Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
File:                     dqIj-utMXd95nTyiqWDAbB1tHZY.mft (raw, json)
Hash identifier:          /9EuPGkafQlqGfVnurPt1ch6/BS7UT2ln3jStWlm9Tk=
Subject key identifier:   84:AB:B9:3A:55:BB:55:BD:17:68:98:43:93:28:3C:22:78:61:86:8E
Authority key identifier: 76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96
Certificate issuer:       /CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
Certificate serial:       019D37891014465223A6C34F16C40A0B7901
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
Manifest number:          0E3D
Signing time:             Sun 29 Mar 2026 03:00:22 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:22 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:22 +0000
Files and hashes:         1: dqIj-utMXd95nTyiqWDAbB1tHZY.crl (hash: /F3+96AbVpapunMkaW6ybEhPKAhZFpbwMkOWGI7PoNc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:10:14:46:52:23:a6:c3:4f:16:c4:0a:0b:79:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76a223faeb4c5ddf799d3ca2a960c06c1d6d1d96
        Validity
            Not Before: Mar 29 03:00:22 2026 GMT
            Not After : Mar 30 03:00:22 2026 GMT
        Subject: CN=84abb93a55bb55bd1768984393283c227861868e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b9:7f:85:b1:20:d5:97:8b:43:d7:3d:ff:50:
                    d9:1e:e2:7a:a6:41:82:ea:25:e7:22:b4:22:cd:5f:
                    0e:d8:99:02:5c:13:7e:34:71:c2:aa:bd:9a:75:e4:
                    b8:4d:a2:bb:95:2a:86:ea:00:34:ba:8f:61:c8:0b:
                    1f:2e:2f:65:16:31:7b:16:22:38:33:40:90:7a:6a:
                    64:98:bf:dc:ae:fd:eb:a7:e5:0e:fe:ae:09:0c:71:
                    68:38:ec:77:dc:c6:5b:b6:c0:5b:c6:02:f7:ee:6e:
                    72:a4:0a:d4:aa:d5:6d:e9:3e:1e:a0:d6:92:a4:5d:
                    28:b1:b9:af:30:0b:4c:ec:8b:8f:79:74:20:06:68:
                    2a:9b:9f:f8:ad:58:d4:16:6c:46:0b:c5:da:97:79:
                    4f:6d:de:91:c2:4d:14:fe:23:f1:f7:64:a8:f1:fd:
                    87:ca:a7:6d:e4:eb:95:9d:cf:de:ab:e2:51:99:a0:
                    60:c5:ce:17:37:be:36:e2:81:5e:7a:48:2b:a2:b2:
                    8d:28:df:7e:8a:97:37:11:57:86:4e:b1:66:32:76:
                    db:54:29:65:ec:5c:9b:b5:f3:ea:2c:ff:ab:eb:73:
                    f0:f3:a9:32:dd:83:dd:ee:bd:aa:a2:d4:e3:fb:31:
                    7e:3a:bb:ae:23:0a:c9:2f:3e:37:61:d0:15:17:88:
                    f5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:AB:B9:3A:55:BB:55:BD:17:68:98:43:93:28:3C:22:78:61:86:8E
            X509v3 Authority Key Identifier:
                keyid:76:A2:23:FA:EB:4C:5D:DF:79:9D:3C:A2:A9:60:C0:6C:1D:6D:1D:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqIj-utMXd95nTyiqWDAbB1tHZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5f0ab1-235c-4cda-b538-1ddee855cdf8/1/dqIj-utMXd95nTyiqWDAbB1tHZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:eb:b3:71:d9:7b:92:50:0a:78:d7:38:f8:61:a8:17:0f:79:
         26:88:50:5a:79:44:e4:11:01:0d:f6:91:4a:00:4d:23:49:45:
         e1:d6:aa:c8:92:77:c0:e2:a2:5a:6e:f2:13:1e:7b:71:23:f8:
         a5:7d:1e:b1:a2:f6:dc:9d:8a:8a:ed:45:bf:d0:14:40:be:0a:
         f5:bc:8e:65:b3:17:9f:9f:20:00:8d:d4:58:d1:19:30:cb:0f:
         fe:a4:c3:af:c7:08:f9:50:0d:e1:d6:40:c7:6f:d4:b9:c2:57:
         88:1e:7a:5b:1d:09:51:1d:74:cd:5b:09:48:3b:ce:40:41:29:
         be:11:74:f4:ae:e7:1f:e6:0d:e6:15:5e:1f:33:c0:04:96:90:
         31:b7:3d:f2:1e:2c:9b:2c:95:d2:9e:b4:14:d4:f1:14:64:4e:
         a7:a0:c4:47:6b:37:3f:3a:07:a3:87:47:d6:f7:72:85:f0:48:
         ab:61:99:8b:41:aa:7e:26:fc:90:de:a6:3e:69:82:7c:a2:af:
         e8:0e:9d:9b:4d:95:e4:db:3a:16:d0:77:f7:db:b3:aa:90:d8:
         7f:4c:78:5e:9c:a8:15:29:e5:9e:2d:dd:77:40:67:27:91:cf:
         0b:f4:b8:92:dc:c9:ac:fc:53:66:4f:56:ed:f1:f8:65:d2:6f:
         30:47:c1:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRAURlIjpsNPFsQKC3kBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTIyM2ZhZWI0YzVkZGY3OTlkM2NhMmE5NjBjMDZjMWQ2
ZDFkOTYwHhcNMjYwMzI5MDMwMDIyWhcNMjYwMzMwMDMwMDIyWjAzMTEwLwYDVQQD
Eyg4NGFiYjkzYTU1YmI1NWJkMTc2ODk4NDM5MzI4M2MyMjc4NjE4NjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ll/hbEg1ZeLQ9c9/1DZHuJ6pkGC
6iXnIrQizV8O2JkCXBN+NHHCqr2adeS4TaK7lSqG6gA0uo9hyAsfLi9lFjF7FiI4
M0CQempkmL/crv3rp+UO/q4JDHFoOOx33MZbtsBbxgL37m5ypArUqtVt6T4eoNaS
pF0osbmvMAtM7IuPeXQgBmgqm5/4rVjUFmxGC8Xal3lPbd6Rwk0U/iPx92So8f2H
yqdt5OuVnc/eq+JRmaBgxc4XN7424oFeekgrorKNKN9+ipc3EVeGTrFmMnbbVCll
7FybtfPqLP+r63Pw86ky3YPd7r2qotTj+zF+OruuIwrJLz43YdAVF4j1ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISruTpVu1W9F2iYQ5MoPCJ4YYaOMB8GA1UdIwQY
MBaAFHaiI/rrTF3feZ08oqlgwGwdbR2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1Mzgt
MWRkZWU4NTVjZGY4LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZjBhYjEtMjM1Yy00Y2RhLWI1MzgtMWRkZWU4NTVjZGY4
LzEvZHFJai11dE1YZDk1blR5aXFXREFiQjF0SFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVOuzcdl7
klAKeNc4+GGoFw95JohQWnlE5BEBDfaRSgBNI0lF4daqyJJ3wOKiWm7yEx57cSP4
pX0esaL23J2Kiu1Fv9AUQL4K9byOZbMXn58gAI3UWNEZMMsP/qTDr8cI+VAN4dZA
x2/UucJXiB56Wx0JUR10zVsJSDvOQEEpvhF09K7nH+YN5hVeHzPABJaQMbc98h4s
myyV0p60FNTxFGROp6DER2s3PzoHo4dH1vdyhfBIq2GZi0Gqfib8kN6mPmmCfKKv
6A6dm02V5Ns6FtB399uzqpDYf0x4XpyoFSnlni3dd0BnJ5HPC/S4ktzJrPxTZk9W
7fH4ZdJvMEfBZg==
-----END CERTIFICATE-----