Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
File:                     OoLcXHHOpyxlsCahJnifOIZXC6Y.mft (raw, json)
Hash identifier:          GaEeRcNRHeCq0BOOvtMYd+LJQHgIFhEg71oMRlcA+Qc=
Subject key identifier:   B0:30:43:DF:55:46:EE:66:E8:91:9F:1D:27:FD:4F:90:9E:73:D9:33
Authority key identifier: 3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6
Certificate issuer:       /CN=3a82dc5c71cea72c65b026a126789f3886570ba6
Certificate serial:       019D2703E2E03399167FAF9FC10C9D22497B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:00:59 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:59 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:59 +0000
Files and hashes:         1: OoLcXHHOpyxlsCahJnifOIZXC6Y.crl (hash: Z8o10Z43vtCPfWN7/70bZBaWHZvDeIaawrqPD359Pgw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e2:e0:33:99:16:7f:af:9f:c1:0c:9d:22:49:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a82dc5c71cea72c65b026a126789f3886570ba6
        Validity
            Not Before: Mar 25 22:00:59 2026 GMT
            Not After : Mar 26 22:00:59 2026 GMT
        Subject: CN=b03043df5546ee66e8919f1d27fd4f909e73d933
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:3e:17:ad:c9:b5:d6:d4:0b:ea:b5:fa:72:6e:
                    bc:27:91:26:e1:29:12:e1:80:37:d9:e3:45:8e:6e:
                    68:aa:b1:c2:ac:32:bc:c0:19:97:c8:b6:34:62:26:
                    29:61:b0:ca:51:a0:d7:bd:29:f1:7d:4b:28:dd:5a:
                    89:2a:2b:5a:88:ba:0b:a2:31:eb:aa:94:96:26:ea:
                    e2:df:e9:f9:de:3d:c0:32:ba:08:2d:54:95:89:b8:
                    5e:cc:ec:9d:ae:f3:5e:39:21:3c:da:a4:63:4b:48:
                    24:79:8e:f0:5d:90:c9:55:9f:f7:77:84:2e:7a:ce:
                    be:b2:ed:05:d5:6b:0c:49:2e:84:00:79:4d:bc:fc:
                    17:33:a6:ad:d7:fe:38:b9:b9:fe:a3:8c:35:6d:71:
                    83:39:07:ec:a8:09:e4:0b:0e:87:2a:36:e0:62:63:
                    12:86:83:2e:7d:73:83:fa:dc:31:db:6e:13:24:40:
                    07:35:ba:f1:17:f8:82:4e:d1:6e:fb:4f:bf:80:3e:
                    53:dc:e9:68:ac:14:52:24:78:5b:44:b0:a6:cd:e8:
                    5a:42:4f:30:0a:5f:72:c2:2b:50:ba:2b:cb:ed:9c:
                    ad:ed:f6:9b:18:1f:7f:dd:a6:f2:d8:7d:45:22:a9:
                    2d:38:f8:3e:b6:76:f1:fb:ec:aa:87:80:22:af:dc:
                    cb:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:30:43:DF:55:46:EE:66:E8:91:9F:1D:27:FD:4F:90:9E:73:D9:33
            X509v3 Authority Key Identifier:
                keyid:3A:82:DC:5C:71:CE:A7:2C:65:B0:26:A1:26:78:9F:38:86:57:0B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoLcXHHOpyxlsCahJnifOIZXC6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d5958c-14ca-41d5-8d42-dc1fab439e30/1/OoLcXHHOpyxlsCahJnifOIZXC6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:7c:a7:17:a5:3a:d6:ca:b3:d4:26:9a:bc:01:2c:ce:bb:87:
         3e:de:8f:87:bf:79:29:80:d4:f4:ca:0a:08:b9:4d:a2:48:73:
         f0:5d:05:2a:47:f8:ef:32:66:d2:f9:ae:22:5e:03:19:a8:df:
         92:c6:5f:ad:52:3b:0c:a3:ce:8b:58:e4:d4:e2:9b:a1:2d:5b:
         77:08:55:c6:4d:bf:dc:33:8e:65:b4:44:d9:97:a8:48:96:54:
         b7:2c:5e:d7:92:ad:36:a4:2b:03:42:bd:8e:f3:22:5a:e1:c5:
         01:75:2d:0e:57:73:fb:e0:b2:cf:d3:d9:39:10:71:a4:77:29:
         2f:58:8f:25:1a:fa:23:26:6a:89:7c:04:44:57:8d:95:ac:fc:
         05:79:28:42:19:84:8a:f5:7a:8f:d1:16:fb:6b:ac:65:5c:2c:
         af:d0:e5:37:98:3c:d9:15:09:39:c5:c2:2f:65:ed:cd:14:0c:
         22:6d:e7:e8:20:62:35:23:36:2f:b3:b2:17:f3:93:b0:3b:7f:
         3c:c7:c4:a0:38:3b:10:0c:c9:de:ce:7b:9e:b9:3e:c9:d8:a4:
         a8:97:0e:9c:fa:8c:e2:03:0d:d8:d0:65:b3:2d:38:3f:2c:68:
         83:7e:77:bf:c6:12:0a:36:92:7a:76:e6:21:8d:24:7d:3a:de:
         36:51:70:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+LgM5kWf6+fwQydIkl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODJkYzVjNzFjZWE3MmM2NWIwMjZhMTI2Nzg5ZjM4ODY1
NzBiYTYwHhcNMjYwMzI1MjIwMDU5WhcNMjYwMzI2MjIwMDU5WjAzMTEwLwYDVQQD
EyhiMDMwNDNkZjU1NDZlZTY2ZTg5MTlmMWQyN2ZkNGY5MDllNzNkOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT4Xrcm11tQL6rX6cm68J5Em4SkS
4YA32eNFjm5oqrHCrDK8wBmXyLY0YiYpYbDKUaDXvSnxfUso3VqJKitaiLoLojHr
qpSWJuri3+n53j3AMroILVSVibhezOydrvNeOSE82qRjS0gkeY7wXZDJVZ/3d4Qu
es6+su0F1WsMSS6EAHlNvPwXM6at1/44ubn+o4w1bXGDOQfsqAnkCw6HKjbgYmMS
hoMufXOD+twx224TJEAHNbrxF/iCTtFu+0+/gD5T3OlorBRSJHhbRLCmzehaQk8w
Cl9ywitQuivL7Zyt7fabGB9/3aby2H1FIqktOPg+tnbx++yqh4Air9zL6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLAwQ99VRu5m6JGfHSf9T5Cec9kzMB8GA1UdIwQY
MBaAFDqC3FxxzqcsZbAmoSZ4nziGVwumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDIt
ZGMxZmFiNDM5ZTMwLzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kNTk1OGMtMTRjYS00MWQ1LThkNDItZGMxZmFiNDM5ZTMw
LzEvT29MY1hISE9weXhsc0NhaEpuaWZPSVpYQzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM3ynF6U6
1sqz1CaavAEszruHPt6Ph795KYDU9MoKCLlNokhz8F0FKkf47zJm0vmuIl4DGajf
ksZfrVI7DKPOi1jk1OKboS1bdwhVxk2/3DOOZbRE2ZeoSJZUtyxe15KtNqQrA0K9
jvMiWuHFAXUtDldz++Cyz9PZORBxpHcpL1iPJRr6IyZqiXwERFeNlaz8BXkoQhmE
ivV6j9EW+2usZVwsr9DlN5g82RUJOcXCL2XtzRQMIm3n6CBiNSM2L7OyF/OTsDt/
PMfEoDg7EAzJ3s57nrk+ydikqJcOnPqM4gMN2NBlsy04Pyxog353v8YSCjaSenbm
IY0kfTreNlFwgA==
-----END CERTIFICATE-----