Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          0k5QJbtqDXV1epi6OHhtsAPCtWUgwGCrxZ/N3awKcT4=
Subject key identifier:   88:2B:7B:A8:C1:60:18:54:18:57:F5:CF:3D:89:C5:10:30:B2:8C:B0
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       019D27A9200B1DDD3D41BF552FDD9C917FD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          0CE6
Signing time:             Thu 26 Mar 2026 01:01:28 +0000
Manifest this update:     Thu 26 Mar 2026 01:01:28 +0000
Manifest next update:     Fri 27 Mar 2026 01:01:28 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: QRd5BlF3hCVgpySO29Mo8MP2g8a8caImF6KMz1TYetI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a9:20:0b:1d:dd:3d:41:bf:55:2f:dd:9c:91:7f:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: Mar 26 01:01:28 2026 GMT
            Not After : Mar 27 01:01:28 2026 GMT
        Subject: CN=882b7ba8c16018541857f5cf3d89c51030b28cb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:36:62:29:86:9f:d2:48:ac:e8:73:f7:1c:22:
                    83:40:57:1a:06:fa:5d:bc:2a:fc:8e:3b:86:3c:39:
                    91:54:ee:30:47:59:85:d8:79:09:91:2a:a3:08:64:
                    44:89:d5:4f:e9:fe:bc:78:75:61:87:11:a0:0e:f3:
                    21:07:76:80:7e:27:16:a1:79:98:a9:72:f5:9b:6d:
                    76:ae:fa:37:7d:ce:ac:90:6c:e3:55:2d:3a:ee:26:
                    75:cc:d5:e8:f7:b7:1d:ea:bb:d8:ea:15:03:70:76:
                    bf:e4:97:ec:ea:fa:37:f9:cf:df:32:0a:7f:a0:25:
                    45:04:8a:27:d6:9e:6a:cb:68:2f:5d:0d:0b:a9:f9:
                    d3:f0:a2:91:e0:8b:a2:4c:84:28:1a:5d:79:2d:e6:
                    00:54:7f:e7:06:38:66:05:b5:d7:0b:41:0b:32:1c:
                    23:03:bc:d7:85:27:6c:94:c1:78:fd:1e:76:76:06:
                    e5:19:7f:e4:74:f0:9d:e1:6b:e3:be:a8:5f:1a:ae:
                    76:07:e5:ae:8c:55:84:82:13:4d:34:f5:f7:c1:37:
                    77:5f:01:50:c3:b6:84:8e:32:85:38:35:bf:d8:44:
                    15:f8:98:38:78:a4:23:49:10:c0:5a:83:07:11:29:
                    8f:1c:66:32:81:fb:2e:4a:65:c3:02:da:47:60:63:
                    53:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:2B:7B:A8:C1:60:18:54:18:57:F5:CF:3D:89:C5:10:30:B2:8C:B0
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:c6:51:31:f2:ea:2a:fc:1c:a5:56:9a:d2:5a:20:6a:f8:f4:
         27:9e:7d:f0:1b:6e:01:db:89:ef:9d:cd:30:29:1f:1e:d9:73:
         71:26:39:1a:17:56:90:1a:34:18:b0:eb:0d:b0:b7:be:ab:e8:
         3f:f1:a2:4b:fd:a0:64:94:36:6a:09:64:69:fa:3b:f2:e6:64:
         49:dc:6c:79:22:53:32:fc:7d:f3:b8:12:1f:f1:8b:5f:c0:b4:
         dd:4c:c3:09:f7:dd:e3:7b:68:3b:3c:5b:ad:1f:b8:55:17:ce:
         24:38:60:28:99:42:15:eb:e6:c6:de:fe:6e:de:4a:29:ba:9e:
         85:82:47:f9:d9:13:8b:61:7c:fc:d9:f9:36:05:28:03:70:e4:
         82:56:01:4e:ca:0b:02:51:54:7c:43:81:92:a5:de:55:2c:ca:
         b3:04:41:9a:60:56:6d:22:b5:94:1d:51:27:8c:88:a0:d4:85:
         18:54:87:ba:01:f0:3e:c3:46:ce:82:59:22:fb:06:59:6e:e9:
         29:81:2d:7a:ee:4f:c2:43:97:09:ed:09:fd:5f:31:b5:38:89:
         25:b8:36:63:a2:6c:c7:45:06:b7:72:e2:fd:80:16:f9:b8:0d:
         43:b5:50:45:ac:b0:e3:9c:d3:56:3c:cd:0a:04:07:3a:e0:3e:
         6f:ce:38:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqSALHd09Qb9VL92ckX/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjYwMzI2MDEwMTI4WhcNMjYwMzI3MDEwMTI4WjAzMTEwLwYDVQQD
Eyg4ODJiN2JhOGMxNjAxODU0MTg1N2Y1Y2YzZDg5YzUxMDMwYjI4Y2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzZiKYaf0kis6HP3HCKDQFcaBvpd
vCr8jjuGPDmRVO4wR1mF2HkJkSqjCGREidVP6f68eHVhhxGgDvMhB3aAficWoXmY
qXL1m212rvo3fc6skGzjVS067iZ1zNXo97cd6rvY6hUDcHa/5Jfs6vo3+c/fMgp/
oCVFBIon1p5qy2gvXQ0LqfnT8KKR4IuiTIQoGl15LeYAVH/nBjhmBbXXC0ELMhwj
A7zXhSdslMF4/R52dgblGX/kdPCd4WvjvqhfGq52B+WujFWEghNNNPX3wTd3XwFQ
w7aEjjKFODW/2EQV+Jg4eKQjSRDAWoMHESmPHGYygfsuSmXDAtpHYGNTRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgre6jBYBhUGFf1zz2JxRAwsoywMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACsZRMfLq
KvwcpVaa0logavj0J5598BtuAduJ753NMCkfHtlzcSY5GhdWkBo0GLDrDbC3vqvo
P/GiS/2gZJQ2aglkafo78uZkSdxseSJTMvx987gSH/GLX8C03UzDCffd43toOzxb
rR+4VRfOJDhgKJlCFevmxt7+bt5KKbqehYJH+dkTi2F8/Nn5NgUoA3DkglYBTsoL
AlFUfEOBkqXeVSzKswRBmmBWbSK1lB1RJ4yIoNSFGFSHugHwPsNGzoJZIvsGWW7p
KYEteu5PwkOXCe0J/V8xtTiJJbg2Y6Jsx0UGt3Li/YAW+bgNQ7VQRayw45zTVjzN
CgQHOuA+b844lw==
-----END CERTIFICATE-----