Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          PVtnHoeKYydu5maCqOvXV0t23FDKEnGg2L12RCCDZLw=
Subject key identifier:   E3:36:EE:E1:5D:E8:F3:79:CE:67:50:6E:36:32:40:F9:C7:28:FE:1A
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       019D3978308E74C9DE1F118C81659A029A18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0997
Signing time:             Sun 29 Mar 2026 12:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 12:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 12:01:11 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: 85fIF70sN3mbr61Boa78i5Vxr6z2rdeWC01SC4rL0n0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:78:30:8e:74:c9:de:1f:11:8c:81:65:9a:02:9a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: Mar 29 12:01:11 2026 GMT
            Not After : Mar 30 12:01:11 2026 GMT
        Subject: CN=e336eee15de8f379ce67506e363240f9c728fe1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ea:26:c7:fa:25:4f:fd:4b:51:72:43:a0:43:
                    7e:8c:26:43:cd:39:6c:d7:23:84:75:d1:ed:ad:73:
                    21:88:12:f2:8a:22:80:9f:49:20:10:62:58:7f:56:
                    ed:03:9e:a5:1e:b6:e3:cd:0f:f3:eb:f2:94:e1:1e:
                    0f:6b:7b:fd:0a:39:2d:e6:d7:14:c9:16:fd:5d:c2:
                    f8:0c:bc:65:38:45:71:ae:ac:85:a6:ea:71:55:5c:
                    c9:bd:5a:d6:73:66:f2:ec:43:a0:7b:4e:b1:10:30:
                    04:73:c4:81:ca:20:37:a5:01:80:86:82:e6:0d:ec:
                    7c:ae:ee:0d:a8:29:50:f9:f8:12:4b:c3:fe:15:f8:
                    84:a4:16:75:71:62:66:24:47:4a:0b:14:ba:39:19:
                    6b:90:c0:10:e6:b5:62:d1:0b:51:a8:ec:47:e7:28:
                    94:67:42:4f:c7:d0:e8:bf:97:40:62:3e:07:de:bb:
                    57:90:3a:5d:d9:24:63:48:ed:68:6f:f4:bd:16:e7:
                    dc:e0:44:c0:f0:95:05:8d:37:3b:84:58:08:49:e7:
                    af:51:40:92:bc:b5:ed:47:88:5e:6f:d9:53:9c:e1:
                    18:82:08:af:d2:5e:73:64:d4:76:7e:91:7b:8b:8d:
                    83:78:6b:3a:04:de:f2:73:69:61:d2:0d:d9:f4:b1:
                    14:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:36:EE:E1:5D:E8:F3:79:CE:67:50:6E:36:32:40:F9:C7:28:FE:1A
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:8d:99:bb:92:ef:bd:c9:b3:87:c4:08:4a:2d:24:ab:27:cb:
         02:49:a2:db:9d:b3:eb:ab:0a:55:4f:8d:06:17:8b:a8:a8:50:
         7e:72:22:ea:2d:9d:68:1d:9c:50:f2:f2:15:1d:9e:54:88:64:
         a8:6a:1a:ea:e7:78:13:d4:3b:7e:c9:bb:fa:a1:98:52:2c:e4:
         8d:88:f9:1b:50:97:50:32:ce:97:ec:86:a6:99:9b:91:9d:4d:
         3d:4e:cc:f6:1f:dc:f1:9f:63:92:ca:7a:73:9f:98:9b:53:a6:
         62:45:dd:e1:b4:7d:aa:4f:91:cb:49:f2:3b:00:a8:dd:02:95:
         cb:79:32:2e:fb:ab:46:fd:1d:c8:25:fa:4f:a6:ec:75:75:57:
         49:bd:ad:29:61:b0:83:43:91:63:ef:25:21:c2:01:f2:ce:b1:
         d1:7d:14:a0:80:cb:3b:74:c2:d5:49:8a:53:d6:a8:15:17:81:
         6b:99:5d:00:7b:05:7d:5e:3a:ae:ea:d5:7c:bd:43:37:de:e9:
         2d:76:f2:d6:56:e2:3d:c8:19:39:93:30:3e:f0:b0:42:9c:63:
         16:37:ce:2c:27:e8:61:2a:6e:c8:5d:4f:f9:40:6b:5a:43:ff:
         b6:53:f3:1c:59:24:0c:20:32:5c:81:7b:10:3e:e2:01:1f:e2:
         7f:cf:43:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05eDCOdMneHxGMgWWaApoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjYwMzI5MTIwMTExWhcNMjYwMzMwMTIwMTExWjAzMTEwLwYDVQQD
EyhlMzM2ZWVlMTVkZThmMzc5Y2U2NzUwNmUzNjMyNDBmOWM3MjhmZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOomx/olT/1LUXJDoEN+jCZDzTls
1yOEddHtrXMhiBLyiiKAn0kgEGJYf1btA56lHrbjzQ/z6/KU4R4Pa3v9Cjkt5tcU
yRb9XcL4DLxlOEVxrqyFpupxVVzJvVrWc2by7EOge06xEDAEc8SByiA3pQGAhoLm
Dex8ru4NqClQ+fgSS8P+FfiEpBZ1cWJmJEdKCxS6ORlrkMAQ5rVi0QtRqOxH5yiU
Z0JPx9Dov5dAYj4H3rtXkDpd2SRjSO1ob/S9Fufc4ETA8JUFjTc7hFgISeevUUCS
vLXtR4heb9lTnOEYggiv0l5zZNR2fpF7i42DeGs6BN7yc2lh0g3Z9LEU7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOM27uFd6PN5zmdQbjYyQPnHKP4aMB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFI2Zu5Lv
vcmzh8QISi0kqyfLAkmi252z66sKVU+NBheLqKhQfnIi6i2daB2cUPLyFR2eVIhk
qGoa6ud4E9Q7fsm7+qGYUizkjYj5G1CXUDLOl+yGppmbkZ1NPU7M9h/c8Z9jksp6
c5+Ym1OmYkXd4bR9qk+Ry0nyOwCo3QKVy3kyLvurRv0dyCX6T6bsdXVXSb2tKWGw
g0ORY+8lIcIB8s6x0X0UoIDLO3TC1UmKU9aoFReBa5ldAHsFfV46rurVfL1DN97p
LXby1lbiPcgZOZMwPvCwQpxjFjfOLCfoYSpuyF1P+UBrWkP/tlPzHFkkDCAyXIF7
ED7iAR/if89DWQ==
-----END CERTIFICATE-----