Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
File:                     249r9UNKqjLT5fETsAxbsUAvZ_Y.mft (raw, json)
Hash identifier:          FMaTtNrbwD5lZujEYLd/vd5PL/oHVRHTvxtHLW67ZJQ=
Subject key identifier:   AF:F3:48:89:9B:C7:55:E3:D7:8E:32:D5:AD:72:32:5D:2A:33:E1:98
Authority key identifier: DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6
Certificate issuer:       /CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
Certificate serial:       019D265EE2FD51CA5FABD38BF58F63CC8265
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
Manifest number:          097A
Signing time:             Wed 25 Mar 2026 19:00:45 +0000
Manifest this update:     Wed 25 Mar 2026 19:00:45 +0000
Manifest next update:     Thu 26 Mar 2026 19:00:45 +0000
Files and hashes:         1: 249r9UNKqjLT5fETsAxbsUAvZ_Y.crl (hash: 2Sce5sbQiENp7oIC+XO5S/iUdt5xuj38lGyotR2wzIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5e:e2:fd:51:ca:5f:ab:d3:8b:f5:8f:63:cc:82:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db8f6bf5434aaa32d3e5f113b00c5bb1402f67f6
        Validity
            Not Before: Mar 25 19:00:45 2026 GMT
            Not After : Mar 26 19:00:45 2026 GMT
        Subject: CN=aff348899bc755e3d78e32d5ad72325d2a33e198
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:3c:c7:83:67:de:71:b1:06:ff:c3:60:3e:f5:
                    24:82:86:b1:56:64:8a:49:72:99:86:a4:14:28:4a:
                    6a:c8:97:03:8a:12:c6:50:69:ea:a6:6a:5c:3f:7e:
                    9a:c5:d9:da:9c:48:ae:4c:c0:1f:3b:05:3b:6d:85:
                    e8:51:17:b6:10:ee:62:39:74:11:02:9e:64:75:04:
                    53:b2:ed:cd:5f:73:ba:c0:75:0c:1d:4b:79:31:d8:
                    df:87:2c:dc:02:34:2c:9e:c5:4c:0a:6f:26:ee:e7:
                    81:ef:3c:b3:57:96:e9:9c:4d:9d:eb:4f:40:4a:0d:
                    ca:cd:91:56:07:6b:fa:dd:55:03:f3:88:ee:a9:ac:
                    15:f6:d8:e5:e6:5d:1a:ee:63:b1:d5:2b:15:8d:34:
                    9e:f5:11:f7:d1:c3:66:e0:91:28:a3:f5:d5:72:16:
                    7d:46:e9:d9:4f:b3:5c:96:aa:69:3b:3b:54:a6:95:
                    dc:4d:ed:a7:c1:fb:4c:6e:2a:59:1c:9e:5d:5e:10:
                    e0:10:1e:87:e1:6b:12:f4:0a:b8:5c:20:ca:f7:c7:
                    34:76:64:ee:05:4d:d2:1c:41:e3:ac:19:89:a0:12:
                    06:f9:10:dd:ae:b4:0b:c8:1a:18:8d:86:d5:df:a0:
                    0a:94:19:b9:c1:c4:ff:60:68:2e:c6:52:9a:9d:c8:
                    47:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F3:48:89:9B:C7:55:E3:D7:8E:32:D5:AD:72:32:5D:2A:33:E1:98
            X509v3 Authority Key Identifier:
                keyid:DB:8F:6B:F5:43:4A:AA:32:D3:E5:F1:13:B0:0C:5B:B1:40:2F:67:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/249r9UNKqjLT5fETsAxbsUAvZ_Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/9f3394-6b7b-4ca0-9e21-d9796794c61c/1/249r9UNKqjLT5fETsAxbsUAvZ_Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:c0:29:06:84:11:ca:65:31:d0:55:c2:e8:d8:ec:11:20:4b:
         54:1e:c9:c9:e4:61:fa:78:c1:5b:82:49:c6:55:07:8f:57:fe:
         6f:bf:8d:a5:2b:35:1f:29:ad:63:49:cb:52:50:51:c2:a1:c3:
         97:c6:de:61:d2:a9:79:1b:1f:ae:24:06:bd:b6:0f:93:ff:d0:
         2f:30:47:1b:35:00:d3:a6:12:43:81:f9:33:80:58:ff:63:b6:
         f7:fb:2c:22:2e:27:b1:e0:c2:ac:5e:de:9c:b1:5c:9d:ce:25:
         9d:e7:9d:44:c4:23:bc:aa:57:a4:0b:03:e1:59:4a:8e:76:0f:
         c9:8e:80:9f:81:d1:18:12:d2:f4:ea:2f:3c:c4:d5:4c:b0:aa:
         ce:df:a0:28:43:ed:27:fd:d5:81:0d:b9:f7:c4:71:e8:a0:00:
         07:3d:1a:38:ce:a6:4f:f8:88:6a:8b:dd:2d:d4:7b:19:56:a9:
         03:ec:0e:5d:67:b6:52:78:8d:d5:ba:e1:1a:79:ef:c1:e8:53:
         b9:e8:f4:85:8b:b5:65:f3:68:3e:7c:79:f0:2a:01:1e:26:12:
         b0:5b:a2:ff:3d:f6:89:f2:64:fe:83:74:57:c5:a2:6f:75:6a:
         09:d5:49:7e:9a:f7:d5:95:0b:2b:d6:48:89:d1:d5:1d:7d:c8:
         8d:98:b3:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mXuL9Ucpfq9OL9Y9jzIJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOGY2YmY1NDM0YWFhMzJkM2U1ZjExM2IwMGM1YmIxNDAy
ZjY3ZjYwHhcNMjYwMzI1MTkwMDQ1WhcNMjYwMzI2MTkwMDQ1WjAzMTEwLwYDVQQD
EyhhZmYzNDg4OTliYzc1NWUzZDc4ZTMyZDVhZDcyMzI1ZDJhMzNlMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzzHg2fecbEG/8NgPvUkgoaxVmSK
SXKZhqQUKEpqyJcDihLGUGnqpmpcP36axdnanEiuTMAfOwU7bYXoURe2EO5iOXQR
Ap5kdQRTsu3NX3O6wHUMHUt5MdjfhyzcAjQsnsVMCm8m7ueB7zyzV5bpnE2d609A
Sg3KzZFWB2v63VUD84juqawV9tjl5l0a7mOx1SsVjTSe9RH30cNm4JEoo/XVchZ9
RunZT7NclqppOztUppXcTe2nwftMbipZHJ5dXhDgEB6H4WsS9Aq4XCDK98c0dmTu
BU3SHEHjrBmJoBIG+RDdrrQLyBoYjYbV36AKlBm5wcT/YGguxlKanchHdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK/zSImbx1Xj144y1a1yMl0qM+GYMB8GA1UdIwQY
MBaAFNuPa/VDSqoy0+XxE7AMW7FAL2f2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEt
ZDk3OTY3OTRjNjFjLzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85ZjMzOTQtNmI3Yi00Y2EwLTllMjEtZDk3OTY3OTRjNjFj
LzEvMjQ5cjlVTktxakxUNWZFVHNBeGJzVUF2Wl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARsApBoQR
ymUx0FXC6NjsESBLVB7JyeRh+njBW4JJxlUHj1f+b7+NpSs1HymtY0nLUlBRwqHD
l8beYdKpeRsfriQGvbYPk//QLzBHGzUA06YSQ4H5M4BY/2O29/ssIi4nseDCrF7e
nLFcnc4lneedRMQjvKpXpAsD4VlKjnYPyY6An4HRGBLS9OovPMTVTLCqzt+gKEPt
J/3VgQ2598Rx6KAABz0aOM6mT/iIaovdLdR7GVapA+wOXWe2UniN1brhGnnvwehT
uej0hYu1ZfNoPnx58CoBHiYSsFui/z32ifJk/oN0V8Wib3VqCdVJfpr31ZULK9ZI
idHVHX3IjZizxw==
-----END CERTIFICATE-----