Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          iSNXD87N25JDG7W+fQxd0LoAbNrHfxGWVGgsjsYyMeA=
Subject key identifier:   98:A5:B8:24:69:00:5F:63:2D:15:E5:C2:39:71:19:45:9E:D3:13:93
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       019D2772763DA3D9DB0EF7DD2A1B71407AF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0DFD
Signing time:             Thu 26 Mar 2026 00:01:45 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:45 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:45 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: WAdT+PndYTnV6T3Ysj5UFbJrahi7jWfflWiodEEaGzY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:76:3d:a3:d9:db:0e:f7:dd:2a:1b:71:40:7a:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Mar 26 00:01:45 2026 GMT
            Not After : Mar 27 00:01:45 2026 GMT
        Subject: CN=98a5b82469005f632d15e5c2397119459ed31393
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:4d:6e:a2:0e:9c:ec:3e:5a:3d:c3:e1:2a:a8:
                    6d:15:36:6f:5c:0f:82:8b:e9:9d:12:f4:37:78:aa:
                    52:7d:0b:d0:39:84:27:b0:38:ad:17:34:7b:98:78:
                    8a:29:61:19:57:c3:b7:44:41:85:75:e8:92:eb:41:
                    28:01:0a:1a:5f:06:81:a1:76:3a:dd:7f:1c:6e:39:
                    1e:da:c0:9a:29:27:18:d8:25:4e:34:c4:d4:bd:56:
                    ca:3a:91:e9:01:a0:a7:20:cf:64:84:04:9e:4f:86:
                    da:39:70:88:5d:b8:4d:78:12:a7:b0:5f:38:87:f5:
                    83:13:6b:24:ed:45:05:cb:2d:47:01:84:36:e2:50:
                    52:4e:4d:e7:a3:3a:52:31:a6:fa:82:54:91:40:c4:
                    4b:3f:98:99:7d:fd:1d:7d:b3:00:42:52:91:b1:a7:
                    19:bc:b1:3a:d9:e9:5e:ef:04:7e:4e:e3:4f:3f:46:
                    45:9b:a4:5e:cc:5f:06:b4:d5:c3:e0:36:06:19:07:
                    78:e4:63:a5:b8:c8:b2:03:34:c9:e7:9f:41:cc:f5:
                    f3:fa:d2:5e:fe:77:7b:a2:e7:78:b5:f6:92:3b:e7:
                    72:aa:44:46:a7:91:dc:95:9e:e2:da:b9:31:dc:2a:
                    2a:96:5a:1b:4c:d7:cb:f3:78:3d:07:a4:2b:88:5e:
                    53:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:A5:B8:24:69:00:5F:63:2D:15:E5:C2:39:71:19:45:9E:D3:13:93
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:09:94:71:7c:31:80:06:fe:41:77:eb:b6:e4:34:60:58:5f:
         c1:5c:b0:eb:13:89:63:d5:21:75:56:6f:70:c7:5e:82:0b:a6:
         12:f5:b2:9c:45:2b:5b:17:c8:d4:90:2b:51:27:bd:bd:17:56:
         b4:42:33:73:42:91:2c:37:f0:59:12:02:33:b2:f3:b0:92:3f:
         1e:5b:cd:09:0e:ca:6e:e3:79:2d:8c:f0:c0:2a:bc:d9:84:c0:
         5a:97:7b:8e:2e:eb:53:e2:d0:14:9c:cb:83:bb:53:a1:6a:4b:
         9b:92:8d:d8:6d:37:13:69:4d:d5:cf:9f:9b:e0:cc:08:0d:fc:
         9f:ab:f8:8a:40:04:68:64:6e:80:1a:38:99:11:87:e2:b5:fe:
         49:aa:d5:fc:c4:a5:fc:fc:11:11:65:8d:c5:6e:66:43:67:4f:
         34:be:a0:97:e2:a5:21:3e:86:1d:dd:6e:84:e4:1d:e7:35:0e:
         4b:8a:36:d2:2e:78:c8:00:42:0c:9f:02:e2:8b:cc:f2:8e:50:
         34:97:5b:c0:4d:c8:2c:bc:13:31:c7:d0:28:b2:32:34:1b:c7:
         ad:2d:86:9a:61:74:bd:2f:75:e3:05:5f:7c:f7:44:b0:3f:d0:
         b8:a0:2a:77:70:1d:1e:8f:3d:99:0a:f6:71:44:7a:81:68:75:
         7e:4c:74:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncnY9o9nbDvfdKhtxQHr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjYwMzI2MDAwMTQ1WhcNMjYwMzI3MDAwMTQ1WjAzMTEwLwYDVQQD
Eyg5OGE1YjgyNDY5MDA1ZjYzMmQxNWU1YzIzOTcxMTk0NTllZDMxMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp01uog6c7D5aPcPhKqhtFTZvXA+C
i+mdEvQ3eKpSfQvQOYQnsDitFzR7mHiKKWEZV8O3REGFdeiS60EoAQoaXwaBoXY6
3X8cbjke2sCaKScY2CVONMTUvVbKOpHpAaCnIM9khASeT4baOXCIXbhNeBKnsF84
h/WDE2sk7UUFyy1HAYQ24lBSTk3nozpSMab6glSRQMRLP5iZff0dfbMAQlKRsacZ
vLE62ele7wR+TuNPP0ZFm6RezF8GtNXD4DYGGQd45GOluMiyAzTJ559BzPXz+tJe
/nd7oud4tfaSO+dyqkRGp5HclZ7i2rkx3CoqllobTNfL83g9B6QriF5TAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJiluCRpAF9jLRXlwjlxGUWe0xOTMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASAmUcXwx
gAb+QXfrtuQ0YFhfwVyw6xOJY9UhdVZvcMdeggumEvWynEUrWxfI1JArUSe9vRdW
tEIzc0KRLDfwWRICM7LzsJI/HlvNCQ7KbuN5LYzwwCq82YTAWpd7ji7rU+LQFJzL
g7tToWpLm5KN2G03E2lN1c+fm+DMCA38n6v4ikAEaGRugBo4mRGH4rX+SarV/MSl
/PwREWWNxW5mQ2dPNL6gl+KlIT6GHd1uhOQd5zUOS4o20i54yABCDJ8C4ovM8o5Q
NJdbwE3ILLwTMcfQKLIyNBvHrS2GmmF0vS914wVffPdEsD/QuKAqd3AdHo89mQr2
cUR6gWh1fkx0rQ==
-----END CERTIFICATE-----