Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          a07xnoGeCZr6Onghx+JD6i65w0HMth7qZdZxeeizdwE=
Subject key identifier:   EA:27:6D:85:1E:DD:27:5B:E1:DE:45:6C:37:32:3B:D1:F0:F6:66:4B
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       019D3865F0AC8CD427C3C325C4DEA4E26329
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0DEB
Signing time:             Sun 29 Mar 2026 07:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:37 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: oGGuKGzwCGUf0NGJZ0/FTsjTKZKetlYObzZWV539ZTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:f0:ac:8c:d4:27:c3:c3:25:c4:de:a4:e2:63:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Mar 29 07:01:37 2026 GMT
            Not After : Mar 30 07:01:37 2026 GMT
        Subject: CN=ea276d851edd275be1de456c37323bd1f0f6664b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:65:45:f6:ff:99:b6:d9:10:7b:90:88:ca:3d:
                    33:e0:be:e7:db:f3:fd:1d:7b:2b:b6:57:50:d9:87:
                    24:07:95:e3:e2:4e:98:72:6f:74:c7:29:03:14:ca:
                    9b:18:53:c5:38:4a:a5:c2:7e:5b:71:1f:01:03:7c:
                    0e:7d:53:aa:23:bf:53:6c:07:ce:0f:65:3b:52:28:
                    4a:5d:52:bd:ec:2d:01:24:51:19:34:e1:90:85:66:
                    de:53:c4:7d:71:55:5c:3f:6a:fc:22:8d:df:2b:a3:
                    4e:b0:e3:8e:0d:3a:42:e3:6f:c9:e4:d3:2a:85:4b:
                    1e:ba:b3:ab:7a:c3:2c:1b:99:0e:a7:7e:c7:78:f1:
                    7b:02:3a:e0:70:ff:94:92:f4:05:ef:e9:a3:68:68:
                    c6:a1:c0:f4:15:d9:88:8f:a0:22:e5:1d:03:4c:12:
                    64:b5:a9:ff:a5:85:35:ee:c8:10:d7:0d:54:80:12:
                    5a:61:19:8e:b8:31:b0:32:ae:3d:aa:69:8b:fe:15:
                    2a:d6:fa:fa:22:a0:48:2f:80:34:7a:13:e7:ae:68:
                    44:7e:80:c3:36:74:1e:ec:9c:a1:74:a4:d9:55:8e:
                    cc:ad:8a:da:67:ae:e0:34:63:9a:71:8f:e1:0a:a5:
                    08:e3:cd:a9:20:66:74:66:06:18:be:03:21:32:ce:
                    73:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:27:6D:85:1E:DD:27:5B:E1:DE:45:6C:37:32:3B:D1:F0:F6:66:4B
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:67:77:d3:21:15:58:c4:ba:aa:89:ca:2d:e3:a5:f3:68:db:
         1d:a1:4e:f4:11:ae:c7:f5:8d:84:07:37:1a:16:40:d6:bd:80:
         19:d1:2b:29:cc:12:b9:bd:46:ce:18:ff:6a:50:2b:b4:71:65:
         7e:80:a6:d4:a4:52:2c:4c:17:18:65:08:1c:4f:06:76:67:4b:
         90:ed:1c:f3:bf:29:53:98:fb:1d:ac:46:f0:ca:21:dc:ad:97:
         b4:02:5f:2a:f5:8f:10:ce:a3:5b:43:d6:d1:14:a5:4b:35:92:
         20:e5:f6:3d:9d:88:49:18:1c:30:21:fc:20:d1:8e:78:eb:ef:
         c6:c4:86:cb:64:00:12:ea:6e:4f:09:8d:fa:13:88:fc:6a:41:
         14:e0:ea:3b:a0:2f:14:eb:04:3d:1a:60:ed:86:8d:7f:a9:ea:
         0f:1f:20:8b:6a:11:88:7c:58:31:22:29:f8:08:c6:8c:64:82:
         26:ad:06:83:b8:2d:9c:e8:f1:b5:44:34:c0:19:f3:56:c6:09:
         7d:1c:a4:7b:fd:01:f0:12:96:0d:3f:f1:82:07:73:7f:27:ad:
         29:d1:8c:14:a5:10:38:0d:9c:10:f0:7c:91:21:75:5f:e4:06:
         26:00:81:a1:52:0c:31:6d:4c:2a:66:68:f9:a6:80:25:6b:c7:
         b9:4b:47:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZfCsjNQnw8MlxN6k4mMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjYwMzI5MDcwMTM3WhcNMjYwMzMwMDcwMTM3WjAzMTEwLwYDVQQD
EyhlYTI3NmQ4NTFlZGQyNzViZTFkZTQ1NmMzNzMyM2JkMWYwZjY2NjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2VF9v+ZttkQe5CIyj0z4L7n2/P9
HXsrtldQ2YckB5Xj4k6Ycm90xykDFMqbGFPFOEqlwn5bcR8BA3wOfVOqI79TbAfO
D2U7UihKXVK97C0BJFEZNOGQhWbeU8R9cVVcP2r8Io3fK6NOsOOODTpC42/J5NMq
hUseurOresMsG5kOp37HePF7AjrgcP+UkvQF7+mjaGjGocD0FdmIj6Ai5R0DTBJk
tan/pYU17sgQ1w1UgBJaYRmOuDGwMq49qmmL/hUq1vr6IqBIL4A0ehPnrmhEfoDD
NnQe7JyhdKTZVY7MrYraZ67gNGOacY/hCqUI482pIGZ0ZgYYvgMhMs5zKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOonbYUe3Sdb4d5FbDcyO9Hw9mZLMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhWd30yEV
WMS6qonKLeOl82jbHaFO9BGux/WNhAc3GhZA1r2AGdErKcwSub1Gzhj/alArtHFl
foCm1KRSLEwXGGUIHE8GdmdLkO0c878pU5j7HaxG8Moh3K2XtAJfKvWPEM6jW0PW
0RSlSzWSIOX2PZ2ISRgcMCH8INGOeOvvxsSGy2QAEupuTwmN+hOI/GpBFODqO6Av
FOsEPRpg7YaNf6nqDx8gi2oRiHxYMSIp+AjGjGSCJq0Gg7gtnOjxtUQ0wBnzVsYJ
fRyke/0B8BKWDT/xggdzfyetKdGMFKUQOA2cEPB8kSF1X+QGJgCBoVIMMW1MKmZo
+aaAJWvHuUtHYA==
-----END CERTIFICATE-----