Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
File:                     pU3VdP7HLUOUwlU2uoUyydOPQLo.mft (raw, json)
Hash identifier:          PAgbXT6/M5AG8z0S1Z1Rd0szcIAqX+zww0NRUVw57Cs=
Subject key identifier:   86:3E:EA:C7:4B:CF:00:29:18:1D:FC:AC:D4:84:0E:6E:28:B1:AE:7D
Authority key identifier: A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA
Certificate issuer:       /CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
Certificate serial:       019D386664EAE9A83E39F49419671AB7B7AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
Manifest number:          0BA4
Signing time:             Sun 29 Mar 2026 07:02:07 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:07 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:07 +0000
Files and hashes:         1: pU3VdP7HLUOUwlU2uoUyydOPQLo.crl (hash: xybYEWxUhKtBW8KOkstTFLTNUv56Dj/Rqqg6nLw/vRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:64:ea:e9:a8:3e:39:f4:94:19:67:1a:b7:b7:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a54dd574fec72d4394c25536ba8532c9d38f40ba
        Validity
            Not Before: Mar 29 07:02:07 2026 GMT
            Not After : Mar 30 07:02:07 2026 GMT
        Subject: CN=863eeac74bcf0029181dfcacd4840e6e28b1ae7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5e:7a:dd:dd:d3:1e:76:4a:bb:e9:e0:34:bc:
                    c4:ba:8e:3a:a6:76:1a:86:e8:2f:f5:a5:9d:59:47:
                    d2:f6:af:81:e2:69:ab:c5:e4:d7:5c:b9:91:b6:1f:
                    16:ed:48:dd:90:8f:78:2c:3e:69:3a:df:56:78:9c:
                    03:96:e1:b0:7e:8e:04:f7:36:be:32:8c:0e:c1:bb:
                    94:23:3e:64:86:9a:cb:77:4d:46:1a:ab:a2:b0:60:
                    19:89:d5:75:42:16:0c:61:1f:12:31:f9:45:94:ab:
                    ad:77:d6:ca:de:12:a0:0c:16:3c:26:c5:74:ec:ca:
                    6f:fb:46:26:1d:01:ef:39:03:c7:a2:b6:67:bf:67:
                    e8:05:97:48:1b:18:24:fe:01:a0:b0:de:30:ea:0b:
                    bf:08:e3:f2:82:ac:57:10:25:d1:55:9d:a0:a9:e0:
                    05:2f:9b:32:3a:46:46:6b:4e:55:b8:ed:0f:6d:cb:
                    1a:53:f9:3e:38:a1:d9:6b:8e:6b:e8:44:74:4a:3b:
                    4f:97:1d:b2:99:18:ed:82:fe:40:eb:2e:0c:4e:a9:
                    ed:bb:bd:ca:79:0b:3d:6b:94:d7:fd:86:64:f0:f5:
                    68:a8:8e:a6:dc:f0:95:01:02:23:c4:1a:4f:c9:41:
                    b2:0b:90:ed:b2:3f:04:bb:1e:d7:98:9a:42:30:88:
                    7f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:3E:EA:C7:4B:CF:00:29:18:1D:FC:AC:D4:84:0E:6E:28:B1:AE:7D
            X509v3 Authority Key Identifier:
                keyid:A5:4D:D5:74:FE:C7:2D:43:94:C2:55:36:BA:85:32:C9:D3:8F:40:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pU3VdP7HLUOUwlU2uoUyydOPQLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/6934b5-96c0-476d-bf54-237f65b64327/1/pU3VdP7HLUOUwlU2uoUyydOPQLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:1e:1f:2e:4b:1f:92:05:6f:aa:1f:83:32:2b:7c:42:46:9f:
         23:a5:3f:cb:e8:31:9b:4d:41:51:88:aa:a5:a4:db:7f:d6:67:
         91:26:4e:09:f6:7a:c4:0f:e4:19:a2:9d:a4:ee:c0:7c:9d:9d:
         75:e9:96:af:6e:dd:6a:a2:48:90:f0:53:02:e2:94:cb:31:e0:
         af:f7:b4:b4:4b:0e:ca:0b:37:33:5f:17:1d:26:18:af:d7:5f:
         8c:9b:64:fb:4b:b5:ba:a4:ae:92:1a:3e:a4:a1:03:58:7a:bf:
         dd:d6:d4:eb:88:cc:c9:76:7d:02:9d:78:a0:3d:af:a3:ef:49:
         af:8b:11:82:17:a0:39:78:1e:2d:f8:55:05:a4:e4:8f:98:94:
         e2:ac:46:e0:ee:c5:d9:ab:0f:10:af:c4:20:21:f8:19:26:9a:
         0d:86:3e:f5:89:4c:39:3b:13:9e:37:fa:ad:15:e9:13:89:92:
         68:24:ac:3e:e1:11:44:a3:a0:9c:85:e6:c4:76:30:4b:ee:b5:
         64:99:8b:8a:00:e7:b7:50:95:d1:f2:88:d9:b3:68:30:62:85:
         ef:c1:b6:48:23:14:78:6e:91:6c:8d:cd:9b:91:6a:6a:df:5f:
         10:cd:ea:9a:55:a0:92:ea:3e:cd:9d:52:e4:34:a2:95:b1:3a:
         28:a7:ec:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmTq6ag+OfSUGWcat7esMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NGRkNTc0ZmVjNzJkNDM5NGMyNTUzNmJhODUzMmM5ZDM4
ZjQwYmEwHhcNMjYwMzI5MDcwMjA3WhcNMjYwMzMwMDcwMjA3WjAzMTEwLwYDVQQD
Eyg4NjNlZWFjNzRiY2YwMDI5MTgxZGZjYWNkNDg0MGU2ZTI4YjFhZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1563d3THnZKu+ngNLzEuo46pnYa
hugv9aWdWUfS9q+B4mmrxeTXXLmRth8W7UjdkI94LD5pOt9WeJwDluGwfo4E9za+
MowOwbuUIz5khprLd01GGquisGAZidV1QhYMYR8SMflFlKutd9bK3hKgDBY8JsV0
7Mpv+0YmHQHvOQPHorZnv2foBZdIGxgk/gGgsN4w6gu/COPygqxXECXRVZ2gqeAF
L5syOkZGa05VuO0PbcsaU/k+OKHZa45r6ER0SjtPlx2ymRjtgv5A6y4MTqntu73K
eQs9a5TX/YZk8PVoqI6m3PCVAQIjxBpPyUGyC5Dtsj8Eux7XmJpCMIh//wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIY+6sdLzwApGB38rNSEDm4osa59MB8GA1UdIwQY
MBaAFKVN1XT+xy1DlMJVNrqFMsnTj0C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQt
MjM3ZjY1YjY0MzI3LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82OTM0YjUtOTZjMC00NzZkLWJmNTQtMjM3ZjY1YjY0MzI3
LzEvcFUzVmRQN0hMVU9Vd2xVMnVvVXl5ZE9QUUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAox4fLksf
kgVvqh+DMit8QkafI6U/y+gxm01BUYiqpaTbf9ZnkSZOCfZ6xA/kGaKdpO7AfJ2d
demWr27daqJIkPBTAuKUyzHgr/e0tEsOygs3M18XHSYYr9dfjJtk+0u1uqSukho+
pKEDWHq/3dbU64jMyXZ9Ap14oD2vo+9Jr4sRghegOXgeLfhVBaTkj5iU4qxG4O7F
2asPEK/EICH4GSaaDYY+9YlMOTsTnjf6rRXpE4mSaCSsPuERRKOgnIXmxHYwS+61
ZJmLigDnt1CV0fKI2bNoMGKF78G2SCMUeG6RbI3Nm5Fqat9fEM3qmlWgkuo+zZ1S
5DSilbE6KKfsXQ==
-----END CERTIFICATE-----