Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
File:                     EST0oQ141Lq7esUlnCG3Pv5XetA.mft (raw, json)
Hash identifier:          jEF3Kw8Gzd3EsDQ30tpyVahZykz8tx5NuEPnRJRggRA=
Subject key identifier:   AC:99:2E:C5:04:20:C0:FB:1C:32:20:F2:60:57:76:DC:2A:4E:28:F4
Authority key identifier: 11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0
Certificate issuer:       /CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
Certificate serial:       019D2816EAED3D7D027E9E47E54B1258A249
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
Manifest number:          0545
Signing time:             Thu 26 Mar 2026 03:01:23 +0000
Manifest this update:     Thu 26 Mar 2026 03:01:23 +0000
Manifest next update:     Fri 27 Mar 2026 03:01:23 +0000
Files and hashes:         1: EST0oQ141Lq7esUlnCG3Pv5XetA.crl (hash: gVrD4jH2OGXQ4F4/sQtWzgoj5QQ596kxHj5mVmD0Wg0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:16:ea:ed:3d:7d:02:7e:9e:47:e5:4b:12:58:a2:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1124f4a10d78d4babb7ac5259c21b73efe577ad0
        Validity
            Not Before: Mar 26 03:01:23 2026 GMT
            Not After : Mar 27 03:01:23 2026 GMT
        Subject: CN=ac992ec50420c0fb1c3220f2605776dc2a4e28f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:ca:56:7c:72:05:dc:d4:54:ab:49:ee:39:1c:
                    3d:a6:44:ea:46:be:21:2b:30:b6:ca:80:e9:5e:7e:
                    13:3a:ce:1d:a0:01:aa:71:06:be:f6:37:33:c2:ff:
                    bb:ae:7d:fb:e9:4d:de:6f:9f:17:6b:2d:94:6e:6c:
                    b9:85:d3:5d:ab:c1:f6:ea:7f:6e:45:ed:ee:04:88:
                    c2:6d:52:3a:39:0f:ee:49:a3:b5:0c:fb:ba:46:26:
                    94:c0:8d:1c:40:85:2e:09:fa:62:f2:9f:a6:dd:c7:
                    6f:ca:a3:36:41:98:be:74:b7:65:86:29:05:72:b7:
                    df:b9:19:6d:32:82:7b:8a:1c:86:39:7d:d4:2e:31:
                    cf:d9:a8:b0:42:7b:94:d8:e7:64:3b:fc:10:c0:da:
                    be:02:4c:7a:0a:fc:02:da:c0:a4:eb:9c:c2:88:51:
                    15:2f:3f:94:75:40:13:67:07:1e:87:a3:9f:21:5f:
                    f2:16:3c:e8:25:02:66:a3:08:a3:c0:64:8e:18:02:
                    0e:fb:d2:ef:ee:97:33:fc:6c:5f:78:cb:8f:72:f3:
                    8b:4e:35:5f:1a:fe:94:df:b0:73:a8:cf:21:e9:11:
                    86:90:ec:3f:d5:c3:f5:55:3a:7a:49:fc:ac:18:79:
                    61:9c:0b:54:94:a6:6a:bb:1d:69:af:52:49:33:6f:
                    00:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:99:2E:C5:04:20:C0:FB:1C:32:20:F2:60:57:76:DC:2A:4E:28:F4
            X509v3 Authority Key Identifier:
                keyid:11:24:F4:A1:0D:78:D4:BA:BB:7A:C5:25:9C:21:B7:3E:FE:57:7A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EST0oQ141Lq7esUlnCG3Pv5XetA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be46d4-1172-4b4b-b9f8-3dc306cea591/1/EST0oQ141Lq7esUlnCG3Pv5XetA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:95:b9:45:9f:d7:43:62:90:22:00:be:df:c8:a3:08:d3:c1:
         34:e5:59:f5:d3:f3:c2:f9:49:8b:5c:9f:b0:18:42:6f:8b:c1:
         75:cf:31:7e:8d:cf:ba:c6:d4:8d:91:b4:79:e4:93:d0:60:b4:
         6e:82:82:46:99:c2:df:a0:ce:5a:c4:03:86:c3:bc:d6:3c:ef:
         6f:1c:4f:8d:95:09:f9:44:59:48:bd:b1:27:ab:af:51:16:d7:
         36:a7:0b:59:78:da:04:b9:9c:cc:47:b1:c7:be:7d:b9:6d:8f:
         46:9f:46:8e:fa:42:64:25:18:1f:9a:93:3c:50:49:a9:56:5a:
         b8:65:34:0c:44:96:6c:af:92:80:f3:8a:85:9e:a0:e2:fe:85:
         37:00:61:a4:90:1a:c6:63:3f:db:9b:45:c1:3e:81:4c:e7:68:
         1e:d5:d1:50:34:68:c2:10:98:cb:97:b0:b2:6d:4c:e3:12:a4:
         cd:70:17:fd:58:87:dd:2e:0c:b2:74:2f:54:ac:f3:4d:33:48:
         4f:1d:5e:b6:43:90:5c:f1:cc:be:07:46:62:93:17:82:a8:18:
         c1:15:68:a3:37:fc:d8:b6:06:78:5c:af:d4:7f:ce:f7:a0:02:
         49:8c:70:72:08:d1:ae:eb:23:5d:40:9e:e4:4e:bf:cd:a1:40:
         2a:6b:80:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oFurtPX0Cfp5H5UsSWKJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjRmNGExMGQ3OGQ0YmFiYjdhYzUyNTljMjFiNzNlZmU1
NzdhZDAwHhcNMjYwMzI2MDMwMTIzWhcNMjYwMzI3MDMwMTIzWjAzMTEwLwYDVQQD
EyhhYzk5MmVjNTA0MjBjMGZiMWMzMjIwZjI2MDU3NzZkYzJhNGUyOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncpWfHIF3NRUq0nuORw9pkTqRr4h
KzC2yoDpXn4TOs4doAGqcQa+9jczwv+7rn376U3eb58Xay2Ubmy5hdNdq8H26n9u
Re3uBIjCbVI6OQ/uSaO1DPu6RiaUwI0cQIUuCfpi8p+m3cdvyqM2QZi+dLdlhikF
crffuRltMoJ7ihyGOX3ULjHP2aiwQnuU2OdkO/wQwNq+Akx6CvwC2sCk65zCiFEV
Lz+UdUATZwceh6OfIV/yFjzoJQJmowijwGSOGAIO+9Lv7pcz/GxfeMuPcvOLTjVf
Gv6U37BzqM8h6RGGkOw/1cP1VTp6SfysGHlhnAtUlKZqux1pr1JJM28AjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyZLsUEIMD7HDIg8mBXdtwqTij0MB8GA1UdIwQY
MBaAFBEk9KENeNS6u3rFJZwhtz7+V3rQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5Zjgt
M2RjMzA2Y2VhNTkxLzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZTQ2ZDQtMTE3Mi00YjRiLWI5ZjgtM2RjMzA2Y2VhNTkx
LzEvRVNUMG9RMTQxTHE3ZXNVbG5DRzNQdjVYZXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZW5RZ/X
Q2KQIgC+38ijCNPBNOVZ9dPzwvlJi1yfsBhCb4vBdc8xfo3PusbUjZG0eeST0GC0
boKCRpnC36DOWsQDhsO81jzvbxxPjZUJ+URZSL2xJ6uvURbXNqcLWXjaBLmczEex
x759uW2PRp9GjvpCZCUYH5qTPFBJqVZauGU0DESWbK+SgPOKhZ6g4v6FNwBhpJAa
xmM/25tFwT6BTOdoHtXRUDRowhCYy5ewsm1M4xKkzXAX/ViH3S4MsnQvVKzzTTNI
Tx1etkOQXPHMvgdGYpMXgqgYwRVoozf82LYGeFyv1H/O96ACSYxwcgjRrusjXUCe
5E6/zaFAKmuApQ==
-----END CERTIFICATE-----