Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
File:                     0wUa-GYelCUtF1k103l-nsos2Aw.mft (raw, json)
Hash identifier:          zrX2yVd0npbhXoFPFGufW5ZvDhq0MYnCgVEb/9PlkDM=
Subject key identifier:   5B:EB:62:1D:E5:C7:84:02:A6:46:02:EA:EA:EB:A7:49:73:0B:D5:21
Authority key identifier: D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C
Certificate issuer:       /CN=d3051af8661e94252d175935d3797e9eca2cd80c
Certificate serial:       019D2771E62BD02ACA42976690BA02C70439
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
Manifest number:          11EE
Signing time:             Thu 26 Mar 2026 00:01:09 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:09 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:09 +0000
Files and hashes:         1: 0wUa-GYelCUtF1k103l-nsos2Aw.crl (hash: 0TRHqiRr46Xt5tfzaaIRYI90pBV4RsVDzfIPh4LKloE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:e6:2b:d0:2a:ca:42:97:66:90:ba:02:c7:04:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3051af8661e94252d175935d3797e9eca2cd80c
        Validity
            Not Before: Mar 26 00:01:09 2026 GMT
            Not After : Mar 27 00:01:09 2026 GMT
        Subject: CN=5beb621de5c78402a64602eaeaeba749730bd521
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:64:e5:27:97:e7:3e:33:e2:28:67:35:7d:c8:
                    ff:25:d0:91:0c:fa:25:70:e3:14:94:3c:7b:89:ba:
                    98:af:19:7f:bc:41:1a:41:cc:33:ca:28:07:bf:a0:
                    fb:9a:23:c8:47:14:15:64:7e:11:ae:1e:d5:42:c9:
                    3f:62:88:11:e6:72:64:71:14:7b:c4:a3:e7:04:42:
                    74:95:73:f9:4d:1a:90:05:8f:1b:09:f5:74:9a:4b:
                    89:41:96:30:5a:51:e9:62:b7:44:b0:1f:99:90:65:
                    aa:c3:ed:34:4e:91:a5:70:50:9a:fe:75:59:ec:da:
                    51:8a:c3:ae:1c:6a:ce:d2:05:01:3e:d8:71:5a:5c:
                    1b:a9:0c:3c:e1:ee:b9:19:f3:39:c0:76:eb:e9:80:
                    b4:0c:cd:b5:ec:76:03:34:e3:ad:19:37:a1:55:68:
                    a7:9e:48:f1:3b:12:88:03:b0:39:0b:bc:33:16:fd:
                    29:8d:5b:6b:0b:7c:3a:36:39:ba:b0:f1:bb:87:dd:
                    f2:2f:1d:d9:cf:26:e4:12:85:4a:c6:41:af:7a:66:
                    a2:e9:8a:c1:92:93:52:07:88:44:e7:1d:33:02:94:
                    e8:7c:16:ed:aa:2f:d6:48:67:d0:41:a9:74:c4:ff:
                    e9:dc:b6:af:ee:82:90:6c:bb:ab:b5:64:b6:6f:bd:
                    e5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:EB:62:1D:E5:C7:84:02:A6:46:02:EA:EA:EB:A7:49:73:0B:D5:21
            X509v3 Authority Key Identifier:
                keyid:D3:05:1A:F8:66:1E:94:25:2D:17:59:35:D3:79:7E:9E:CA:2C:D8:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wUa-GYelCUtF1k103l-nsos2Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/7672e2-1c7f-4d2e-8961-c26c3e23baf6/1/0wUa-GYelCUtF1k103l-nsos2Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e9:38:df:20:ce:b8:30:65:98:30:85:46:ab:ed:43:ae:9d:96:
         c9:49:a0:46:96:52:05:da:22:cd:1a:9c:5b:42:2b:53:14:20:
         8d:04:40:e9:e0:2a:40:f1:14:b1:dc:45:22:c3:d9:59:0b:23:
         bc:54:35:fc:46:af:dc:d9:e5:13:78:bd:d8:db:83:66:5f:15:
         00:0a:29:15:40:01:60:46:7b:44:27:fe:7e:7a:64:27:c2:4f:
         79:8e:0a:ce:78:e6:53:92:fa:d4:70:09:cb:c5:b3:83:af:d8:
         fa:ab:7e:44:32:61:43:cf:c7:25:a2:52:12:3c:a4:26:7c:cd:
         c3:0b:eb:b2:58:71:6e:31:4f:f4:34:7c:9f:08:07:12:f9:17:
         93:39:16:39:fa:f0:86:62:fb:7f:de:72:63:1c:07:a8:50:80:
         a6:b8:19:d1:a2:4d:90:68:72:e8:73:3e:c8:22:b5:5f:d4:4c:
         2c:aa:58:cb:a2:7b:70:2b:11:f0:2e:b6:bb:de:1a:ff:c0:21:
         44:00:99:f1:ad:58:1d:65:5f:20:61:9a:1b:52:a6:34:6d:c3:
         67:1f:34:07:07:37:43:33:ff:43:b2:38:b4:93:cf:d1:c4:a2:
         9d:e6:df:4d:c0:46:5b:7a:98:52:46:f7:2e:1c:6f:b2:e2:f9:
         f9:c3:14:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nceYr0CrKQpdmkLoCxwQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDUxYWY4NjYxZTk0MjUyZDE3NTkzNWQzNzk3ZTllY2Ey
Y2Q4MGMwHhcNMjYwMzI2MDAwMTA5WhcNMjYwMzI3MDAwMTA5WjAzMTEwLwYDVQQD
Eyg1YmViNjIxZGU1Yzc4NDAyYTY0NjAyZWFlYWViYTc0OTczMGJkNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2TlJ5fnPjPiKGc1fcj/JdCRDPol
cOMUlDx7ibqYrxl/vEEaQcwzyigHv6D7miPIRxQVZH4Rrh7VQsk/YogR5nJkcRR7
xKPnBEJ0lXP5TRqQBY8bCfV0mkuJQZYwWlHpYrdEsB+ZkGWqw+00TpGlcFCa/nVZ
7NpRisOuHGrO0gUBPthxWlwbqQw84e65GfM5wHbr6YC0DM217HYDNOOtGTehVWin
nkjxOxKIA7A5C7wzFv0pjVtrC3w6Njm6sPG7h93yLx3ZzybkEoVKxkGvemai6YrB
kpNSB4hE5x0zApTofBbtqi/WSGfQQal0xP/p3Lav7oKQbLurtWS2b73lkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFvrYh3lx4QCpkYC6urrp0lzC9UhMB8GA1UdIwQY
MBaAFNMFGvhmHpQlLRdZNdN5fp7KLNgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEt
YzI2YzNlMjNiYWY2LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi83NjcyZTItMWM3Zi00ZDJlLTg5NjEtYzI2YzNlMjNiYWY2
LzEvMHdVYS1HWWVsQ1V0RjFrMTAzbC1uc29zMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA6TjfIM64
MGWYMIVGq+1Drp2WyUmgRpZSBdoizRqcW0IrUxQgjQRA6eAqQPEUsdxFIsPZWQsj
vFQ1/Eav3NnlE3i92NuDZl8VAAopFUABYEZ7RCf+fnpkJ8JPeY4KznjmU5L61HAJ
y8Wzg6/Y+qt+RDJhQ8/HJaJSEjykJnzNwwvrslhxbjFP9DR8nwgHEvkXkzkWOfrw
hmL7f95yYxwHqFCAprgZ0aJNkGhy6HM+yCK1X9RMLKpYy6J7cCsR8C62u94a/8Ah
RACZ8a1YHWVfIGGaG1KmNG3DZx80Bwc3QzP/Q7I4tJPP0cSinebfTcBGW3qYUkb3
LhxvsuL5+cMU5w==
-----END CERTIFICATE-----