Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
File:                     2ma78NRZYjYmqZu-JCXgIHIJC08.mft (raw, json)
Hash identifier:          ly2EIu+4FMztA/O1zi9US6FyzmdM1jUdhyregLrChgU=
Subject key identifier:   F5:5B:DE:B2:47:F8:F7:EB:28:51:6D:3C:D0:69:7D:3D:C8:58:99:65
Authority key identifier: DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F
Certificate issuer:       /CN=da66bbf0d459623626a99bbe2425e02072090b4f
Certificate serial:       019D28F2182E51DE0F09FD37CED6C51E5FE1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
Manifest number:          033B
Signing time:             Thu 26 Mar 2026 07:00:47 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:47 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:47 +0000
Files and hashes:         1: 2ma78NRZYjYmqZu-JCXgIHIJC08.crl (hash: kGSGzRPs1h1pNQ7vsqZm11UoUP0gLW6j5OgR1QfSrD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:18:2e:51:de:0f:09:fd:37:ce:d6:c5:1e:5f:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da66bbf0d459623626a99bbe2425e02072090b4f
        Validity
            Not Before: Mar 26 07:00:47 2026 GMT
            Not After : Mar 27 07:00:47 2026 GMT
        Subject: CN=f55bdeb247f8f7eb28516d3cd0697d3dc8589965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b9:fe:1e:19:99:66:17:a2:bc:21:2a:a7:09:
                    da:af:33:fe:04:34:54:fc:c4:8e:9c:92:66:e9:b2:
                    4b:b2:18:30:f6:13:46:df:61:9f:3b:57:26:84:80:
                    7a:f1:7e:0b:7e:9d:d7:48:3f:4e:bf:1e:05:d7:6c:
                    25:a1:18:8a:85:50:f5:06:a3:3a:47:41:81:2b:7e:
                    66:8c:8b:da:b0:ec:48:da:a3:dd:1e:f6:b8:fe:02:
                    ba:76:e7:10:fe:e1:47:4e:85:2e:02:d4:b4:3d:a8:
                    ec:29:2f:2b:dd:c6:f8:13:16:a9:54:00:27:d7:22:
                    23:98:ea:50:93:4d:1f:18:7d:37:86:b1:8a:cc:03:
                    79:f1:1b:74:83:71:9f:0c:08:58:92:c3:0f:c9:36:
                    30:20:61:87:e0:9b:92:d2:f0:78:f3:e6:13:9d:3f:
                    c4:30:c9:41:4f:e6:4f:2f:e6:93:c0:7d:ff:36:42:
                    5c:30:cb:53:af:3d:bb:f5:00:57:a5:99:f7:e9:fd:
                    e4:89:e7:43:1b:00:e7:95:5e:58:06:4a:0e:4e:70:
                    de:29:4a:34:24:61:49:c4:b3:3e:4f:b3:1d:44:dd:
                    17:de:51:97:5c:33:0f:94:d5:fb:9e:56:0a:e3:d2:
                    6f:ec:d7:b2:5f:93:a9:3d:de:e2:fe:c3:78:a4:fe:
                    96:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:5B:DE:B2:47:F8:F7:EB:28:51:6D:3C:D0:69:7D:3D:C8:58:99:65
            X509v3 Authority Key Identifier:
                keyid:DA:66:BB:F0:D4:59:62:36:26:A9:9B:BE:24:25:E0:20:72:09:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ma78NRZYjYmqZu-JCXgIHIJC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f509b5-2a01-456d-b410-5a471edb8018/1/2ma78NRZYjYmqZu-JCXgIHIJC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:40:4b:ab:11:6b:74:9c:c5:95:3c:0c:57:3d:3c:e0:9e:75:
         0b:eb:f8:76:bd:48:99:7d:98:60:ce:b7:5a:0f:a4:d2:97:d1:
         01:77:c9:ff:45:53:f5:bc:b1:10:d0:71:17:e1:58:e5:ce:ce:
         25:36:46:a4:01:9e:6c:dd:6e:05:aa:ee:36:62:e9:42:a9:1e:
         94:ce:9c:b3:02:e7:1f:e1:9f:49:ed:27:91:34:e0:5d:26:c3:
         49:f7:db:67:1b:6e:97:6a:e6:b7:23:d8:8f:f0:09:ef:21:e5:
         3c:c9:c6:71:8a:11:d0:e2:28:79:a6:ec:17:b4:ce:73:78:c3:
         51:db:c8:be:44:78:ef:a9:79:ca:33:05:43:03:d3:fe:2e:31:
         19:3d:9a:25:e8:16:86:07:d3:16:3a:36:2a:89:d1:44:57:20:
         36:47:de:e8:bc:69:89:5e:5d:38:0a:51:32:63:5e:17:a8:23:
         86:1d:89:f2:59:97:9f:95:82:54:14:f6:6b:7f:8a:34:d1:da:
         c8:5b:fd:95:e8:a1:60:d9:55:81:19:2e:bd:b9:df:59:ac:eb:
         e8:15:0a:11:e4:d3:82:38:8a:26:82:1e:fe:82:24:a9:c8:68:
         5b:a8:0d:63:56:19:b7:cb:63:c8:a9:fd:fc:b3:c5:75:bf:6d:
         5b:23:c1:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8hguUd4PCf03ztbFHl/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjZiYmYwZDQ1OTYyMzYyNmE5OWJiZTI0MjVlMDIwNzIw
OTBiNGYwHhcNMjYwMzI2MDcwMDQ3WhcNMjYwMzI3MDcwMDQ3WjAzMTEwLwYDVQQD
EyhmNTViZGViMjQ3ZjhmN2ViMjg1MTZkM2NkMDY5N2QzZGM4NTg5OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLn+HhmZZheivCEqpwnarzP+BDRU
/MSOnJJm6bJLshgw9hNG32GfO1cmhIB68X4Lfp3XSD9Ovx4F12wloRiKhVD1BqM6
R0GBK35mjIvasOxI2qPdHva4/gK6ducQ/uFHToUuAtS0PajsKS8r3cb4ExapVAAn
1yIjmOpQk00fGH03hrGKzAN58Rt0g3GfDAhYksMPyTYwIGGH4JuS0vB48+YTnT/E
MMlBT+ZPL+aTwH3/NkJcMMtTrz279QBXpZn36f3kiedDGwDnlV5YBkoOTnDeKUo0
JGFJxLM+T7MdRN0X3lGXXDMPlNX7nlYK49Jv7NeyX5OpPd7i/sN4pP6WEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPVb3rJH+PfrKFFtPNBpfT3IWJllMB8GA1UdIwQY
MBaAFNpmu/DUWWI2JqmbviQl4CByCQtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAt
NWE0NzFlZGI4MDE4LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mNTA5YjUtMmEwMS00NTZkLWI0MTAtNWE0NzFlZGI4MDE4
LzEvMm1hNzhOUlpZalltcVp1LUpDWGdJSElKQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0BLqxFr
dJzFlTwMVz084J51C+v4dr1ImX2YYM63Wg+k0pfRAXfJ/0VT9byxENBxF+FY5c7O
JTZGpAGebN1uBaruNmLpQqkelM6cswLnH+GfSe0nkTTgXSbDSffbZxtul2rmtyPY
j/AJ7yHlPMnGcYoR0OIoeabsF7TOc3jDUdvIvkR476l5yjMFQwPT/i4xGT2aJegW
hgfTFjo2KonRRFcgNkfe6LxpiV5dOApRMmNeF6gjhh2J8lmXn5WCVBT2a3+KNNHa
yFv9leihYNlVgRkuvbnfWazr6BUKEeTTgjiKJoIe/oIkqchoW6gNY1YZt8tjyKn9
/LPFdb9tWyPBGA==
-----END CERTIFICATE-----