Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          uAPaCJAF/LRm5OYv9ZeLCHUnpc7Ph/MCtBmIGx02tIc=
Subject key identifier:   BB:93:E0:3D:D0:E5:F6:47:00:BA:FB:01:0E:B3:AE:58:DE:4A:C5:9F
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       019D386637C2CB8AE829757F021E3BA06C19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          1739
Signing time:             Sun 29 Mar 2026 07:01:56 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:56 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:56 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: Mrn0wOykmO0F/c49RhA9CKaoZQP9k0Yy6DTfnrdLN6s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:37:c2:cb:8a:e8:29:75:7f:02:1e:3b:a0:6c:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Mar 29 07:01:56 2026 GMT
            Not After : Mar 30 07:01:56 2026 GMT
        Subject: CN=bb93e03dd0e5f64700bafb010eb3ae58de4ac59f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:09:f8:43:49:a5:c4:5a:38:bc:c2:b2:1d:a8:
                    03:49:7c:f9:3f:3e:c5:3c:f5:98:0e:29:3f:fb:a8:
                    07:8f:87:55:85:6d:0b:29:8a:22:ba:ee:40:71:95:
                    4d:5b:02:c0:42:93:68:8d:50:a0:91:20:0c:b0:3f:
                    f0:28:6c:39:76:84:e1:dc:91:36:db:c8:f7:08:ea:
                    8a:44:b6:d5:79:e9:a4:5f:ec:04:6d:fa:c0:23:45:
                    16:18:f7:e5:31:d7:5a:20:ac:98:e3:dd:4b:49:dd:
                    29:ec:10:0b:4d:62:ee:f8:61:c6:81:af:92:3a:14:
                    18:3a:c3:f1:6c:39:b7:25:e3:9d:fa:9c:84:d0:b5:
                    68:f4:df:03:27:8b:78:cb:ef:b5:ca:1f:d4:95:4c:
                    8a:90:42:e3:d7:d7:9f:6f:7f:ce:62:cf:11:25:ca:
                    ea:25:6e:79:9e:10:dc:0b:ca:e8:4a:02:42:40:cc:
                    d0:eb:c0:46:a7:c9:66:d8:fb:f5:f6:e9:f6:59:55:
                    d4:94:fd:dc:0a:63:db:37:5c:ce:19:a2:2e:ea:4d:
                    fb:88:05:77:e4:cd:55:a7:8c:28:c4:44:db:ca:73:
                    1e:05:36:cc:59:a0:e8:b8:eb:5f:a9:8e:d1:a8:92:
                    bc:71:ba:27:0c:3f:92:ab:82:99:21:9d:c0:0e:80:
                    66:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:93:E0:3D:D0:E5:F6:47:00:BA:FB:01:0E:B3:AE:58:DE:4A:C5:9F
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:f3:10:c4:71:53:6c:27:c2:e8:22:d6:79:2f:c2:60:7e:77:
         08:98:f0:2b:44:5b:39:78:33:3c:a0:39:ac:5c:a3:b0:bb:23:
         32:43:a8:ca:b8:f6:e1:8f:70:7b:22:d6:98:0f:e8:34:68:dd:
         02:41:95:af:1c:a7:af:e8:67:d0:c4:71:34:f6:18:9d:82:75:
         e9:a7:d6:ee:8e:c3:7d:61:cc:47:ee:ad:ab:62:c9:6f:3b:9d:
         f7:7c:31:ab:51:d2:62:a8:3c:32:de:f0:0c:a0:68:f1:7f:49:
         a8:f3:e5:de:dd:c2:bc:21:17:ed:45:0e:8b:92:21:ec:cc:30:
         ac:73:36:78:64:41:4e:62:9a:5c:c7:f2:c5:ac:76:68:98:81:
         d3:7c:10:2a:55:1a:58:03:40:df:23:94:cb:c1:9f:57:74:c4:
         bc:a4:8f:0e:9c:80:34:8e:03:51:fd:62:96:8a:14:17:38:fd:
         f7:15:e7:f7:01:04:42:14:df:97:aa:45:7e:56:a0:ef:c2:3a:
         bd:10:89:8c:91:87:b8:8e:d9:95:f1:40:e2:26:b5:9e:42:18:
         d0:79:d8:fc:dd:37:ce:f9:ad:14:d1:9b:19:28:bf:ad:18:a6:
         46:01:f7:0a:cd:69:69:71:2b:e3:30:0b:5f:60:a7:de:f3:1b:
         64:32:56:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZjfCy4roKXV/Ah47oGwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjYwMzI5MDcwMTU2WhcNMjYwMzMwMDcwMTU2WjAzMTEwLwYDVQQD
EyhiYjkzZTAzZGQwZTVmNjQ3MDBiYWZiMDEwZWIzYWU1OGRlNGFjNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQn4Q0mlxFo4vMKyHagDSXz5Pz7F
PPWYDik/+6gHj4dVhW0LKYoiuu5AcZVNWwLAQpNojVCgkSAMsD/wKGw5doTh3JE2
28j3COqKRLbVeemkX+wEbfrAI0UWGPflMddaIKyY491LSd0p7BALTWLu+GHGga+S
OhQYOsPxbDm3JeOd+pyE0LVo9N8DJ4t4y++1yh/UlUyKkELj19efb3/OYs8RJcrq
JW55nhDcC8roSgJCQMzQ68BGp8lm2Pv19un2WVXUlP3cCmPbN1zOGaIu6k37iAV3
5M1Vp4woxETbynMeBTbMWaDouOtfqY7RqJK8cbonDD+Sq4KZIZ3ADoBmXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuT4D3Q5fZHALr7AQ6zrljeSsWfMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs/MQxHFT
bCfC6CLWeS/CYH53CJjwK0RbOXgzPKA5rFyjsLsjMkOoyrj24Y9weyLWmA/oNGjd
AkGVrxynr+hn0MRxNPYYnYJ16afW7o7DfWHMR+6tq2LJbzud93wxq1HSYqg8Mt7w
DKBo8X9JqPPl3t3CvCEX7UUOi5Ih7MwwrHM2eGRBTmKaXMfyxax2aJiB03wQKlUa
WANA3yOUy8GfV3TEvKSPDpyANI4DUf1ilooUFzj99xXn9wEEQhTfl6pFflag78I6
vRCJjJGHuI7ZlfFA4ia1nkIY0HnY/N03zvmtFNGbGSi/rRimRgH3Cs1paXEr4zAL
X2Cn3vMbZDJWTQ==
-----END CERTIFICATE-----