Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
File:                     aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json)
Hash identifier:          sXscHRvl0KCAkdBTlerGB/VJ0m5hRfgKFqCOwmq2LgI=
Subject key identifier:   7D:C7:19:90:78:CC:A5:F0:00:08:07:48:69:2F:39:03:79:17:51:54
Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Certificate issuer:       /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Certificate serial:       019D2AE080600515D788636FFAE71D684862
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
Manifest number:          186C
Signing time:             Thu 26 Mar 2026 16:00:49 +0000
Manifest this update:     Thu 26 Mar 2026 16:00:49 +0000
Manifest next update:     Fri 27 Mar 2026 16:00:49 +0000
Files and hashes:         1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: ALee9K7RQnIrK8CQWON10NSqlSlfk7/Blla0G5PmIKw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:80:60:05:15:d7:88:63:6f:fa:e7:1d:68:48:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
        Validity
            Not Before: Mar 26 16:00:49 2026 GMT
            Not After : Mar 27 16:00:49 2026 GMT
        Subject: CN=7dc7199078cca5f000080748692f390379175154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f6:9e:a1:4e:1d:51:30:99:6f:0e:e6:b4:7f:
                    58:23:f0:c1:96:5f:3e:65:39:99:b2:f2:e2:17:db:
                    1e:74:57:8c:1d:f5:d3:88:0e:0a:3c:5c:91:44:f3:
                    f5:d8:a9:f7:27:4f:8b:75:36:2c:e6:75:a8:30:b2:
                    b7:f0:98:63:b4:ea:33:90:34:79:d5:74:99:80:27:
                    61:65:b6:be:95:20:ae:55:4b:8e:d1:c9:9a:c8:4f:
                    c5:bd:52:9d:0c:fc:03:a5:57:7c:45:3d:7e:a8:e6:
                    bc:7a:a1:12:0e:e9:92:69:1d:8f:a2:9e:bb:28:8f:
                    33:af:37:c6:ad:38:5d:f5:60:b9:fa:85:8e:8b:6c:
                    3a:ed:8a:80:10:07:8a:9d:d2:cb:b3:8c:6b:d5:97:
                    ca:37:0c:8b:9e:67:8f:7a:ba:09:47:45:fe:c0:8b:
                    03:76:f2:ce:e6:7e:2d:1d:5d:69:b1:9f:d7:fd:d5:
                    80:ee:7f:52:c5:01:a3:95:2c:a5:1e:21:38:68:ea:
                    97:11:54:d1:4d:79:6b:83:46:7e:61:4b:d3:9b:60:
                    cb:2a:01:ee:95:e1:31:3f:65:fd:31:10:2a:bc:20:
                    09:e8:17:dd:0e:6b:18:0c:d2:27:5f:b2:de:ab:7c:
                    74:32:da:3d:62:f6:80:12:0f:ea:17:be:d0:16:96:
                    b3:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:C7:19:90:78:CC:A5:F0:00:08:07:48:69:2F:39:03:79:17:51:54
            X509v3 Authority Key Identifier:
                keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:3f:73:70:56:11:83:3c:45:9d:6f:e5:29:e5:d7:89:47:0f:
         fa:78:67:37:ae:37:11:25:2e:ff:be:32:0a:5b:a9:54:6d:80:
         de:e1:71:e6:ff:79:de:df:c1:dd:9f:2c:27:c2:49:7b:a6:ca:
         18:66:ca:0d:60:38:c5:3e:14:49:b9:00:04:af:a6:19:04:ad:
         fc:6d:6c:16:4d:0e:15:80:b2:88:b5:38:b0:31:58:7e:88:2b:
         15:03:cd:a3:b9:fc:b6:e6:74:5e:7c:e1:bd:2a:b8:ab:02:fa:
         a2:53:79:35:81:36:4c:ca:09:62:63:5a:c5:7a:43:71:d6:74:
         19:54:d3:e2:78:df:01:f4:b7:e4:5a:b2:63:23:26:0e:40:f6:
         ec:43:1d:0c:e2:d0:2e:81:ab:60:ba:ab:95:65:5a:c5:ea:b4:
         2d:4b:d2:c7:42:1b:a9:51:05:b9:c3:99:aa:06:c7:a1:58:35:
         0f:04:17:5c:cf:89:c2:72:9c:ee:e8:bd:0b:3f:a8:8b:12:62:
         fc:87:bb:0a:26:8a:58:c4:9f:3c:a3:90:84:db:74:20:cd:eb:
         ab:ac:d9:df:3f:05:3b:81:4c:cb:34:f2:7e:ff:96:d7:e0:07:
         59:b0:d1:82:a4:53:ee:2a:b2:eb:94:3c:c4:ae:8f:30:0e:82:
         d5:46:52:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4IBgBRXXiGNv+ucdaEhiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5
MWM0YzIwHhcNMjYwMzI2MTYwMDQ5WhcNMjYwMzI3MTYwMDQ5WjAzMTEwLwYDVQQD
Eyg3ZGM3MTk5MDc4Y2NhNWYwMDAwODA3NDg2OTJmMzkwMzc5MTc1MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PaeoU4dUTCZbw7mtH9YI/DBll8+
ZTmZsvLiF9sedFeMHfXTiA4KPFyRRPP12Kn3J0+LdTYs5nWoMLK38JhjtOozkDR5
1XSZgCdhZba+lSCuVUuO0cmayE/FvVKdDPwDpVd8RT1+qOa8eqESDumSaR2Pop67
KI8zrzfGrThd9WC5+oWOi2w67YqAEAeKndLLs4xr1ZfKNwyLnmePeroJR0X+wIsD
dvLO5n4tHV1psZ/X/dWA7n9SxQGjlSylHiE4aOqXEVTRTXlrg0Z+YUvTm2DLKgHu
leExP2X9MRAqvCAJ6BfdDmsYDNInX7Leq3x0Mto9YvaAEg/qF77QFpazmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3HGZB4zKXwAAgHSGkvOQN5F1FUMB8GA1UdIwQY
MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt
MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy
LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaT9zcFYR
gzxFnW/lKeXXiUcP+nhnN643ESUu/74yClupVG2A3uFx5v953t/B3Z8sJ8JJe6bK
GGbKDWA4xT4USbkABK+mGQSt/G1sFk0OFYCyiLU4sDFYfogrFQPNo7n8tuZ0Xnzh
vSq4qwL6olN5NYE2TMoJYmNaxXpDcdZ0GVTT4njfAfS35FqyYyMmDkD27EMdDOLQ
LoGrYLqrlWVaxeq0LUvSx0IbqVEFucOZqgbHoVg1DwQXXM+JwnKc7ui9Cz+oixJi
/Ie7CiaKWMSfPKOQhNt0IM3rq6zZ3z8FO4FMyzTyfv+W1+AHWbDRgqRT7iqy65Q8
xK6PMA6C1UZSag==
-----END CERTIFICATE-----