Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
File:                     8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft (raw, json)
Hash identifier:          By0bTiM+PuyiuEqmZuTCOzeW5UVIzZ0AA1s5lTXWZRQ=
Subject key identifier:   39:C8:71:CC:1C:C2:D3:B1:FC:98:A8:99:56:75:6E:61:A0:68:09:25
Authority key identifier: F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80
Certificate issuer:       /CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
Certificate serial:       019D296091BC84314561C0FF350101199334
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
Manifest number:          0D67
Signing time:             Thu 26 Mar 2026 09:01:27 +0000
Manifest this update:     Thu 26 Mar 2026 09:01:27 +0000
Manifest next update:     Fri 27 Mar 2026 09:01:27 +0000
Files and hashes:         1: 8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl (hash: eXTCmBOMu6/cpNn+11dhBXdEUyEdLRw1v0MBWh5LWtA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:60:91:bc:84:31:45:61:c0:ff:35:01:01:19:93:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f03774a276214b86e0a5b4fa7721bdb0e322e080
        Validity
            Not Before: Mar 26 09:01:27 2026 GMT
            Not After : Mar 27 09:01:27 2026 GMT
        Subject: CN=39c871cc1cc2d3b1fc98a89956756e61a0680925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:2c:2b:1a:43:6f:b0:cd:fa:fd:47:74:6f:b6:
                    e6:08:55:61:35:7e:0c:6f:5b:7d:df:3f:44:f6:a2:
                    c5:cd:2d:6b:60:21:50:3f:d9:3f:68:49:2e:63:98:
                    05:69:c9:e5:81:be:ce:e3:88:cf:48:68:3a:98:55:
                    d2:9d:fb:3a:3d:53:75:3a:72:2b:84:b0:ab:72:68:
                    2c:d2:dd:91:c1:5a:85:87:f5:4e:2d:5b:ab:cb:e2:
                    a8:c4:6b:2e:fe:1e:cb:5b:cf:63:ad:44:36:c4:58:
                    d5:62:54:00:79:4b:fd:76:9d:15:5f:05:91:81:78:
                    b1:c9:ed:95:42:75:79:ca:53:75:64:20:44:09:7a:
                    5b:0f:31:4d:72:86:c9:9d:94:f7:39:4f:cd:b6:9d:
                    a7:c9:0c:6c:64:a7:2d:a6:d1:1a:0a:f7:9e:ec:b9:
                    ae:ff:5e:71:46:94:ad:fc:b0:fc:29:0d:b4:21:45:
                    3d:fe:51:4b:c3:2e:36:7e:ee:f7:c5:33:21:22:e3:
                    77:a1:77:6e:49:6f:54:35:08:97:9a:dd:08:39:de:
                    59:5f:6c:c0:04:e5:53:39:e2:96:63:7e:79:a5:38:
                    45:fc:63:5e:3b:44:bc:bb:07:58:eb:21:19:02:bb:
                    5b:ac:c9:bb:f9:c6:db:dd:7d:d1:39:ad:59:cb:3c:
                    2f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:C8:71:CC:1C:C2:D3:B1:FC:98:A8:99:56:75:6E:61:A0:68:09:25
            X509v3 Authority Key Identifier:
                keyid:F0:37:74:A2:76:21:4B:86:E0:A5:B4:FA:77:21:BD:B0:E3:22:E0:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Dd0onYhS4bgpbT6dyG9sOMi4IA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/1ed883-376a-45f9-8884-b8162260124f/1/8Dd0onYhS4bgpbT6dyG9sOMi4IA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:f5:5f:10:a9:44:bc:41:ec:78:95:bb:42:d1:a4:51:8f:f7:
         8e:a6:76:c2:69:f9:67:70:07:f6:d1:5d:6b:98:e3:d7:17:44:
         c9:55:67:90:b0:b7:26:9b:38:2d:c1:04:7c:ce:19:f1:9a:d7:
         18:d8:3f:67:aa:de:82:3c:09:dd:5d:00:e4:5f:c1:4d:fe:53:
         fe:ed:36:2a:28:5d:2a:82:1e:c0:8e:5a:2c:2a:73:44:1a:99:
         3d:4a:0a:0d:1b:e3:34:d8:cb:fb:9f:c0:28:c1:ec:c1:3c:0d:
         c7:e3:1b:8e:35:71:8e:1a:f3:0e:f8:aa:96:21:14:13:21:0c:
         65:fb:f9:2d:04:dc:a1:64:6a:bf:a6:5a:a8:76:af:26:50:44:
         63:db:74:1c:e7:00:2e:6e:f2:15:35:3c:ae:11:e5:2c:5c:ae:
         f8:fe:99:3e:00:70:34:02:67:f1:b9:60:87:75:f1:f6:d2:57:
         39:5f:ec:ee:38:63:d6:dd:e7:ac:3e:47:19:2b:ae:6c:cf:0a:
         6e:d4:e0:0d:82:52:b6:b9:65:e1:8e:1e:4c:d4:a7:33:9f:00:
         fa:2d:3d:02:3c:f3:9e:f9:58:05:fd:8b:ad:77:f6:ae:ce:ed:
         96:d2:9d:f0:f4:22:63:21:a6:72:b5:bd:86:4c:53:20:9e:03:
         6d:e5:7c:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYJG8hDFFYcD/NQEBGZM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzc3NGEyNzYyMTRiODZlMGE1YjRmYTc3MjFiZGIwZTMy
MmUwODAwHhcNMjYwMzI2MDkwMTI3WhcNMjYwMzI3MDkwMTI3WjAzMTEwLwYDVQQD
EygzOWM4NzFjYzFjYzJkM2IxZmM5OGE4OTk1Njc1NmU2MWEwNjgwOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iwrGkNvsM36/Ud0b7bmCFVhNX4M
b1t93z9E9qLFzS1rYCFQP9k/aEkuY5gFacnlgb7O44jPSGg6mFXSnfs6PVN1OnIr
hLCrcmgs0t2RwVqFh/VOLVury+KoxGsu/h7LW89jrUQ2xFjVYlQAeUv9dp0VXwWR
gXixye2VQnV5ylN1ZCBECXpbDzFNcobJnZT3OU/Ntp2nyQxsZKctptEaCvee7Lmu
/15xRpSt/LD8KQ20IUU9/lFLwy42fu73xTMhIuN3oXduSW9UNQiXmt0IOd5ZX2zA
BOVTOeKWY355pThF/GNeO0S8uwdY6yEZArtbrMm7+cbb3X3ROa1ZyzwvZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDnIccwcwtOx/JiomVZ1bmGgaAklMB8GA1UdIwQY
MBaAFPA3dKJ2IUuG4KW0+nchvbDjIuCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQt
YjgxNjIyNjAxMjRmLzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xZWQ4ODMtMzc2YS00NWY5LTg4ODQtYjgxNjIyNjAxMjRm
LzEvOERkMG9uWWhTNGJncGJUNmR5RzlzT01pNElBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfVfEKlE
vEHseJW7QtGkUY/3jqZ2wmn5Z3AH9tFda5jj1xdEyVVnkLC3Jps4LcEEfM4Z8ZrX
GNg/Z6regjwJ3V0A5F/BTf5T/u02KihdKoIewI5aLCpzRBqZPUoKDRvjNNjL+5/A
KMHswTwNx+MbjjVxjhrzDviqliEUEyEMZfv5LQTcoWRqv6ZaqHavJlBEY9t0HOcA
Lm7yFTU8rhHlLFyu+P6ZPgBwNAJn8blgh3Xx9tJXOV/s7jhj1t3nrD5HGSuubM8K
btTgDYJStrll4Y4eTNSnM58A+i09AjzznvlYBf2LrXf2rs7tltKd8PQiYyGmcrW9
hkxTIJ4DbeV8MQ==
-----END CERTIFICATE-----