Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          3MAPTuP7Hqfxwl1ZwuWOdS/fzI3WqpuKEyrZcGG+yUs=
Subject key identifier:   90:87:9D:F4:0D:C3:DC:6A:43:20:0F:55:D6:CE:9B:7A:12:E6:BD:DB
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019D38662A52A1C1B2309677671C9AB07D6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          0879
Signing time:             Sun 29 Mar 2026 07:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:52 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: mTAtu8ZA8v3czO3M1tj7LUQ1DOxyR7QQ86poWLj9c4Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:2a:52:a1:c1:b2:30:96:77:67:1c:9a:b0:7d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: Mar 29 07:01:52 2026 GMT
            Not After : Mar 30 07:01:52 2026 GMT
        Subject: CN=90879df40dc3dc6a43200f55d6ce9b7a12e6bddb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:31:fa:b0:89:41:ad:26:2d:b2:7e:08:36:a6:
                    a6:72:30:ba:c8:f4:a2:b2:17:01:2d:d5:d7:f5:8d:
                    55:65:cd:04:f3:4f:c8:09:49:0e:a4:ca:5e:ec:3a:
                    b3:f9:89:ed:2a:96:0c:dc:bd:3c:af:f4:0a:40:32:
                    87:c3:74:d6:63:30:cf:46:15:f3:09:13:b3:7f:8b:
                    c2:bc:a5:94:a0:49:db:62:ad:ed:26:7a:f5:95:8f:
                    44:2c:9f:9d:ea:20:69:65:51:ef:26:74:98:76:2f:
                    1d:84:d9:82:33:5c:57:95:10:83:b0:55:a3:47:1f:
                    66:0d:14:87:60:06:07:c8:8d:c1:1a:81:1e:b6:d3:
                    42:1d:69:17:fe:8a:d6:eb:e6:b0:9c:e4:11:56:8f:
                    18:02:7e:9c:3b:7e:00:8e:a6:93:e3:81:ed:e4:98:
                    ec:9a:ab:da:14:83:61:d7:27:b9:ed:b1:02:c1:e4:
                    34:37:de:ec:1e:aa:df:86:33:8e:14:86:2d:2a:a5:
                    ad:a1:4c:75:5c:9e:bc:90:40:6b:61:21:3b:84:9c:
                    10:cc:f5:69:59:71:ef:ce:28:6e:ec:9b:0e:b5:60:
                    fc:59:12:b7:2e:b8:bb:75:9e:c0:77:c8:67:73:a4:
                    77:c5:9b:3f:92:fc:e8:c6:e9:dc:70:21:94:dd:44:
                    fc:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:87:9D:F4:0D:C3:DC:6A:43:20:0F:55:D6:CE:9B:7A:12:E6:BD:DB
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:b6:34:dc:f7:a9:3d:e5:7e:fa:56:22:88:87:c9:4d:d0:97:
         8e:90:69:02:7f:f5:11:25:c4:01:7b:ba:fd:91:7b:61:d3:43:
         4c:59:fd:9d:87:03:26:ab:44:de:2c:ed:a7:d9:38:a7:7d:52:
         f4:21:32:59:6d:1c:3c:a8:8b:ed:48:3d:79:bf:50:ee:ec:36:
         cf:ff:9b:7d:34:6e:50:ab:65:50:13:95:b1:a1:e1:0b:c5:6c:
         53:eb:1b:c0:d4:67:64:d8:15:99:46:0b:dc:de:74:f3:9a:66:
         12:da:62:e7:25:c3:6e:13:b3:58:69:bf:7a:d3:cd:3d:71:d7:
         c1:08:13:02:35:8f:43:8c:2f:f6:50:cd:08:47:4f:e1:94:d6:
         09:c1:0d:e1:2b:d6:16:15:1b:12:cf:75:97:6e:26:0f:eb:9e:
         65:b6:59:2b:71:da:ec:9d:38:16:c7:7a:f6:01:0e:26:ac:b2:
         a0:8f:82:c5:5b:74:a9:9f:9d:a6:39:90:78:ab:be:c5:13:5c:
         0c:f1:89:e8:da:69:3e:20:1d:cd:ee:a4:02:a1:e3:91:12:1d:
         9d:09:89:db:dd:d8:93:01:71:8a:2f:97:cb:dc:32:20:e3:bd:
         0e:c2:bc:e1:dd:21:9f:43:99:dd:59:2b:77:aa:54:85:75:81:
         1e:a2:ba:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZipSocGyMJZ3ZxyasH1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwMzI5MDcwMTUyWhcNMjYwMzMwMDcwMTUyWjAzMTEwLwYDVQQD
Eyg5MDg3OWRmNDBkYzNkYzZhNDMyMDBmNTVkNmNlOWI3YTEyZTZiZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DH6sIlBrSYtsn4INqamcjC6yPSi
shcBLdXX9Y1VZc0E80/ICUkOpMpe7Dqz+YntKpYM3L08r/QKQDKHw3TWYzDPRhXz
CROzf4vCvKWUoEnbYq3tJnr1lY9ELJ+d6iBpZVHvJnSYdi8dhNmCM1xXlRCDsFWj
Rx9mDRSHYAYHyI3BGoEettNCHWkX/orW6+awnOQRVo8YAn6cO34AjqaT44Ht5Jjs
mqvaFINh1ye57bECweQ0N97sHqrfhjOOFIYtKqWtoUx1XJ68kEBrYSE7hJwQzPVp
WXHvzihu7JsOtWD8WRK3Lri7dZ7Ad8hnc6R3xZs/kvzoxunccCGU3UT8kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCHnfQNw9xqQyAPVdbOm3oS5r3bMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcLY03Pep
PeV++lYiiIfJTdCXjpBpAn/1ESXEAXu6/ZF7YdNDTFn9nYcDJqtE3iztp9k4p31S
9CEyWW0cPKiL7Ug9eb9Q7uw2z/+bfTRuUKtlUBOVsaHhC8VsU+sbwNRnZNgVmUYL
3N5085pmEtpi5yXDbhOzWGm/etPNPXHXwQgTAjWPQ4wv9lDNCEdP4ZTWCcEN4SvW
FhUbEs91l24mD+ueZbZZK3Ha7J04Fsd69gEOJqyyoI+CxVt0qZ+dpjmQeKu+xRNc
DPGJ6NppPiAdze6kAqHjkRIdnQmJ293YkwFxii+Xy9wyIOO9DsK84d0hn0OZ3Vkr
d6pUhXWBHqK6hw==
-----END CERTIFICATE-----