Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
File:                     oJD-k_R_g4ea4suDVIjNn31pm8A.mft (raw, json)
Hash identifier:          gCI1G/2MD1npU98lPSlF6zKEYJ88OZEslrmoxybCrG0=
Subject key identifier:   AC:8D:E6:16:5F:AE:14:C3:80:5E:7D:28:A4:AF:92:B8:DC:F8:D2:BD
Authority key identifier: A0:90:FE:93:F4:7F:83:87:9A:E2:CB:83:54:88:CD:9F:7D:69:9B:C0
Certificate issuer:       /CN=a090fe93f47f83879ae2cb835488cd9f7d699bc0
Certificate serial:       019D38665D46A1E0A8D3CD9E8035B694026D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
Manifest number:          188D
Signing time:             Sun 29 Mar 2026 07:02:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:05 +0000
Files and hashes:         1: oJD-k_R_g4ea4suDVIjNn31pm8A.crl (hash: MEUOAywccUH5ZWBbLveiIqrCof4EyIaNuX7BxHTy01E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:5d:46:a1:e0:a8:d3:cd:9e:80:35:b6:94:02:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a090fe93f47f83879ae2cb835488cd9f7d699bc0
        Validity
            Not Before: Mar 29 07:02:05 2026 GMT
            Not After : Mar 30 07:02:05 2026 GMT
        Subject: CN=ac8de6165fae14c3805e7d28a4af92b8dcf8d2bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:67:01:90:48:fb:54:bd:36:fb:ed:41:31:2d:
                    00:34:55:b9:63:a4:cb:2e:6f:01:51:54:98:33:f4:
                    f8:5d:b2:38:78:96:c2:02:b9:ab:8e:46:21:03:7b:
                    51:a6:b9:7d:c7:dc:64:84:86:d6:ed:a6:92:85:bc:
                    5a:f7:77:cf:cb:11:d3:af:3d:ea:8a:5a:41:c7:7b:
                    88:6c:73:1b:5a:87:76:c0:fa:dd:0a:2d:37:8e:03:
                    55:da:50:f9:18:0e:33:56:0a:66:06:8e:a7:6c:92:
                    56:24:b3:e5:3d:10:ca:95:55:77:ca:50:32:9e:78:
                    0b:4b:b9:1f:9f:94:4e:ba:b9:e3:fd:f4:1c:77:8f:
                    84:ff:05:4b:85:e2:fe:1a:e7:9a:5d:80:c0:0e:09:
                    62:21:93:76:dc:00:d0:0a:36:e9:8f:61:d4:f7:1b:
                    93:b2:5b:ee:7f:6a:3e:08:8b:d4:07:1d:1a:3f:f4:
                    01:d4:87:18:97:a2:2f:6f:1c:f7:48:6a:40:15:2c:
                    9c:a6:39:a9:0c:d8:97:6a:cf:c7:80:4d:c4:a3:ae:
                    4f:f4:71:b2:9e:d1:e4:65:69:8b:9c:0e:93:48:93:
                    d5:a9:e4:d1:74:82:c5:be:e9:92:aa:3a:3d:9a:62:
                    96:94:77:f6:24:aa:c7:73:80:c8:77:c7:e7:8a:f2:
                    f1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:8D:E6:16:5F:AE:14:C3:80:5E:7D:28:A4:AF:92:B8:DC:F8:D2:BD
            X509v3 Authority Key Identifier:
                keyid:A0:90:FE:93:F4:7F:83:87:9A:E2:CB:83:54:88:CD:9F:7D:69:9B:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJD-k_R_g4ea4suDVIjNn31pm8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/abbcc9-f832-4b5b-bc22-25781e116782/1/oJD-k_R_g4ea4suDVIjNn31pm8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:2b:76:a2:e8:71:aa:57:71:99:04:fe:17:da:ba:71:3d:f6:
         f6:3c:65:6a:0b:3d:21:ba:b3:6d:e1:09:96:0a:66:ff:0b:50:
         e7:db:36:5f:bd:1f:c7:2d:4e:8a:6b:a0:f1:34:9b:92:f5:56:
         c6:4d:74:77:2f:3f:03:f1:24:b9:59:2f:ef:94:60:3d:85:4e:
         11:76:bd:e4:1a:03:b4:ad:df:1d:f3:72:b2:46:39:32:ad:ac:
         ff:3c:2a:3c:3c:f4:25:80:6f:3d:82:98:c8:e6:96:8d:10:84:
         01:6f:9b:58:bf:5d:8e:f7:78:51:f1:75:9f:e1:38:4b:f1:30:
         37:18:9c:cc:76:f7:9b:2e:6f:9d:b4:c4:5c:e7:1f:1a:6a:f3:
         c0:96:e9:d2:93:a9:6e:73:10:15:09:8e:6a:54:e8:29:04:a4:
         f4:5a:5d:aa:11:e9:ee:89:d0:85:20:4b:7a:5e:ed:4e:51:02:
         47:24:aa:4e:bc:f5:6f:18:ff:0f:5d:26:30:83:ea:b4:32:aa:
         0f:2f:5c:0a:ef:b2:d5:b5:da:3c:ba:76:ce:c0:50:a2:c7:bd:
         ed:fe:17:e5:b1:cd:04:ca:cd:58:1e:6d:6d:11:60:25:96:2c:
         28:e1:85:11:3b:61:ee:b2:d2:0c:11:c9:74:66:25:d6:e2:3f:
         4d:c9:b5:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zl1GoeCo082egDW2lAJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOTBmZTkzZjQ3ZjgzODc5YWUyY2I4MzU0ODhjZDlmN2Q2
OTliYzAwHhcNMjYwMzI5MDcwMjA1WhcNMjYwMzMwMDcwMjA1WjAzMTEwLwYDVQQD
EyhhYzhkZTYxNjVmYWUxNGMzODA1ZTdkMjhhNGFmOTJiOGRjZjhkMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92cBkEj7VL02++1BMS0ANFW5Y6TL
Lm8BUVSYM/T4XbI4eJbCArmrjkYhA3tRprl9x9xkhIbW7aaShbxa93fPyxHTrz3q
ilpBx3uIbHMbWod2wPrdCi03jgNV2lD5GA4zVgpmBo6nbJJWJLPlPRDKlVV3ylAy
nngLS7kfn5ROurnj/fQcd4+E/wVLheL+GueaXYDADgliIZN23ADQCjbpj2HU9xuT
slvuf2o+CIvUBx0aP/QB1IcYl6Ivbxz3SGpAFSycpjmpDNiXas/HgE3Eo65P9HGy
ntHkZWmLnA6TSJPVqeTRdILFvumSqjo9mmKWlHf2JKrHc4DId8fnivLx0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyN5hZfrhTDgF59KKSvkrjc+NK9MB8GA1UdIwQY
MBaAFKCQ/pP0f4OHmuLLg1SIzZ99aZvAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYmJjYzktZjgzMi00YjViLWJjMjIt
MjU3ODFlMTE2NzgyLzEvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hYmJjYzktZjgzMi00YjViLWJjMjItMjU3ODFlMTE2Nzgy
LzEvb0pELWtfUl9nNGVhNHN1RFZJak5uMzFwbThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAit2ouhx
qldxmQT+F9q6cT329jxlags9IbqzbeEJlgpm/wtQ59s2X70fxy1Oimug8TSbkvVW
xk10dy8/A/EkuVkv75RgPYVOEXa95BoDtK3fHfNyskY5Mq2s/zwqPDz0JYBvPYKY
yOaWjRCEAW+bWL9djvd4UfF1n+E4S/EwNxiczHb3my5vnbTEXOcfGmrzwJbp0pOp
bnMQFQmOalToKQSk9FpdqhHp7onQhSBLel7tTlECRySqTrz1bxj/D10mMIPqtDKq
Dy9cCu+y1bXaPLp2zsBQose97f4X5bHNBMrNWB5tbRFgJZYsKOGFETth7rLSDBHJ
dGYl1uI/Tcm1rg==
-----END CERTIFICATE-----