlZjVkMTA5Njk5MzU1NjZhZWVkYjBhYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/KfKZMKnVx4LzsPW2YEhKSPbRn7
I13uCvrWVCA7ik20r7vJTV/6tRFTAM3/l7gsZng0EWzWcnbcsMci2rmSHsIrQ/m3
hCGxhWwInQl+IcLTpKayP0nb1B+ENwCUtjY73j961aN5mI+RETZ37FdHQPzWxHm3
Uvt0316ealux4US7kqhzItvPSeN7E/r+8uF423tmqWAWoiEWYvH8M8xq4tYmaEje
9YRfgT99gacdOyl+dtVxdjv25RFxb8lHEkh5EqohVViYznlfU+BpuOBCoDzJNm5i
hvrU7+fljDA7VyB8rHwh7n2HYvDKrEvBhGfX6/rItsySiSThGyVzRCQZQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5JfqtA7JPe9dEJaZNVZq7tsKs1MB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEFg5a+Z/
LsVq46NXwOKIPqOLR/IhIexN+W3icMci+wLJXbj6Dat8fm2ck/qI5tuRGiuAKZPc
GHobn1wheGdqIXRoYlK+nXj0hZJ0NYiUtWQwk8d5wuU1Z1reKyOuYG75dmZjotmt
rGa2A5J5AOcdgJjifcmU3QV+CxolY3bbwkam99uiHAxmP+Evw1SATIM/1o0pNjmN
FjpmwOv7zdBc2Hy7kTDoQrsxT1HePC0FxVY1QRXwxiG/rdXCAHaLy9Oz6sCHJcLt
VV6qqpDEzOpj55+XNOmNs0SP4+p1JtUQRFK+zXDR0rhkwQlPh1QUglzczojqUf00
I6B+ZouybpMKvQ==
-----END CERTIFICATE-----