Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          6BX9i1BoujGi3YRDnpeQrnDHN/4L3IUXGPzV48mrkSw=
Subject key identifier:   09:3C:4E:1F:20:F0:A6:30:58:4B:FB:91:CD:20:8E:AB:AE:43:DB:7C
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       019D37F6E86113C28663908ABA5F9F7BB871
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          0647
Signing time:             Sun 29 Mar 2026 05:00:21 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:21 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:21 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: J8+wa/fXyctjPmykMhqd5upC5b2PDiwv6phm9x7uvNw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f6:e8:61:13:c2:86:63:90:8a:ba:5f:9f:7b:b8:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Mar 29 05:00:21 2026 GMT
            Not After : Mar 30 05:00:21 2026 GMT
        Subject: CN=093c4e1f20f0a630584bfb91cd208eabae43db7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:ce:1d:61:67:32:91:2b:83:e7:90:8e:c0:8b:
                    76:63:5e:19:24:92:ba:23:bf:00:9e:7d:f9:f3:fb:
                    25:cb:18:46:5d:46:a1:56:ba:5f:50:b9:c1:b8:88:
                    80:c2:d2:ad:ea:7a:a8:81:19:ea:68:17:da:cd:f4:
                    17:63:5f:27:f1:ea:63:54:b0:a8:2b:fc:3d:89:bc:
                    e1:85:fb:fd:1c:4b:45:3a:65:5c:8a:b1:47:51:2f:
                    ab:e9:db:1c:13:39:95:aa:b5:db:a3:ae:9a:aa:3c:
                    18:54:ea:ee:98:ec:26:f7:34:78:b9:c4:0d:62:0a:
                    22:e3:bb:45:51:36:63:c3:7b:44:33:1c:3b:82:6b:
                    18:9a:84:d3:7e:bb:67:a7:f6:13:a6:a2:d9:55:16:
                    77:1e:b9:37:41:ac:e7:66:f4:a2:04:67:39:f8:4e:
                    ea:a9:b8:6b:1e:33:c0:db:2a:7f:cd:6e:bd:a9:c1:
                    33:5e:d6:1f:85:8c:a9:57:7c:b5:1d:f5:f0:6b:f2:
                    cb:a7:f9:07:7f:17:56:94:ab:c8:71:86:89:d3:c1:
                    3e:cf:56:e1:e2:a7:e2:5c:d3:fd:e6:fe:00:6e:2e:
                    7b:f7:78:45:33:c5:b0:ce:f6:e0:53:99:d5:9d:5d:
                    8a:ba:f7:61:70:c0:43:17:ab:52:b7:58:4b:0c:77:
                    45:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:3C:4E:1F:20:F0:A6:30:58:4B:FB:91:CD:20:8E:AB:AE:43:DB:7C
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:77:0d:cc:f8:b6:f4:6d:24:86:aa:35:62:ad:49:d1:d3:01:
         21:a7:9a:ad:4e:d0:f4:cd:60:08:e8:89:87:1c:44:82:b7:b3:
         d5:8c:a7:b3:45:dd:95:42:08:1e:7a:28:d5:0c:92:89:dd:66:
         c2:b6:b2:3b:ab:59:99:f1:f0:4c:54:18:ef:52:a2:8a:60:52:
         74:7a:cd:23:aa:2f:08:c5:a0:f9:5e:89:2c:f0:74:32:0f:f8:
         c0:02:8b:fe:80:d8:d9:cc:0b:a7:9e:9a:f3:7f:04:7f:90:ff:
         bb:ef:c5:39:37:df:e5:8c:b2:78:e1:a0:c1:1f:de:42:47:e9:
         9c:0d:75:7e:dd:b2:44:a3:d8:42:50:a9:ff:a4:f0:60:47:0a:
         2d:64:79:fd:97:99:ca:16:56:a8:b5:98:1d:b7:4b:70:80:34:
         a7:e4:cc:25:59:23:62:cf:c9:46:67:48:b5:1c:1c:e8:4b:96:
         ef:12:e0:51:96:64:4c:79:d4:ac:04:c4:61:45:9f:e8:e7:bb:
         d7:a2:f7:67:c3:25:b0:ce:2f:1c:6c:97:54:3c:c5:87:58:53:
         27:4f:2b:03:9f:c2:d3:5b:af:39:b4:b3:11:12:87:0f:3c:3f:
         a6:96:ec:2c:a9:b5:62:81:63:bb:67:a9:20:d3:94:3c:67:fb:
         1e:c1:ff:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039uhhE8KGY5CKul+fe7hxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjYwMzI5MDUwMDIxWhcNMjYwMzMwMDUwMDIxWjAzMTEwLwYDVQQD
EygwOTNjNGUxZjIwZjBhNjMwNTg0YmZiOTFjZDIwOGVhYmFlNDNkYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc4dYWcykSuD55COwIt2Y14ZJJK6
I78Ann358/slyxhGXUahVrpfULnBuIiAwtKt6nqogRnqaBfazfQXY18n8epjVLCo
K/w9ibzhhfv9HEtFOmVcirFHUS+r6dscEzmVqrXbo66aqjwYVOrumOwm9zR4ucQN
Ygoi47tFUTZjw3tEMxw7gmsYmoTTfrtnp/YTpqLZVRZ3Hrk3QaznZvSiBGc5+E7q
qbhrHjPA2yp/zW69qcEzXtYfhYypV3y1HfXwa/LLp/kHfxdWlKvIcYaJ08E+z1bh
4qfiXNP95v4Abi5793hFM8WwzvbgU5nVnV2KuvdhcMBDF6tSt1hLDHdFIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAk8Th8g8KYwWEv7kc0gjquuQ9t8MB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcncNzPi2
9G0khqo1Yq1J0dMBIaearU7Q9M1gCOiJhxxEgrez1Yyns0XdlUIIHnoo1QySid1m
wrayO6tZmfHwTFQY71KiimBSdHrNI6ovCMWg+V6JLPB0Mg/4wAKL/oDY2cwLp56a
838Ef5D/u+/FOTff5YyyeOGgwR/eQkfpnA11ft2yRKPYQlCp/6TwYEcKLWR5/ZeZ
yhZWqLWYHbdLcIA0p+TMJVkjYs/JRmdItRwc6EuW7xLgUZZkTHnUrATEYUWf6Oe7
16L3Z8MlsM4vHGyXVDzFh1hTJ08rA5/C01uvObSzERKHDzw/ppbsLKm1YoFju2ep
INOUPGf7HsH/ww==
-----END CERTIFICATE-----