Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
File:                     0phnd6RO0JQPKaeVx19Fpi9EuzM.mft (raw, json)
Hash identifier:          J0FFX9BR/vIM/o8W6tSAT+sdQ/VQle6049eFriPQ/R0=
Subject key identifier:   C2:98:EC:30:0A:49:F1:0E:1C:27:1E:BE:60:A5:B8:67:A1:8B:C9:2D
Authority key identifier: D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33
Certificate issuer:       /CN=d2986777a44ed0940f29a795c75f45a62f44bb33
Certificate serial:       019E1C46815FE79395E05F3ED86F89158561
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
Manifest number:          08EF
Signing time:             Tue 12 May 2026 13:00:43 +0000
Manifest this update:     Tue 12 May 2026 13:00:43 +0000
Manifest next update:     Wed 13 May 2026 13:00:43 +0000
Files and hashes:         1: 0phnd6RO0JQPKaeVx19Fpi9EuzM.crl (hash: IXU2Cwh1MeeP1VtHHlRJSxxFuqhUOrHi2/Glr/rjJW8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 13:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1c:46:81:5f:e7:93:95:e0:5f:3e:d8:6f:89:15:85:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2986777a44ed0940f29a795c75f45a62f44bb33
        Validity
            Not Before: May 12 13:00:43 2026 GMT
            Not After : May 13 13:00:43 2026 GMT
        Subject: CN=c298ec300a49f10e1c271ebe60a5b867a18bc92d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:f9:58:d1:5d:2e:ea:4b:0d:6b:8d:7a:ce:05:
                    ce:19:aa:92:33:9d:59:5c:13:f3:f4:f4:d3:ed:c1:
                    23:51:01:11:6e:6f:7e:47:dd:4b:3b:42:40:52:63:
                    90:42:ee:40:f7:6d:98:8a:ec:b1:2f:15:93:2a:e0:
                    ce:80:1d:90:d0:f7:e4:0e:8b:63:e4:d7:83:17:72:
                    d3:ad:8d:f9:f1:74:f5:81:22:3f:de:f4:65:78:f1:
                    89:c1:2c:97:c7:a5:9d:53:2e:de:89:3c:c8:bd:13:
                    63:ab:9a:70:31:e9:e8:4d:b2:99:0c:4e:ee:ce:1c:
                    99:81:7e:96:44:cc:83:a7:af:1c:f1:1c:ad:e0:7e:
                    7a:88:44:30:fc:94:1d:ee:8f:16:66:52:f3:9e:00:
                    59:b6:e8:9a:47:6f:ac:74:ff:8b:2b:76:f8:e5:4e:
                    4f:0a:58:9a:9e:59:e6:b5:35:9d:66:11:69:73:ab:
                    a7:87:3e:c3:5c:30:4f:60:c1:67:ff:07:b0:61:1c:
                    dd:78:3b:eb:6c:22:c3:26:50:ab:7f:00:0a:e4:f8:
                    cf:da:2c:a7:6a:1e:f6:7f:3f:f8:74:65:0f:6e:e2:
                    37:f5:cb:54:22:d3:54:2c:9c:6d:65:11:74:f8:f2:
                    35:f9:e6:18:f8:5f:62:b5:16:15:e8:84:87:47:e2:
                    6d:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:98:EC:30:0A:49:F1:0E:1C:27:1E:BE:60:A5:B8:67:A1:8B:C9:2D
            X509v3 Authority Key Identifier:
                keyid:D2:98:67:77:A4:4E:D0:94:0F:29:A7:95:C7:5F:45:A6:2F:44:BB:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0phnd6RO0JQPKaeVx19Fpi9EuzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9773dc-d8e8-480d-98f2-c00cbc1492bf/1/0phnd6RO0JQPKaeVx19Fpi9EuzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:65:11:e6:66:42:a1:7a:71:5a:2a:2d:a8:ee:25:95:44:d8:
         60:ca:2d:82:b1:1b:a9:0c:f4:e7:0b:62:a6:c2:9d:c2:a2:65:
         d1:ac:02:a1:af:20:31:8a:44:90:9e:56:bb:a2:84:9e:89:7e:
         d2:46:2e:10:41:24:8b:91:c1:8c:ae:81:4c:f0:25:a2:f8:35:
         48:b0:99:51:19:4a:bc:9c:77:0f:ce:a9:9d:20:b5:79:71:44:
         8a:17:a2:14:3c:94:67:e2:39:5a:f7:cf:c4:44:c5:51:3a:7e:
         c6:d1:cc:3f:c0:e3:37:0b:3d:ab:40:58:50:c7:30:aa:4a:7f:
         03:a2:b7:04:25:c4:62:6d:51:50:be:0f:12:41:a5:6f:98:88:
         55:4a:7c:12:92:3c:06:96:a0:49:f2:04:e8:58:4c:d3:a8:10:
         12:bf:6f:db:b2:63:64:9a:9c:3e:8c:23:58:59:c0:9e:aa:d1:
         45:39:07:7f:19:e8:5f:20:91:a1:a5:43:b6:9f:10:04:7e:65:
         be:67:df:d1:25:5f:7b:7f:29:08:6b:66:95:70:69:eb:68:65:
         bd:ae:70:14:fb:b4:89:2e:b2:f5:c1:4e:54:5a:4d:16:49:78:
         14:14:1b:ed:23:dc:2f:ab:1e:5d:fa:2c:2a:d1:f2:06:ad:d2:
         f1:1b:b5:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4cRoFf55OV4F8+2G+JFYVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTg2Nzc3YTQ0ZWQwOTQwZjI5YTc5NWM3NWY0NWE2MmY0
NGJiMzMwHhcNMjYwNTEyMTMwMDQzWhcNMjYwNTEzMTMwMDQzWjAzMTEwLwYDVQQD
EyhjMjk4ZWMzMDBhNDlmMTBlMWMyNzFlYmU2MGE1Yjg2N2ExOGJjOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/lY0V0u6ksNa416zgXOGaqSM51Z
XBPz9PTT7cEjUQERbm9+R91LO0JAUmOQQu5A922YiuyxLxWTKuDOgB2Q0PfkDotj
5NeDF3LTrY358XT1gSI/3vRlePGJwSyXx6WdUy7eiTzIvRNjq5pwMenoTbKZDE7u
zhyZgX6WRMyDp68c8Ryt4H56iEQw/JQd7o8WZlLzngBZtuiaR2+sdP+LK3b45U5P
ClianlnmtTWdZhFpc6unhz7DXDBPYMFn/wewYRzdeDvrbCLDJlCrfwAK5PjP2iyn
ah72fz/4dGUPbuI39ctUItNULJxtZRF0+PI1+eYY+F9itRYV6ISHR+JtVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKY7DAKSfEOHCcevmCluGehi8ktMB8GA1UdIwQY
MBaAFNKYZ3ekTtCUDymnlcdfRaYvRLszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjIt
YzAwY2JjMTQ5MmJmLzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85NzczZGMtZDhlOC00ODBkLTk4ZjItYzAwY2JjMTQ5MmJm
LzEvMHBobmQ2Uk8wSlFQS2FlVngxOUZwaTlFdXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArmUR5mZC
oXpxWiotqO4llUTYYMotgrEbqQz05wtipsKdwqJl0awCoa8gMYpEkJ5Wu6KEnol+
0kYuEEEki5HBjK6BTPAlovg1SLCZURlKvJx3D86pnSC1eXFEiheiFDyUZ+I5WvfP
xETFUTp+xtHMP8DjNws9q0BYUMcwqkp/A6K3BCXEYm1RUL4PEkGlb5iIVUp8EpI8
BpagSfIE6FhM06gQEr9v27JjZJqcPowjWFnAnqrRRTkHfxnoXyCRoaVDtp8QBH5l
vmff0SVfe38pCGtmlXBp62hlva5wFPu0iS6y9cFOVFpNFkl4FBQb7SPcL6seXfos
KtHyBq3S8Ru1XA==
-----END CERTIFICATE-----