Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
File:                     o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft (raw, json)
Hash identifier:          ERxAt1T0fpz6vwdKIj5ch8wRhzLZqOyPbb2cSWOi4Uo=
Subject key identifier:   3C:C4:0B:94:95:92:13:C5:FD:35:1D:43:D4:0F:13:46:F9:E5:0D:E2
Authority key identifier: A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64
Certificate issuer:       /CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
Certificate serial:       019D38658924999394B731A690A406B3EA41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
Manifest number:          188C
Signing time:             Sun 29 Mar 2026 07:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:11 +0000
Files and hashes:         1: o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl (hash: ku2T80zM3zqxqt4LSqEy8DI0j5zvn0K/6BYZ+9U6wLk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:89:24:99:93:94:b7:31:a6:90:a4:06:b3:ea:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a8caf6217ceb10dd8c146f96b9d773edd88864
        Validity
            Not Before: Mar 29 07:01:11 2026 GMT
            Not After : Mar 30 07:01:11 2026 GMT
        Subject: CN=3cc40b94959213c5fd351d43d40f1346f9e50de2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:11:d8:4c:d8:7e:04:30:e9:73:83:95:c3:d0:
                    5b:c1:0b:e1:74:ae:2e:1b:0b:bc:9d:73:81:67:16:
                    9d:14:ed:48:95:c2:8a:f9:c7:c3:5e:cf:6f:fe:4f:
                    93:72:4e:17:e8:e5:f0:f0:9c:5d:1b:8f:1a:a4:59:
                    f0:41:c7:5a:b7:97:81:60:a5:b3:46:12:0a:9b:03:
                    66:44:98:b4:75:94:45:06:0a:50:8c:30:3f:27:a0:
                    00:8f:d7:07:3b:49:4c:b2:cc:1b:d9:20:63:d3:37:
                    c6:e9:b2:5c:f7:f8:10:69:af:0e:69:40:e9:b2:06:
                    b0:f7:29:f1:c1:d6:72:1d:a2:9b:3a:9e:ca:ca:fd:
                    6c:55:8f:fc:00:0c:e1:16:30:be:6a:bc:1d:fa:10:
                    1c:2f:9d:7e:55:40:a8:ed:cd:47:0a:9c:b6:1d:a2:
                    ca:a8:3a:c0:5d:d2:6f:e2:ad:d5:3d:43:a4:f8:b9:
                    42:49:91:bc:99:0e:56:d6:b9:db:7f:56:61:80:3a:
                    5b:54:e8:57:f9:9d:74:a1:fa:35:fe:60:88:76:c5:
                    41:a5:b5:d5:6f:40:3f:2c:e3:f7:cc:c1:2e:33:c4:
                    31:ed:83:67:59:e5:36:99:14:72:1b:6d:2f:03:54:
                    49:c1:42:43:c7:c2:b3:de:27:3c:de:95:89:ca:c5:
                    50:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:C4:0B:94:95:92:13:C5:FD:35:1D:43:D4:0F:13:46:F9:E5:0D:E2
            X509v3 Authority Key Identifier:
                keyid:A3:A8:CA:F6:21:7C:EB:10:DD:8C:14:6F:96:B9:D7:73:ED:D8:88:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6jK9iF86xDdjBRvlrnXc-3YiGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5fd023-92ea-4a63-b7d0-e5cba2137308/1/o6jK9iF86xDdjBRvlrnXc-3YiGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:77:b1:49:5c:15:36:f2:db:43:b2:e3:56:1e:fc:b2:f4:cd:
         57:ea:0e:76:81:22:b2:5d:42:0a:90:14:d1:a0:45:a2:79:81:
         be:0e:b1:b0:12:08:91:cf:87:61:2f:2d:03:6c:39:39:3c:7c:
         2b:23:f5:a8:a1:97:00:c7:4d:be:e3:ec:2a:14:40:df:3d:b7:
         93:41:75:c7:b2:65:e4:cb:34:50:01:04:e2:e9:f3:dc:d2:eb:
         87:44:68:a4:a2:73:cc:22:ba:95:f2:f6:67:9f:09:06:ba:17:
         a8:c2:da:8b:c9:fc:cb:a4:68:d0:87:ba:19:fc:0a:5c:e1:9b:
         75:1e:7f:69:5d:cd:eb:ac:18:4f:f9:58:b8:6a:b3:ce:44:9f:
         20:49:3a:f3:af:32:20:ac:7a:ee:23:30:bc:84:f1:53:94:3d:
         7e:9c:db:ee:a0:27:2f:79:ea:3c:f4:b3:cb:23:47:88:00:a4:
         0f:2f:13:96:6e:51:4a:16:b3:ca:c4:29:17:1e:bb:ce:e6:a6:
         ce:a1:ec:3e:f2:e0:ba:44:a6:3f:63:75:30:fa:4f:be:31:d4:
         ae:d0:dc:ba:1f:81:ca:55:2c:52:78:d0:dc:0e:17:05:81:4c:
         8d:4b:55:7a:d0:4b:14:c3:32:1f:30:52:db:b8:c4:e8:20:91:
         fe:f4:40:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYkkmZOUtzGmkKQGs+pBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYThjYWY2MjE3Y2ViMTBkZDhjMTQ2Zjk2YjlkNzczZWRk
ODg4NjQwHhcNMjYwMzI5MDcwMTExWhcNMjYwMzMwMDcwMTExWjAzMTEwLwYDVQQD
EygzY2M0MGI5NDk1OTIxM2M1ZmQzNTFkNDNkNDBmMTM0NmY5ZTUwZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBHYTNh+BDDpc4OVw9BbwQvhdK4u
Gwu8nXOBZxadFO1IlcKK+cfDXs9v/k+Tck4X6OXw8JxdG48apFnwQcdat5eBYKWz
RhIKmwNmRJi0dZRFBgpQjDA/J6AAj9cHO0lMsswb2SBj0zfG6bJc9/gQaa8OaUDp
sgaw9ynxwdZyHaKbOp7Kyv1sVY/8AAzhFjC+arwd+hAcL51+VUCo7c1HCpy2HaLK
qDrAXdJv4q3VPUOk+LlCSZG8mQ5W1rnbf1ZhgDpbVOhX+Z10ofo1/mCIdsVBpbXV
b0A/LOP3zMEuM8Qx7YNnWeU2mRRyG20vA1RJwUJDx8Kz3ic83pWJysVQtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDzEC5SVkhPF/TUdQ9QPE0b55Q3iMB8GA1UdIwQY
MBaAFKOoyvYhfOsQ3YwUb5a513Pt2IhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAt
ZTVjYmEyMTM3MzA4LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81ZmQwMjMtOTJlYS00YTYzLWI3ZDAtZTVjYmEyMTM3MzA4
LzEvbzZqSzlpRjg2eERkakJSdmxyblhjLTNZaUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3exSVwV
NvLbQ7LjVh78svTNV+oOdoEisl1CCpAU0aBFonmBvg6xsBIIkc+HYS8tA2w5OTx8
KyP1qKGXAMdNvuPsKhRA3z23k0F1x7Jl5Ms0UAEE4unz3NLrh0RopKJzzCK6lfL2
Z58JBroXqMLai8n8y6Ro0Ie6GfwKXOGbdR5/aV3N66wYT/lYuGqzzkSfIEk6868y
IKx67iMwvITxU5Q9fpzb7qAnL3nqPPSzyyNHiACkDy8Tlm5RShazysQpFx67zuam
zqHsPvLgukSmP2N1MPpPvjHUrtDcuh+BylUsUnjQ3A4XBYFMjUtVetBLFMMyHzBS
27jE6CCR/vRAMg==
-----END CERTIFICATE-----