Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          I2up175MTVfx4ONMZjse0Nft/ENsRpJ4vWgFFqcVVdQ=
Subject key identifier:   D5:D8:82:E4:83:B0:00:8F:A3:9A:84:64:86:FE:AC:DA:D7:2B:13:88
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       019D386587BC22EEF0FC02505CD8E5CA6769
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          0C11
Signing time:             Sun 29 Mar 2026 07:01:11 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:11 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:11 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: Vkyb6+xlJpSNbAL8rfffO3zewJWKvwlHxkdcqt2FixM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:87:bc:22:ee:f0:fc:02:50:5c:d8:e5:ca:67:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Mar 29 07:01:11 2026 GMT
            Not After : Mar 30 07:01:11 2026 GMT
        Subject: CN=d5d882e483b0008fa39a846486feacdad72b1388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:76:08:b4:cf:a7:f0:69:cd:aa:d8:83:ff:09:
                    24:60:43:d7:41:d6:c2:d8:50:96:0b:b9:55:d6:dd:
                    a7:86:a2:65:2f:f2:d9:a6:44:88:20:ad:85:b4:c2:
                    6a:92:61:d7:f2:97:75:dd:c3:3a:c2:18:47:77:ce:
                    c6:a5:f1:7e:aa:4d:f2:e0:ac:e6:bc:1a:d0:ee:76:
                    e9:d2:e6:71:7c:4b:26:59:ed:01:af:60:f4:3c:ae:
                    b0:e9:e0:2c:82:2a:a8:e4:26:99:0f:c7:fc:c7:ec:
                    82:50:f5:a2:e0:b8:ea:97:32:ab:53:e3:a4:ce:31:
                    31:4e:c9:61:6e:03:20:69:45:f0:7e:cc:1a:2d:9b:
                    89:a5:3a:c4:5f:75:12:44:39:00:20:53:7c:f5:f1:
                    d0:1c:5b:61:f7:75:89:af:77:66:8f:12:3f:77:3e:
                    d6:b2:d8:cf:bb:00:50:86:b3:1e:79:5d:8f:c1:d4:
                    f7:38:e6:4b:78:4f:e1:ea:5a:20:ba:aa:ae:87:19:
                    97:a3:cd:36:40:10:4b:0e:27:10:64:3b:97:dd:55:
                    4f:f0:be:74:db:78:42:29:75:63:a0:8a:79:9e:5a:
                    02:77:4d:64:33:45:9d:b8:1c:4e:f1:a1:b7:34:e0:
                    ef:4a:9d:41:f8:8e:b6:08:5d:38:41:60:e3:43:4b:
                    64:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D8:82:E4:83:B0:00:8F:A3:9A:84:64:86:FE:AC:DA:D7:2B:13:88
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:be:3d:fd:28:cc:3e:1b:7e:4c:f5:59:d6:21:34:65:9d:26:
         59:ff:68:4c:df:76:3b:dc:01:fb:0a:7d:e9:c9:52:e4:74:a4:
         36:d3:6b:aa:66:88:a2:eb:97:6f:3a:17:e6:08:07:09:da:b5:
         9d:fd:be:7e:a4:e4:f7:01:43:69:2f:b9:0d:48:02:f7:97:95:
         42:c0:77:68:98:4e:e6:ea:90:5e:51:92:1f:3d:48:2b:2d:71:
         b6:7c:e5:b8:8d:d7:c7:45:4a:92:5d:22:6b:c4:ac:1e:61:80:
         56:11:6d:11:a7:b7:dd:bd:b2:cf:53:ee:68:98:e4:87:47:6c:
         1a:ea:54:69:a1:ff:a2:b2:fc:9e:8a:7f:25:a0:b6:f8:66:63:
         ec:ba:c2:4a:ae:2b:c2:90:ec:25:4e:36:3a:f8:67:e2:11:cf:
         77:5e:76:01:0d:8b:04:87:b2:1c:ee:4b:5c:4a:8d:a9:26:30:
         72:ce:6b:ff:5e:36:df:e0:f6:ea:36:38:3a:c7:33:89:3b:f7:
         33:98:97:29:f5:a8:55:a3:34:62:2d:47:0c:29:9e:c6:b5:0a:
         c0:39:9f:eb:d9:ae:fe:71:fe:77:a1:46:01:08:d8:19:79:b2:
         9c:f9:6b:bd:92:ed:28:71:88:d6:57:87:1e:51:48:3a:01:56:
         4c:ca:21:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYe8Iu7w/AJQXNjlymdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjYwMzI5MDcwMTExWhcNMjYwMzMwMDcwMTExWjAzMTEwLwYDVQQD
EyhkNWQ4ODJlNDgzYjAwMDhmYTM5YTg0NjQ4NmZlYWNkYWQ3MmIxMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznYItM+n8GnNqtiD/wkkYEPXQdbC
2FCWC7lV1t2nhqJlL/LZpkSIIK2FtMJqkmHX8pd13cM6whhHd87GpfF+qk3y4Kzm
vBrQ7nbp0uZxfEsmWe0Br2D0PK6w6eAsgiqo5CaZD8f8x+yCUPWi4LjqlzKrU+Ok
zjExTslhbgMgaUXwfswaLZuJpTrEX3USRDkAIFN89fHQHFth93WJr3dmjxI/dz7W
stjPuwBQhrMeeV2PwdT3OOZLeE/h6loguqquhxmXo802QBBLDicQZDuX3VVP8L50
23hCKXVjoIp5nloCd01kM0WduBxO8aG3NODvSp1B+I62CF04QWDjQ0tkxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXYguSDsACPo5qEZIb+rNrXKxOIMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVr49/SjM
Pht+TPVZ1iE0ZZ0mWf9oTN92O9wB+wp96clS5HSkNtNrqmaIouuXbzoX5ggHCdq1
nf2+fqTk9wFDaS+5DUgC95eVQsB3aJhO5uqQXlGSHz1IKy1xtnzluI3Xx0VKkl0i
a8SsHmGAVhFtEae33b2yz1PuaJjkh0dsGupUaaH/orL8nop/JaC2+GZj7LrCSq4r
wpDsJU42Ovhn4hHPd152AQ2LBIeyHO5LXEqNqSYwcs5r/1423+D26jY4OscziTv3
M5iXKfWoVaM0Yi1HDCmexrUKwDmf69mu/nH+d6FGAQjYGXmynPlrvZLtKHGI1leH
HlFIOgFWTMohqw==
-----END CERTIFICATE-----