Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
File:                     Ou5vE-TaDy5DIqGnWqfn189xekI.mft (raw, json)
Hash identifier:          cZRIMOaaMMoB4UadEgQLV+m/4yVpyuTEEj84Y2yPLLc=
Subject key identifier:   43:AF:5D:1D:B6:B3:01:31:DD:46:5A:CA:B7:CD:EF:81:4C:98:61:69
Authority key identifier: 3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42
Certificate issuer:       /CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
Certificate serial:       019D2AE135E679285C80B9141102AC7E5690
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
Manifest number:          1886
Signing time:             Thu 26 Mar 2026 16:01:35 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:35 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:35 +0000
Files and hashes:         1: Ou5vE-TaDy5DIqGnWqfn189xekI.crl (hash: ZcdJkDo7WtPEKMG2CMv8msUYnwz2CCC/Cn9lxqvSWqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e1:35:e6:79:28:5c:80:b9:14:11:02:ac:7e:56:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aee6f13e4da0f2e4322a1a75aa7e7d7cf717a42
        Validity
            Not Before: Mar 26 16:01:35 2026 GMT
            Not After : Mar 27 16:01:35 2026 GMT
        Subject: CN=43af5d1db6b30131dd465acab7cdef814c986169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7c:93:ea:3e:f7:95:67:d5:26:42:53:ac:f8:
                    56:ff:17:4a:a9:d7:23:ca:c2:48:fb:0c:e8:5f:4a:
                    f1:90:2b:d3:31:2a:9a:71:1f:c7:a4:01:f6:d0:8c:
                    3f:37:a9:6e:fb:ea:3f:54:fb:a6:44:f4:53:33:bb:
                    14:4b:24:b4:08:39:56:13:84:22:24:f3:f4:ef:c5:
                    61:bd:2d:a1:91:51:39:fe:b8:8c:fb:25:a1:d9:b8:
                    79:bc:78:00:92:e9:68:c9:ff:4c:3d:60:14:65:e4:
                    34:7a:db:13:57:e4:b3:63:4e:2f:13:d2:c1:b6:bc:
                    d7:44:96:16:d3:ce:80:86:50:9d:a1:9b:50:c1:08:
                    0b:ff:37:89:e1:39:53:9a:63:73:ac:38:f8:a5:a9:
                    4f:04:22:49:e9:73:f6:f2:f8:05:71:93:1e:5d:81:
                    a5:46:c8:1f:af:38:d2:64:83:a0:68:7e:90:1f:c6:
                    2c:ea:fa:1e:3a:7c:5a:04:2c:7d:2a:c4:71:42:b7:
                    41:ae:14:75:f7:06:3b:54:03:ff:c9:83:9c:8a:09:
                    c0:68:07:5f:12:a2:25:18:ea:40:9a:ed:b1:6b:1f:
                    04:f8:e5:db:1c:8f:f9:9b:dc:95:3a:20:86:67:5d:
                    6d:42:c3:b7:b2:d9:b1:cf:15:64:26:07:ef:6a:4a:
                    60:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:AF:5D:1D:B6:B3:01:31:DD:46:5A:CA:B7:CD:EF:81:4C:98:61:69
            X509v3 Authority Key Identifier:
                keyid:3A:EE:6F:13:E4:DA:0F:2E:43:22:A1:A7:5A:A7:E7:D7:CF:71:7A:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou5vE-TaDy5DIqGnWqfn189xekI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/ba0b0e-7cea-4b9a-9b6d-0c0292167f95/1/Ou5vE-TaDy5DIqGnWqfn189xekI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:28:2f:c0:85:dd:fa:83:ab:4f:00:d5:ad:29:fd:16:57:20:
         6f:4f:44:23:6f:af:71:4f:e0:e4:90:a9:2c:01:b3:83:ac:24:
         c2:fe:7a:b6:34:92:01:bb:af:b9:68:75:56:d1:c3:5b:bb:d0:
         2b:dd:aa:ff:86:71:08:e6:0e:03:99:53:56:c4:08:e5:63:2d:
         27:e5:75:5f:b0:ef:9a:dc:90:3f:dc:bc:67:04:9e:01:21:ea:
         9b:86:8d:4d:d0:4e:ec:43:2d:dd:2b:60:a3:d5:ff:ee:af:d3:
         6b:2e:c2:bb:25:ec:09:cd:03:b8:a9:80:1b:40:4b:38:b5:aa:
         00:28:3a:9f:05:98:34:69:75:5b:e8:f5:78:95:e8:51:15:74:
         b2:4e:bc:9f:48:7e:12:85:34:88:7a:3e:f4:73:d9:a9:2a:a6:
         d0:2f:4b:a9:d3:9f:b9:f3:cf:80:e2:e3:a7:30:6e:52:de:19:
         23:16:3a:d0:0a:e4:8d:3c:7d:86:b8:32:f4:90:d9:b1:8f:2b:
         8e:3e:73:ae:0e:2e:70:e1:78:4f:f9:ae:cc:fb:d6:f3:46:af:
         f2:74:3d:df:1e:a3:4d:b5:fd:ac:1a:55:15:8c:1d:f1:5c:17:
         c7:78:56:b6:c5:66:e6:0d:1f:28:ef:22:e7:ba:4f:b1:57:30:
         e0:d4:8b:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4TXmeShcgLkUEQKsflaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWU2ZjEzZTRkYTBmMmU0MzIyYTFhNzVhYTdlN2Q3Y2Y3
MTdhNDIwHhcNMjYwMzI2MTYwMTM1WhcNMjYwMzI3MTYwMTM1WjAzMTEwLwYDVQQD
Eyg0M2FmNWQxZGI2YjMwMTMxZGQ0NjVhY2FiN2NkZWY4MTRjOTg2MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHyT6j73lWfVJkJTrPhW/xdKqdcj
ysJI+wzoX0rxkCvTMSqacR/HpAH20Iw/N6lu++o/VPumRPRTM7sUSyS0CDlWE4Qi
JPP078VhvS2hkVE5/riM+yWh2bh5vHgAkuloyf9MPWAUZeQ0etsTV+SzY04vE9LB
trzXRJYW086AhlCdoZtQwQgL/zeJ4TlTmmNzrDj4palPBCJJ6XP28vgFcZMeXYGl
RsgfrzjSZIOgaH6QH8Ys6voeOnxaBCx9KsRxQrdBrhR19wY7VAP/yYOcignAaAdf
EqIlGOpAmu2xax8E+OXbHI/5m9yVOiCGZ11tQsO3stmxzxVkJgfvakpgKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEOvXR22swEx3UZayrfN74FMmGFpMB8GA1UdIwQY
MBaAFDrubxPk2g8uQyKhp1qn59fPcXpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQt
MGMwMjkyMTY3Zjk1LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iYTBiMGUtN2NlYS00YjlhLTliNmQtMGMwMjkyMTY3Zjk1
LzEvT3U1dkUtVGFEeTVESXFHbldxZm4xODl4ZWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuCgvwIXd
+oOrTwDVrSn9Flcgb09EI2+vcU/g5JCpLAGzg6wkwv56tjSSAbuvuWh1VtHDW7vQ
K92q/4ZxCOYOA5lTVsQI5WMtJ+V1X7DvmtyQP9y8ZwSeASHqm4aNTdBO7EMt3Stg
o9X/7q/Tay7CuyXsCc0DuKmAG0BLOLWqACg6nwWYNGl1W+j1eJXoURV0sk68n0h+
EoU0iHo+9HPZqSqm0C9LqdOfufPPgOLjpzBuUt4ZIxY60ArkjTx9hrgy9JDZsY8r
jj5zrg4ucOF4T/muzPvW80av8nQ93x6jTbX9rBpVFYwd8VwXx3hWtsVm5g0fKO8i
57pPsVcw4NSLcQ==
-----END CERTIFICATE-----