Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          GnXhggSOZDF0VTo5HN1QWtIRdjlNIIWHBSqj5+3MEgQ=
Subject key identifier:   34:15:97:9C:A4:D8:FF:25:B5:FD:4D:C2:79:F5:63:D2:58:5F:22:06
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       019D37C120D3FE3EFA026279A496AB4FFA7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          07AE
Signing time:             Sun 29 Mar 2026 04:01:36 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:36 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:36 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: HFuoYm+yYWixAk6V3Smxlr99OFcdTgY4LuuxAO3sVWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:20:d3:fe:3e:fa:02:62:79:a4:96:ab:4f:fa:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Mar 29 04:01:36 2026 GMT
            Not After : Mar 30 04:01:36 2026 GMT
        Subject: CN=3415979ca4d8ff25b5fd4dc279f563d2585f2206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:54:15:8d:12:2e:83:c8:dd:61:83:d6:42:96:
                    b5:cf:35:79:95:32:e8:2b:77:80:11:41:5a:8d:bb:
                    63:e1:88:7b:b7:83:af:1c:45:a2:30:49:66:10:c5:
                    f8:71:6d:97:6d:62:02:17:e2:9a:ed:19:70:c3:98:
                    a2:0a:e8:f4:33:fe:da:10:dc:a5:23:ae:16:90:fe:
                    5b:48:7d:d5:5d:3f:a4:29:b5:f6:a4:db:b5:e4:29:
                    bb:6c:07:c1:66:e9:f0:54:de:ad:81:f9:5e:dd:bd:
                    1b:23:ec:10:9a:76:07:80:f3:8c:9e:23:bc:2c:90:
                    af:4b:9d:5f:7b:d7:ac:a8:ce:ae:3b:77:3b:17:43:
                    33:72:7a:7f:5b:f1:20:2d:ed:df:eb:11:df:9a:35:
                    85:13:47:14:46:cb:95:cd:19:06:3a:1a:2a:59:8a:
                    64:63:7b:36:78:1d:00:e4:1a:cf:24:fc:c9:e8:d5:
                    87:94:40:5f:da:cc:7c:84:ff:15:59:e0:5e:33:42:
                    7c:25:4c:31:b9:4e:20:cd:8f:9f:6e:85:b3:51:aa:
                    f5:73:74:70:7f:fe:27:33:28:f4:36:18:05:b9:b5:
                    48:d8:b6:d1:ba:4d:4f:de:bb:3f:d6:21:20:cf:37:
                    72:a6:eb:b1:e4:a6:8b:6b:d5:2b:9c:89:83:2c:aa:
                    7e:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:15:97:9C:A4:D8:FF:25:B5:FD:4D:C2:79:F5:63:D2:58:5F:22:06
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:db:66:70:49:ef:e8:e4:9b:73:1e:de:e2:bf:67:3e:85:0b:
         46:df:74:62:81:41:7b:ca:8b:1f:ac:03:23:c0:e3:c1:dc:b4:
         83:d2:e0:f9:f7:d3:ce:31:26:26:99:bf:44:33:17:6d:47:fc:
         51:6e:3e:e2:de:08:e3:a7:e8:f8:9b:3a:67:90:59:9a:83:e2:
         fa:ad:8f:f1:e5:87:64:05:32:73:f6:02:e1:59:47:39:31:d3:
         30:0a:9a:5c:e0:ba:d0:02:a8:b2:f9:15:a2:12:61:5d:c4:7f:
         51:ce:5b:2e:56:a5:0d:1e:85:93:25:d6:3a:a7:35:fd:71:dd:
         3e:f1:da:bc:bb:51:73:1d:d3:8b:25:76:f0:97:d6:2b:dd:2f:
         9f:f4:6b:ce:6d:a9:eb:f0:bf:7c:51:ab:ea:0b:f2:3f:d1:08:
         c9:69:59:10:ee:d0:0a:b6:7e:16:37:d2:82:f4:a6:4d:b6:f0:
         b9:a3:c2:52:75:b7:b6:39:99:34:da:8b:45:dc:de:87:3b:a1:
         01:25:57:8c:8e:1e:eb:11:15:2f:6c:ac:a9:5e:c5:67:04:88:
         65:86:67:4c:8b:e7:86:92:de:8a:08:cc:d4:a5:64:b1:18:52:
         d2:85:a6:0a:d2:75:67:c8:93:af:d7:e3:39:41:72:15:03:74:
         b9:4d:f3:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wSDT/j76AmJ5pJarT/p6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjYwMzI5MDQwMTM2WhcNMjYwMzMwMDQwMTM2WjAzMTEwLwYDVQQD
EygzNDE1OTc5Y2E0ZDhmZjI1YjVmZDRkYzI3OWY1NjNkMjU4NWYyMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolQVjRIug8jdYYPWQpa1zzV5lTLo
K3eAEUFajbtj4Yh7t4OvHEWiMElmEMX4cW2XbWICF+Ka7Rlww5iiCuj0M/7aENyl
I64WkP5bSH3VXT+kKbX2pNu15Cm7bAfBZunwVN6tgfle3b0bI+wQmnYHgPOMniO8
LJCvS51fe9esqM6uO3c7F0Mzcnp/W/EgLe3f6xHfmjWFE0cURsuVzRkGOhoqWYpk
Y3s2eB0A5BrPJPzJ6NWHlEBf2sx8hP8VWeBeM0J8JUwxuU4gzY+fboWzUar1c3Rw
f/4nMyj0NhgFubVI2LbRuk1P3rs/1iEgzzdypuux5KaLa9UrnImDLKp+BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQVl5yk2P8ltf1Nwnn1Y9JYXyIGMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuNtmcEnv
6OSbcx7e4r9nPoULRt90YoFBe8qLH6wDI8Djwdy0g9Lg+ffTzjEmJpm/RDMXbUf8
UW4+4t4I46fo+Js6Z5BZmoPi+q2P8eWHZAUyc/YC4VlHOTHTMAqaXOC60AKosvkV
ohJhXcR/Uc5bLlalDR6FkyXWOqc1/XHdPvHavLtRcx3TiyV28JfWK90vn/Rrzm2p
6/C/fFGr6gvyP9EIyWlZEO7QCrZ+FjfSgvSmTbbwuaPCUnW3tjmZNNqLRdzehzuh
ASVXjI4e6xEVL2ysqV7FZwSIZYZnTIvnhpLeigjM1KVksRhS0oWmCtJ1Z8iTr9fj
OUFyFQN0uU3zQQ==
-----END CERTIFICATE-----