Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          vn89ejEo+z8pN8Cf+NnEgQ5a2UfnWNxLDUDaFyw1ix0=
Subject key identifier:   EB:AF:14:B6:5E:FF:52:14:A7:2F:41:07:13:3E:0B:19:35:F2:B6:21
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       019D2703B4BB25DC2C12FA581EAD280C3D8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          0BB8
Signing time:             Wed 25 Mar 2026 22:00:47 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:47 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:47 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: auyRg0/vOSWgIyswI/tlBjkUN+djyT6iLLhy8yw6w+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:b4:bb:25:dc:2c:12:fa:58:1e:ad:28:0c:3d:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Mar 25 22:00:47 2026 GMT
            Not After : Mar 26 22:00:47 2026 GMT
        Subject: CN=ebaf14b65eff5214a72f4107133e0b1935f2b621
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:40:fc:7a:3e:97:6c:81:f5:ee:8f:04:d7:18:
                    ff:73:e9:c9:8b:9d:53:59:fa:0d:27:d8:fa:36:22:
                    87:2f:19:be:01:82:f1:d5:2a:ef:6d:08:d2:97:78:
                    c6:43:85:6e:6a:d4:9b:93:c8:a9:09:87:9e:01:35:
                    f3:db:c1:b3:b7:ee:67:c3:2d:df:43:fc:a3:23:35:
                    9e:5b:a9:25:d3:1b:61:e4:39:57:05:0b:75:9d:eb:
                    91:8a:6d:97:57:b3:06:e2:36:a2:e8:3d:04:47:b9:
                    ba:7e:fc:6c:57:e0:5e:53:5e:b0:6a:67:1a:6b:03:
                    53:17:e1:5d:ca:58:a8:f6:7d:73:07:53:fe:34:b3:
                    6f:90:f6:81:45:71:e2:d1:cc:e4:84:da:63:e2:e1:
                    1c:e7:c6:50:50:3d:03:6a:51:3f:3d:37:5b:45:9d:
                    2c:6e:fd:db:70:ea:d3:bc:17:c1:03:98:9c:ec:2d:
                    69:8b:b8:09:b6:df:d9:59:c0:e1:89:03:bf:4c:0f:
                    76:5c:09:b0:f9:3d:12:69:48:9c:ed:65:8d:c5:3a:
                    f7:e0:75:e3:e0:b5:71:da:eb:88:35:35:a5:ba:e0:
                    6f:ae:23:58:f4:b0:fe:c6:54:fd:11:2e:a0:5e:0c:
                    1b:6c:0a:59:e3:3b:6c:b4:2a:bf:c9:a8:ee:7e:98:
                    a5:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:AF:14:B6:5E:FF:52:14:A7:2F:41:07:13:3E:0B:19:35:F2:B6:21
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:fa:af:f3:da:b9:d3:84:3d:7f:2d:37:a2:d4:d9:54:bb:83:
         9e:17:f3:af:54:50:a8:25:bb:a8:49:6c:b2:ca:6d:3f:46:79:
         6c:e9:46:54:d9:7e:a8:90:d1:ee:7c:2a:b8:08:62:b8:dc:e0:
         31:b8:7f:33:25:f2:98:0b:9e:4d:2e:d6:57:c1:e4:3c:ec:1b:
         ac:50:41:ed:cf:d4:db:9b:4c:fc:aa:6d:d2:2e:68:84:54:d0:
         82:ec:b4:98:f6:e2:6b:84:ee:cd:4c:53:a5:03:f6:90:53:df:
         68:f6:55:4d:43:f2:15:2a:c5:87:3e:ad:aa:4c:52:23:f4:dd:
         62:3d:94:dd:df:b1:75:c0:ef:84:9d:b0:0b:e4:6b:c4:e9:e8:
         70:91:47:78:8b:e9:4e:36:72:fd:45:67:d1:74:50:3d:b6:49:
         15:99:b8:88:11:f9:6b:94:ff:b3:9f:23:a3:6c:61:86:c9:c4:
         d2:42:f9:8f:81:f3:a3:75:4f:e1:28:94:d7:93:2e:e6:77:af:
         82:92:78:61:b5:8b:8b:63:40:10:eb:04:67:2c:90:a3:db:a0:
         80:fa:3d:b4:53:d5:ea:5c:73:24:71:11:49:fd:09:79:04:b8:
         10:78:55:a7:af:fc:0f:dc:2b:d2:41:c5:16:7f:07:8e:80:63:
         71:a1:4c:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA7S7JdwsEvpYHq0oDD2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjYwMzI1MjIwMDQ3WhcNMjYwMzI2MjIwMDQ3WjAzMTEwLwYDVQQD
EyhlYmFmMTRiNjVlZmY1MjE0YTcyZjQxMDcxMzNlMGIxOTM1ZjJiNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70D8ej6XbIH17o8E1xj/c+nJi51T
WfoNJ9j6NiKHLxm+AYLx1SrvbQjSl3jGQ4VuatSbk8ipCYeeATXz28Gzt+5nwy3f
Q/yjIzWeW6kl0xth5DlXBQt1neuRim2XV7MG4jai6D0ER7m6fvxsV+BeU16wamca
awNTF+Fdylio9n1zB1P+NLNvkPaBRXHi0czkhNpj4uEc58ZQUD0DalE/PTdbRZ0s
bv3bcOrTvBfBA5ic7C1pi7gJtt/ZWcDhiQO/TA92XAmw+T0SaUic7WWNxTr34HXj
4LVx2uuINTWluuBvriNY9LD+xlT9ES6gXgwbbApZ4ztstCq/yajufpilXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuvFLZe/1IUpy9BBxM+Cxk18rYhMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN/qv89q5
04Q9fy03otTZVLuDnhfzr1RQqCW7qElsssptP0Z5bOlGVNl+qJDR7nwquAhiuNzg
Mbh/MyXymAueTS7WV8HkPOwbrFBB7c/U25tM/Kpt0i5ohFTQguy0mPbia4TuzUxT
pQP2kFPfaPZVTUPyFSrFhz6tqkxSI/TdYj2U3d+xdcDvhJ2wC+RrxOnocJFHeIvp
TjZy/UVn0XRQPbZJFZm4iBH5a5T/s58jo2xhhsnE0kL5j4Hzo3VP4SiU15Mu5nev
gpJ4YbWLi2NAEOsEZyyQo9uggPo9tFPV6lxzJHERSf0JeQS4EHhVp6/8D9wr0kHF
Fn8HjoBjcaFMFQ==
-----END CERTIFICATE-----