Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
File:                     OWN43jPRC4yw-AhitkkaTenP_N8.mft (raw, json)
Hash identifier:          7CIrmX52hasl7Vl/1AOmwSQaCF2FHgFv1h7kGQo4TC8=
Subject key identifier:   4D:A6:EB:A1:C1:28:55:8D:5F:A5:13:A0:2F:A9:BB:02:CA:59:90:18
Authority key identifier: 39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF
Certificate issuer:       /CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
Certificate serial:       019D37523A053B2C9BB406B444671145970E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
Manifest number:          0813
Signing time:             Sun 29 Mar 2026 02:00:28 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:28 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:28 +0000
Files and hashes:         1: OWN43jPRC4yw-AhitkkaTenP_N8.crl (hash: 6cj4nAFDaZu1n/qaJQIS63w6NgrBACI7NjFHSHyyE4A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:3a:05:3b:2c:9b:b4:06:b4:44:67:11:45:97:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
        Validity
            Not Before: Mar 29 02:00:28 2026 GMT
            Not After : Mar 30 02:00:28 2026 GMT
        Subject: CN=4da6eba1c128558d5fa513a02fa9bb02ca599018
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c3:7e:6b:c3:39:b5:51:f1:47:4e:4c:48:ef:
                    e5:ea:ae:2c:0e:32:d2:f9:39:dc:69:0e:56:e7:0d:
                    f0:da:94:ae:87:be:f8:56:e2:fe:19:f8:19:ad:16:
                    3e:20:3c:d7:38:b1:b6:1c:44:e0:ba:5b:26:69:d1:
                    18:3a:e1:ed:6b:7f:d2:55:63:7b:51:d9:14:92:93:
                    44:73:4e:4b:41:ff:da:61:34:5e:bd:dd:64:de:2a:
                    3e:05:7d:60:04:e6:a8:97:bd:5e:25:d9:d2:c2:dc:
                    0a:53:12:a2:8c:f9:a0:12:96:d0:ae:ca:d1:ad:49:
                    3a:2a:b4:82:51:2a:8b:cc:6d:b2:ff:ff:72:24:31:
                    3b:13:52:95:f5:77:4c:7a:48:b4:c0:fa:cf:be:96:
                    bf:b0:86:63:f0:bd:37:b3:b5:96:8e:dc:3a:a2:f2:
                    a6:3d:e4:ce:26:a1:b7:47:5c:65:75:bd:0a:2c:23:
                    6c:76:49:17:bd:04:32:a9:45:9c:83:25:c2:3c:27:
                    42:c2:dd:d0:fa:d8:d0:b3:83:e2:30:37:64:65:bd:
                    17:38:7a:e9:68:90:ab:9b:48:80:25:81:d1:8e:ac:
                    ab:62:27:14:ff:8d:8a:83:29:4c:51:6f:6a:78:31:
                    41:b5:d8:5b:02:35:d1:09:52:49:8c:b9:b4:2d:74:
                    8c:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:A6:EB:A1:C1:28:55:8D:5F:A5:13:A0:2F:A9:BB:02:CA:59:90:18
            X509v3 Authority Key Identifier:
                keyid:39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:02:58:c9:8e:fb:12:ac:9f:b8:6c:b4:9b:f0:59:4b:28:74:
         6a:f9:02:5e:22:a3:6d:90:66:8a:69:0f:e8:81:96:92:1e:14:
         d2:c1:d5:c0:20:5c:e7:64:41:01:b0:e2:71:7e:4e:81:e5:4d:
         0a:2b:e3:bc:b2:02:8a:7a:4b:a3:cb:6a:40:46:f8:e9:06:22:
         38:22:ca:c4:72:00:dc:90:5d:71:ca:8d:c4:17:46:01:50:17:
         3e:1b:eb:3e:71:05:18:89:a0:1d:cd:44:9f:f7:9b:d7:a3:73:
         b7:85:d9:a5:4e:65:e3:5b:63:da:8c:59:52:b7:41:90:6c:a9:
         0f:96:65:c1:e0:bb:2c:ee:39:ee:0a:cf:2b:7d:57:65:03:ab:
         3f:ba:c2:e1:53:b3:e2:0e:0a:91:b1:8e:c9:a6:99:31:20:eb:
         c2:78:43:86:9b:72:59:3c:36:eb:fa:f7:42:c6:c4:54:4c:58:
         d8:49:49:ed:01:8f:05:64:5a:be:5a:9b:a0:78:33:c1:23:60:
         29:62:d9:c9:a3:ac:d0:fe:81:a7:ea:c6:69:12:70:b1:e4:58:
         5c:de:4f:0d:8a:af:01:16:0a:87:28:7c:e3:f8:11:09:d3:cd:
         72:c3:6b:5e:f9:6a:4b:b1:b2:ef:ad:74:ba:07:d4:91:21:39:
         7b:88:22:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UjoFOyybtAa0RGcRRZcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NjM3OGRlMzNkMTBiOGNiMGY4MDg2MmI2NDkxYTRkZTlj
ZmZjZGYwHhcNMjYwMzI5MDIwMDI4WhcNMjYwMzMwMDIwMDI4WjAzMTEwLwYDVQQD
Eyg0ZGE2ZWJhMWMxMjg1NThkNWZhNTEzYTAyZmE5YmIwMmNhNTk5MDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8N+a8M5tVHxR05MSO/l6q4sDjLS
+TncaQ5W5w3w2pSuh774VuL+GfgZrRY+IDzXOLG2HETgulsmadEYOuHta3/SVWN7
UdkUkpNEc05LQf/aYTRevd1k3io+BX1gBOaol71eJdnSwtwKUxKijPmgEpbQrsrR
rUk6KrSCUSqLzG2y//9yJDE7E1KV9XdMeki0wPrPvpa/sIZj8L03s7WWjtw6ovKm
PeTOJqG3R1xldb0KLCNsdkkXvQQyqUWcgyXCPCdCwt3Q+tjQs4PiMDdkZb0XOHrp
aJCrm0iAJYHRjqyrYicU/42KgylMUW9qeDFBtdhbAjXRCVJJjLm0LXSMNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2m66HBKFWNX6UToC+puwLKWZAYMB8GA1UdIwQY
MBaAFDljeN4z0QuMsPgIYrZJGk3pz/zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTct
YmJlMDczYmY2YTY0LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTctYmJlMDczYmY2YTY0
LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmQJYyY77
EqyfuGy0m/BZSyh0avkCXiKjbZBmimkP6IGWkh4U0sHVwCBc52RBAbDicX5OgeVN
CivjvLICinpLo8tqQEb46QYiOCLKxHIA3JBdccqNxBdGAVAXPhvrPnEFGImgHc1E
n/eb16Nzt4XZpU5l41tj2oxZUrdBkGypD5ZlweC7LO457grPK31XZQOrP7rC4VOz
4g4KkbGOyaaZMSDrwnhDhptyWTw26/r3QsbEVExY2ElJ7QGPBWRavlqboHgzwSNg
KWLZyaOs0P6Bp+rGaRJwseRYXN5PDYqvARYKhyh84/gRCdPNcsNrXvlqS7Gy7610
ugfUkSE5e4giEg==
-----END CERTIFICATE-----