Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
File:                     U_8iLUoiYwLL8QBoyqb0xB97scs.mft (raw, json)
Hash identifier:          GmxdfeXKoySu1eUlclm00psg9S+/PID4++vkzrD0iTQ=
Subject key identifier:   3B:26:27:D6:2E:1A:52:C4:2B:2A:18:AF:14:A4:4A:30:6E:31:5C:2F
Authority key identifier: 53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB
Certificate issuer:       /CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
Certificate serial:       019D2703DB53548AFF87B37D8F55AD47F521
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
Manifest number:          042C
Signing time:             Wed 25 Mar 2026 22:00:57 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:57 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:57 +0000
Files and hashes:         1: U_8iLUoiYwLL8QBoyqb0xB97scs.crl (hash: JlsA8985UMZrTgliFqwGFPoId8FlNQoviKZt7YkMv+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:db:53:54:8a:ff:87:b3:7d:8f:55:ad:47:f5:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=53ff222d4a226302cbf10068caa6f4c41f7bb1cb
        Validity
            Not Before: Mar 25 22:00:57 2026 GMT
            Not After : Mar 26 22:00:57 2026 GMT
        Subject: CN=3b2627d62e1a52c42b2a18af14a44a306e315c2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:99:80:d1:da:02:fe:83:1d:76:65:03:79:97:
                    1b:6a:27:61:cf:eb:33:25:71:72:79:dd:c6:c0:a7:
                    d6:d5:dc:f7:9f:e1:eb:87:71:d3:95:e3:ec:5b:89:
                    59:85:23:89:2f:c2:85:d5:11:23:4d:d7:7b:76:b9:
                    6d:d6:d6:6c:c7:c4:43:6b:f7:90:18:1b:2a:6e:55:
                    c6:94:ac:97:4b:2c:35:b1:85:dc:6c:63:23:f3:c3:
                    fb:04:3c:b2:43:c6:50:c8:f0:f9:6b:75:85:9e:15:
                    37:37:5d:66:ed:2e:50:45:a6:d4:1f:84:e3:dd:b4:
                    48:aa:72:b3:44:4a:9d:f8:9a:26:c9:66:62:a2:54:
                    f6:a9:06:f7:69:66:de:66:aa:57:ad:42:bd:39:62:
                    14:6c:74:f4:00:e2:a2:c7:c8:37:0f:13:a2:65:ab:
                    23:32:1f:7f:d6:a9:4e:ce:93:c7:dc:d2:21:80:03:
                    da:34:57:dd:0b:12:ca:7c:c2:da:99:ec:0f:bb:31:
                    1f:70:5a:c7:b3:d8:16:91:9f:9c:60:00:b9:3c:fb:
                    f1:69:bf:d3:b8:6e:71:6c:67:76:06:7c:40:ac:19:
                    69:10:40:09:8b:dc:e1:24:61:8e:67:28:db:cd:c0:
                    a2:ad:be:1a:87:ad:fe:65:76:36:cf:b8:a4:3d:5a:
                    ea:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:26:27:D6:2E:1A:52:C4:2B:2A:18:AF:14:A4:4A:30:6E:31:5C:2F
            X509v3 Authority Key Identifier:
                keyid:53:FF:22:2D:4A:22:63:02:CB:F1:00:68:CA:A6:F4:C4:1F:7B:B1:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_8iLUoiYwLL8QBoyqb0xB97scs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/06f9a3-8fca-414e-b5ad-ca36d98b3c4d/1/U_8iLUoiYwLL8QBoyqb0xB97scs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:a4:87:48:6b:5c:90:7f:25:6f:01:34:5c:65:82:30:97:39:
         9e:8a:9a:04:73:78:3a:d5:8d:92:f3:ab:2f:1d:5e:eb:7a:6a:
         4b:2b:02:b0:d0:27:51:4f:8d:ef:7d:91:b5:e0:ce:dd:50:37:
         3c:13:42:34:6d:f1:b6:78:d9:3e:bf:85:09:7c:12:9e:40:97:
         54:81:dc:98:85:18:d9:bd:f8:2a:2e:1d:08:ee:aa:2e:e9:f4:
         3e:f5:bc:d5:28:c1:fd:2f:ed:3d:ec:69:73:e3:7c:93:7d:14:
         3e:ae:4d:0d:b7:84:65:2f:5b:82:85:f3:c0:f8:38:67:d3:19:
         44:6d:c7:2a:e6:cb:98:c6:b0:c5:a0:0f:84:0f:4b:d8:33:ab:
         96:a3:cc:36:37:59:9a:89:6a:4b:8c:bf:43:01:7a:38:22:75:
         15:b4:9b:af:05:9d:b8:6c:26:4d:d8:bd:f9:2d:bb:ef:7d:b6:
         26:fe:43:a7:4b:5f:fb:96:90:a5:a0:6d:62:4b:41:37:d1:bb:
         42:86:67:80:d8:24:bc:ad:c8:36:62:1a:ab:60:eb:a7:1d:46:
         82:16:65:17:71:14:16:ea:6d:44:b4:60:73:0a:de:66:3a:fd:
         7e:5a:13:35:28:a5:28:d7:9c:8b:c0:3e:10:4b:aa:61:ce:f9:
         26:d4:a6:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9tTVIr/h7N9j1WtR/UhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZmYyMjJkNGEyMjYzMDJjYmYxMDA2OGNhYTZmNGM0MWY3
YmIxY2IwHhcNMjYwMzI1MjIwMDU3WhcNMjYwMzI2MjIwMDU3WjAzMTEwLwYDVQQD
EygzYjI2MjdkNjJlMWE1MmM0MmIyYTE4YWYxNGE0NGEzMDZlMzE1YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15mA0doC/oMddmUDeZcbaidhz+sz
JXFyed3GwKfW1dz3n+Hrh3HTlePsW4lZhSOJL8KF1REjTdd7drlt1tZsx8RDa/eQ
GBsqblXGlKyXSyw1sYXcbGMj88P7BDyyQ8ZQyPD5a3WFnhU3N11m7S5QRabUH4Tj
3bRIqnKzREqd+JomyWZiolT2qQb3aWbeZqpXrUK9OWIUbHT0AOKix8g3DxOiZasj
Mh9/1qlOzpPH3NIhgAPaNFfdCxLKfMLamewPuzEfcFrHs9gWkZ+cYAC5PPvxab/T
uG5xbGd2BnxArBlpEEAJi9zhJGGOZyjbzcCirb4ah63+ZXY2z7ikPVrqRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsmJ9YuGlLEKyoYrxSkSjBuMVwvMB8GA1UdIwQY
MBaAFFP/Ii1KImMCy/EAaMqm9MQfe7HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQt
Y2EzNmQ5OGIzYzRkLzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wNmY5YTMtOGZjYS00MTRlLWI1YWQtY2EzNmQ5OGIzYzRk
LzEvVV84aUxVb2lZd0xMOFFCb3lxYjB4Qjk3c2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeaSHSGtc
kH8lbwE0XGWCMJc5noqaBHN4OtWNkvOrLx1e63pqSysCsNAnUU+N732RteDO3VA3
PBNCNG3xtnjZPr+FCXwSnkCXVIHcmIUY2b34Ki4dCO6qLun0PvW81SjB/S/tPexp
c+N8k30UPq5NDbeEZS9bgoXzwPg4Z9MZRG3HKubLmMawxaAPhA9L2DOrlqPMNjdZ
molqS4y/QwF6OCJ1FbSbrwWduGwmTdi9+S277322Jv5Dp0tf+5aQpaBtYktBN9G7
QoZngNgkvK3INmIaq2Drpx1GghZlF3EUFuptRLRgcwreZjr9floTNSilKNeci8A+
EEuqYc75JtSmxg==
-----END CERTIFICATE-----