Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
File:                     8QMX8k1xpRbXUEO-kPWr4_ocklk.mft (raw, json)
Hash identifier:          wX4LtdmWhHxVFpzFVMrI905T8JWPJo6NS/eSBBJZJ68=
Subject key identifier:   D0:9E:8B:13:BF:5D:8E:A3:28:3B:12:22:D3:E0:08:67:1D:CA:13:93
Authority key identifier: F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59
Certificate issuer:       /CN=f10317f24d71a516d75043be90f5abe3fa1c9259
Certificate serial:       019D277264471D24B96822F1F146AF5F785E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
Manifest number:          143A
Signing time:             Thu 26 Mar 2026 00:01:41 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:41 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:41 +0000
Files and hashes:         1: 8QMX8k1xpRbXUEO-kPWr4_ocklk.crl (hash: tBMLn0DvfoWUhs4rNK34XXxXqTf1EZbPWzlnw0jzJhE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:64:47:1d:24:b9:68:22:f1:f1:46:af:5f:78:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f10317f24d71a516d75043be90f5abe3fa1c9259
        Validity
            Not Before: Mar 26 00:01:41 2026 GMT
            Not After : Mar 27 00:01:41 2026 GMT
        Subject: CN=d09e8b13bf5d8ea3283b1222d3e008671dca1393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:5e:32:6d:fb:6e:2a:1a:a0:19:ea:22:96:0c:
                    9c:7e:34:38:11:09:e3:9f:ae:00:d1:59:2a:bf:69:
                    b7:d5:10:6b:7b:e0:06:75:c7:cf:b9:64:51:1b:d6:
                    6b:70:43:70:5a:1d:7b:a7:ae:92:af:09:26:b3:99:
                    7d:07:46:54:9e:5e:7b:dd:cf:69:ac:f4:18:de:4f:
                    51:b5:f8:8f:46:36:73:86:fa:60:d3:5f:33:9d:8c:
                    97:b3:2b:8f:08:f6:46:c2:a8:a3:0c:cc:da:8a:df:
                    8e:df:d8:a3:ea:30:fa:b3:fe:81:01:46:aa:ac:20:
                    0c:10:55:ed:e9:c3:0a:50:c3:94:e8:f9:a3:a1:24:
                    c6:00:30:ba:86:23:df:d1:5e:f9:fb:0a:d0:f5:ec:
                    d2:ae:db:1a:99:7a:9e:77:a9:19:49:bb:7e:97:af:
                    0c:b7:ac:ac:d8:a0:24:a6:0b:9a:44:f6:61:b7:d9:
                    0f:64:19:a6:09:6f:3b:12:ed:80:1f:af:42:e1:5d:
                    4f:f8:c6:1e:84:c0:0e:86:59:76:26:c8:75:1e:7e:
                    9d:69:7f:14:6f:49:60:36:c5:07:ec:52:df:cb:b3:
                    08:34:c8:90:da:f4:d2:ab:e4:42:cb:7c:d6:7f:fd:
                    21:b9:b5:b1:ce:16:d3:fd:46:16:b0:18:d4:f9:ae:
                    02:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:9E:8B:13:BF:5D:8E:A3:28:3B:12:22:D3:E0:08:67:1D:CA:13:93
            X509v3 Authority Key Identifier:
                keyid:F1:03:17:F2:4D:71:A5:16:D7:50:43:BE:90:F5:AB:E3:FA:1C:92:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8QMX8k1xpRbXUEO-kPWr4_ocklk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/135a03-e11a-470a-846c-66d49df53ef1/1/8QMX8k1xpRbXUEO-kPWr4_ocklk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:2d:2e:58:f3:85:62:a7:ac:48:ea:51:dc:e4:72:05:6c:d5:
         19:2d:97:10:6d:39:d8:7e:27:bf:7f:50:a5:18:c2:d1:1a:16:
         19:e3:4f:2c:57:e2:de:92:ee:1f:84:b1:3a:9c:08:11:7b:58:
         6e:82:88:8b:62:dd:e6:c2:64:ae:1d:81:77:5a:bf:8b:f6:63:
         3c:54:a7:ad:ac:61:4d:f8:f4:60:ec:f7:c2:db:a2:9c:d7:ae:
         75:7e:cb:6f:4b:0d:2e:b9:85:41:46:14:64:e8:f1:e3:84:eb:
         29:db:8f:29:57:be:82:bb:e8:6f:f3:4b:6d:c6:6e:88:ce:5a:
         95:5d:fe:15:bd:87:00:5d:c4:2f:05:08:de:73:51:31:0a:42:
         79:69:17:ad:72:4c:a3:14:1e:6f:8b:51:38:c0:2c:e7:c1:c6:
         2d:db:46:f5:c9:c0:5b:c8:45:73:0f:1d:62:c3:6f:3e:96:ba:
         83:30:73:b1:d4:c6:26:0f:a0:e8:0c:6f:69:f9:82:68:43:66:
         d4:1d:48:09:1f:57:00:fa:65:f3:da:13:9c:16:5c:ba:ef:56:
         0d:c0:4c:75:0c:de:dc:dc:34:ab:51:d0:44:b1:05:33:ed:76:
         6f:02:2a:ee:d7:d3:f1:5d:45:82:6d:7d:b5:3b:dd:b5:ef:06:
         3c:7d:dc:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncmRHHSS5aCLx8UavX3heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMDMxN2YyNGQ3MWE1MTZkNzUwNDNiZTkwZjVhYmUzZmEx
YzkyNTkwHhcNMjYwMzI2MDAwMTQxWhcNMjYwMzI3MDAwMTQxWjAzMTEwLwYDVQQD
EyhkMDllOGIxM2JmNWQ4ZWEzMjgzYjEyMjJkM2UwMDg2NzFkY2ExMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV4ybftuKhqgGeoilgycfjQ4EQnj
n64A0Vkqv2m31RBre+AGdcfPuWRRG9ZrcENwWh17p66Srwkms5l9B0ZUnl573c9p
rPQY3k9RtfiPRjZzhvpg018znYyXsyuPCPZGwqijDMzait+O39ij6jD6s/6BAUaq
rCAMEFXt6cMKUMOU6PmjoSTGADC6hiPf0V75+wrQ9ezSrtsamXqed6kZSbt+l68M
t6ys2KAkpguaRPZht9kPZBmmCW87Eu2AH69C4V1P+MYehMAOhll2Jsh1Hn6daX8U
b0lgNsUH7FLfy7MINMiQ2vTSq+RCy3zWf/0hubWxzhbT/UYWsBjU+a4C8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCeixO/XY6jKDsSItPgCGcdyhOTMB8GA1UdIwQY
MBaAFPEDF/JNcaUW11BDvpD1q+P6HJJZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMt
NjZkNDlkZjUzZWYxLzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xMzVhMDMtZTExYS00NzBhLTg0NmMtNjZkNDlkZjUzZWYx
LzEvOFFNWDhrMXhwUmJYVUVPLWtQV3I0X29ja2xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAi0uWPOF
YqesSOpR3ORyBWzVGS2XEG052H4nv39QpRjC0RoWGeNPLFfi3pLuH4SxOpwIEXtY
boKIi2Ld5sJkrh2Bd1q/i/ZjPFSnraxhTfj0YOz3wtuinNeudX7Lb0sNLrmFQUYU
ZOjx44TrKduPKVe+grvob/NLbcZuiM5alV3+Fb2HAF3ELwUI3nNRMQpCeWkXrXJM
oxQeb4tROMAs58HGLdtG9cnAW8hFcw8dYsNvPpa6gzBzsdTGJg+g6AxvafmCaENm
1B1ICR9XAPpl89oTnBZcuu9WDcBMdQze3Nw0q1HQRLEFM+12bwIq7tfT8V1Fgm19
tTvdte8GPH3csA==
-----END CERTIFICATE-----