Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft
File:                     3aYlyUiBFZZabdCk8ILfO0LZSUg.mft (raw, json)
Hash identifier:          Ik3gOW7bxhX9dmAvizhztwtFWUs3QGVPHq/G5PofAvs=
Subject key identifier:   85:8D:65:69:26:32:8E:D0:5C:99:EA:EC:EA:E5:B7:8B:82:DE:F4:56
Authority key identifier: DD:A6:25:C9:48:81:15:96:5A:6D:D0:A4:F0:82:DF:3B:42:D9:49:48
Certificate issuer:       /CN=dda625c9488115965a6dd0a4f082df3b42d94948
Certificate serial:       019D371BE8815B08AFFA4E16DE93AA03DC6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3aYlyUiBFZZabdCk8ILfO0LZSUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft
Manifest number:          55
Signing time:             Sun 29 Mar 2026 01:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 01:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 01:01:08 +0000
Files and hashes:         1: 3aYlyUiBFZZabdCk8ILfO0LZSUg.crl (hash: l/1w+97lPRUkB2+zJ4ReARMjzVc0gRVWETkdJtiq6kI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3aYlyUiBFZZabdCk8ILfO0LZSUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:e8:81:5b:08:af:fa:4e:16:de:93:aa:03:dc:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dda625c9488115965a6dd0a4f082df3b42d94948
        Validity
            Not Before: Mar 29 01:01:08 2026 GMT
            Not After : Mar 30 01:01:08 2026 GMT
        Subject: CN=858d656926328ed05c99eaeceae5b78b82def456
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:07:3f:1b:31:80:61:e4:79:c4:73:1f:64:34:
                    52:61:5a:43:ae:72:66:a5:6f:6c:e2:dd:c5:8d:52:
                    23:4d:1d:ac:f3:74:a6:9a:1d:1a:a7:73:d8:3a:71:
                    a7:e2:95:8d:82:fb:55:22:79:b7:33:9a:17:b0:12:
                    51:a5:f5:5b:b2:8f:1d:e6:73:ca:9c:d4:c3:6b:24:
                    48:de:d9:6c:0f:23:c0:0b:a6:ac:9d:46:95:42:cb:
                    d0:50:fa:e2:01:51:39:12:2b:be:e8:9d:f5:38:f9:
                    4d:0f:de:2a:05:3a:88:3b:28:ed:bc:dd:ca:a0:17:
                    e8:c7:63:bd:a6:17:9a:8d:0c:04:3d:c0:5d:32:c2:
                    63:20:77:12:95:90:8b:35:30:a4:b1:97:46:bb:b7:
                    0f:e8:3f:11:27:b5:1a:54:6f:b7:3a:e5:23:f2:b7:
                    df:e6:dc:01:51:01:05:d8:17:e4:50:48:fb:9d:55:
                    41:08:ad:66:fe:15:57:f4:b8:21:05:fb:74:c3:ef:
                    4a:e3:aa:e7:9d:ed:a0:b6:fb:9e:4d:b9:07:6c:cc:
                    a9:26:6d:1b:01:7b:ed:f3:22:fc:ae:0d:d3:eb:ef:
                    ab:64:26:f9:76:dc:be:83:90:ac:9c:58:36:71:0d:
                    0c:41:77:1c:c7:0f:06:8c:8e:33:e5:fc:20:a1:6b:
                    a1:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:8D:65:69:26:32:8E:D0:5C:99:EA:EC:EA:E5:B7:8B:82:DE:F4:56
            X509v3 Authority Key Identifier:
                keyid:DD:A6:25:C9:48:81:15:96:5A:6D:D0:A4:F0:82:DF:3B:42:D9:49:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3aYlyUiBFZZabdCk8ILfO0LZSUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/af6421-299c-4fd5-8acb-271a923c9ece/1/3aYlyUiBFZZabdCk8ILfO0LZSUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:07:a0:e3:a1:1f:9d:89:98:46:95:1e:7b:c8:88:b4:c2:0b:
         2e:93:4a:09:50:87:a5:81:7b:8e:3e:0d:f8:a9:df:8a:d5:43:
         ad:0d:e1:f6:65:75:a3:90:1a:97:43:96:3b:2c:a5:9c:14:38:
         e0:0e:37:a1:07:36:f6:f3:33:28:b7:13:18:05:64:b0:8c:1a:
         0c:59:82:c2:7f:a2:bc:db:b8:e5:2c:a0:2b:99:a2:01:ba:ca:
         01:fc:43:42:bc:b0:ca:ff:5d:75:38:39:d8:78:a5:c0:c0:8d:
         f3:72:1c:59:8c:df:6b:e4:ed:ab:74:df:0e:f2:1c:41:88:e8:
         3d:ca:c4:bb:b0:c2:b9:3d:99:6c:40:8d:1b:39:17:9a:53:98:
         41:60:10:e5:7e:34:12:f8:49:17:d6:19:66:d2:ef:c1:92:67:
         20:6a:a1:8d:bc:8f:46:51:8b:2f:e2:c7:7f:b1:4d:a2:fb:9b:
         aa:c4:20:7f:a8:03:be:a1:12:ca:a2:39:86:bb:98:4b:6a:da:
         54:a7:35:d8:39:5b:f5:d1:a9:02:50:dd:28:45:8e:3c:c5:07:
         d0:f1:19:bb:52:1d:7d:ef:98:82:42:9d:5e:50:3d:85:7f:73:
         5d:47:b0:38:a8:2d:c2:2f:ae:f7:d7:be:a2:c2:1c:c5:2b:83:
         4e:b6:5e:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G+iBWwiv+k4W3pOqA9xtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYTYyNWM5NDg4MTE1OTY1YTZkZDBhNGYwODJkZjNiNDJk
OTQ5NDgwHhcNMjYwMzI5MDEwMTA4WhcNMjYwMzMwMDEwMTA4WjAzMTEwLwYDVQQD
Eyg4NThkNjU2OTI2MzI4ZWQwNWM5OWVhZWNlYWU1Yjc4YjgyZGVmNDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQc/GzGAYeR5xHMfZDRSYVpDrnJm
pW9s4t3FjVIjTR2s83Smmh0ap3PYOnGn4pWNgvtVInm3M5oXsBJRpfVbso8d5nPK
nNTDayRI3tlsDyPAC6asnUaVQsvQUPriAVE5Eiu+6J31OPlND94qBTqIOyjtvN3K
oBfox2O9pheajQwEPcBdMsJjIHcSlZCLNTCksZdGu7cP6D8RJ7UaVG+3OuUj8rff
5twBUQEF2BfkUEj7nVVBCK1m/hVX9LghBft0w+9K46rnne2gtvueTbkHbMypJm0b
AXvt8yL8rg3T6++rZCb5dty+g5CsnFg2cQ0MQXccxw8GjI4z5fwgoWuhxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWNZWkmMo7QXJnq7Orlt4uC3vRWMB8GA1UdIwQY
MBaAFN2mJclIgRWWWm3QpPCC3ztC2UlIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2FZbHlVaUJGWlphYmRDazhJTGZPMExaU1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hZjY0MjEtMjk5Yy00ZmQ1LThhY2It
MjcxYTkyM2M5ZWNlLzEvM2FZbHlVaUJGWlphYmRDazhJTGZPMExaU1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hZjY0MjEtMjk5Yy00ZmQ1LThhY2ItMjcxYTkyM2M5ZWNl
LzEvM2FZbHlVaUJGWlphYmRDazhJTGZPMExaU1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQeg46Ef
nYmYRpUee8iItMILLpNKCVCHpYF7jj4N+KnfitVDrQ3h9mV1o5Aal0OWOyylnBQ4
4A43oQc29vMzKLcTGAVksIwaDFmCwn+ivNu45SygK5miAbrKAfxDQrywyv9ddTg5
2HilwMCN83IcWYzfa+Ttq3TfDvIcQYjoPcrEu7DCuT2ZbECNGzkXmlOYQWAQ5X40
EvhJF9YZZtLvwZJnIGqhjbyPRlGLL+LHf7FNovubqsQgf6gDvqESyqI5hruYS2ra
VKc12Dlb9dGpAlDdKEWOPMUH0PEZu1Idfe+YgkKdXlA9hX9zXUewOKgtwi+u99e+
osIcxSuDTrZeHg==
-----END CERTIFICATE-----