Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
File:                     JQou0RQnyhZIM4Ur1JydtT1j5js.mft (raw, json)
Hash identifier:          ClHP8b5vrNtP2pIb7rpAp3xgfcPCgbaugCGwSLW+/Cc=
Subject key identifier:   FE:60:11:F8:B8:54:AC:88:9B:3E:A1:03:7E:BC:D6:87:5B:2A:EA:16
Authority key identifier: 25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B
Certificate issuer:       /CN=250a2ed11427ca164833852bd49c9db53d63e63b
Certificate serial:       019D3789BE42921825BE2E0BB4BA96B50282
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
Manifest number:          042B
Signing time:             Sun 29 Mar 2026 03:01:07 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:07 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:07 +0000
Files and hashes:         1: JQou0RQnyhZIM4Ur1JydtT1j5js.crl (hash: fRu3gvh68yZ5On8BvS9bOGtkd6SYxasgbt2ZUfVFf3s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:be:42:92:18:25:be:2e:0b:b4:ba:96:b5:02:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=250a2ed11427ca164833852bd49c9db53d63e63b
        Validity
            Not Before: Mar 29 03:01:07 2026 GMT
            Not After : Mar 30 03:01:07 2026 GMT
        Subject: CN=fe6011f8b854ac889b3ea1037ebcd6875b2aea16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2c:c4:db:77:82:89:5d:cd:6d:d7:7a:2c:41:
                    8a:93:f6:8f:63:f8:0b:c6:96:50:b8:74:d0:d0:81:
                    1f:83:38:51:8e:03:a2:70:9d:34:53:f7:9e:94:52:
                    a8:df:8b:fe:7a:38:6b:d3:4e:3d:d5:09:2d:eb:67:
                    3b:ab:a7:22:82:20:77:08:5f:3c:63:90:11:9f:96:
                    91:4f:c0:25:ab:63:7f:06:f2:72:a1:cd:bf:77:c5:
                    9d:b6:91:64:d7:88:f0:fe:79:72:d3:7d:c6:19:52:
                    1b:75:1f:be:18:a0:97:b7:c7:98:d0:e1:f8:89:3d:
                    5e:49:63:a4:ec:aa:62:bb:bc:e0:1f:f0:48:53:fc:
                    3f:24:a1:90:7a:01:b1:cb:a0:d5:76:e3:60:11:f9:
                    9e:8e:77:a1:9d:fb:69:6b:7d:d8:99:df:e7:19:3f:
                    53:a1:28:43:b5:ca:65:25:ae:f9:73:1d:fe:57:5f:
                    8f:a2:62:ec:1c:93:40:29:7d:a9:ff:f2:94:75:7b:
                    79:27:14:74:19:8b:21:d6:0a:ae:ad:1b:1d:f1:70:
                    2b:99:81:5d:38:bc:8d:e1:7a:5c:c9:ba:e9:26:cb:
                    48:e3:65:d3:0e:d3:a2:91:c7:b5:9e:c8:c0:eb:7a:
                    0b:ac:52:4c:fe:bc:89:39:dd:e7:b8:a7:db:63:c1:
                    80:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:60:11:F8:B8:54:AC:88:9B:3E:A1:03:7E:BC:D6:87:5B:2A:EA:16
            X509v3 Authority Key Identifier:
                keyid:25:0A:2E:D1:14:27:CA:16:48:33:85:2B:D4:9C:9D:B5:3D:63:E6:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQou0RQnyhZIM4Ur1JydtT1j5js.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/b439ef-2cc5-4a74-b1ea-55c65c415b36/1/JQou0RQnyhZIM4Ur1JydtT1j5js.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:3c:46:53:66:ab:ad:0d:75:f8:d1:d6:d8:ac:91:4f:06:a1:
         bf:02:88:8e:35:be:1b:38:8d:38:7a:90:33:f8:84:05:0f:98:
         62:32:4d:7e:35:c7:f4:2b:5d:bb:94:c7:61:bf:71:3c:3e:ad:
         85:06:3b:93:a7:d4:98:ec:a4:2c:5f:7a:fb:1e:41:1c:ef:31:
         e8:b0:b4:38:88:98:1e:cc:c4:a9:f7:33:b8:28:fd:36:45:ef:
         96:1d:b8:32:b9:1f:03:59:ea:fd:a1:c6:31:c2:16:eb:26:42:
         31:d4:ef:42:68:07:c8:fb:7f:20:33:76:a3:33:e4:93:f1:95:
         a6:81:ad:cb:7e:c4:b7:4f:ba:f0:30:8a:61:78:e9:a3:e1:05:
         16:fe:82:f9:12:95:7f:2b:25:d1:8d:8a:e4:7b:03:1f:08:b5:
         45:d3:b1:00:f9:ba:13:d1:30:ed:cf:a6:86:a1:04:89:8c:81:
         5f:34:e9:d1:e2:41:7a:9d:2b:0a:1a:46:d3:ae:54:a8:80:a9:
         eb:c3:a4:73:e9:90:c3:a4:8e:1a:16:d3:9e:3c:2b:13:b4:ed:
         c1:56:2b:07:a4:e3:36:97:52:8b:3a:6f:5e:30:0c:a8:15:1d:
         7f:2f:54:9c:43:b2:dd:68:40:9a:ca:34:04:f3:aa:0d:fc:0f:
         9d:1e:43:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03ib5Ckhglvi4LtLqWtQKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MGEyZWQxMTQyN2NhMTY0ODMzODUyYmQ0OWM5ZGI1M2Q2
M2U2M2IwHhcNMjYwMzI5MDMwMTA3WhcNMjYwMzMwMDMwMTA3WjAzMTEwLwYDVQQD
EyhmZTYwMTFmOGI4NTRhYzg4OWIzZWExMDM3ZWJjZDY4NzViMmFlYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyzE23eCiV3Nbdd6LEGKk/aPY/gL
xpZQuHTQ0IEfgzhRjgOicJ00U/eelFKo34v+ejhr00491Qkt62c7q6cigiB3CF88
Y5ARn5aRT8Alq2N/BvJyoc2/d8WdtpFk14jw/nly033GGVIbdR++GKCXt8eY0OH4
iT1eSWOk7Kpiu7zgH/BIU/w/JKGQegGxy6DVduNgEfmejnehnftpa33Ymd/nGT9T
oShDtcplJa75cx3+V1+PomLsHJNAKX2p//KUdXt5JxR0GYsh1gqurRsd8XArmYFd
OLyN4XpcybrpJstI42XTDtOikce1nsjA63oLrFJM/ryJOd3nuKfbY8GAyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5gEfi4VKyImz6hA3681odbKuoWMB8GA1UdIwQY
MBaAFCUKLtEUJ8oWSDOFK9ScnbU9Y+Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEt
NTVjNjVjNDE1YjM2LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iNDM5ZWYtMmNjNS00YTc0LWIxZWEtNTVjNjVjNDE1YjM2
LzEvSlFvdTBSUW55aFpJTTRVcjFKeWR0VDFqNWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGTxGU2ar
rQ11+NHW2KyRTwahvwKIjjW+GziNOHqQM/iEBQ+YYjJNfjXH9Ctdu5THYb9xPD6t
hQY7k6fUmOykLF96+x5BHO8x6LC0OIiYHszEqfczuCj9NkXvlh24MrkfA1nq/aHG
McIW6yZCMdTvQmgHyPt/IDN2ozPkk/GVpoGty37Et0+68DCKYXjpo+EFFv6C+RKV
fysl0Y2K5HsDHwi1RdOxAPm6E9Ew7c+mhqEEiYyBXzTp0eJBep0rChpG065UqICp
68Okc+mQw6SOGhbTnjwrE7TtwVYrB6TjNpdSizpvXjAMqBUdfy9UnEOy3WhAmso0
BPOqDfwPnR5D0g==
-----END CERTIFICATE-----