Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
File:                     oyHD8vYVgRDoDpLioyIdaVwnp9g.mft (raw, json)
Hash identifier:          0hD16mk4veF63nyNsRhJZkXDZG20k3BNjD1ZDim2HWs=
Subject key identifier:   E8:AC:2C:D2:21:37:7A:1A:2B:2D:58:02:47:B2:81:49:54:8C:36:32
Authority key identifier: A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8
Certificate issuer:       /CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
Certificate serial:       019CAB6BD616FCB6F167A843B92BA4D53F4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
Manifest number:          10EA
Signing time:             Sun 01 Mar 2026 22:01:36 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:36 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:36 +0000
Files and hashes:         1: oyHD8vYVgRDoDpLioyIdaVwnp9g.crl (hash: /m/6JUtyzGJz+MaknXWBAYcAKPnieXvgvCnpdNODFLs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:d6:16:fc:b6:f1:67:a8:43:b9:2b:a4:d5:3f:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a321c3f2f6158110e80e92e2a3221d695c27a7d8
        Validity
            Not Before: Mar  1 22:01:36 2026 GMT
            Not After : Mar  2 22:01:36 2026 GMT
        Subject: CN=e8ac2cd221377a1a2b2d580247b28149548c3632
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fb:be:23:da:b4:e4:00:e4:2b:71:42:a7:b2:
                    23:ae:0a:78:df:7f:fd:cc:f8:70:8e:23:8d:05:57:
                    d7:ca:5e:4a:6c:88:2f:7f:bf:4c:b2:69:08:51:91:
                    d6:54:f2:69:30:5a:63:a3:2d:e9:29:60:bc:62:26:
                    06:e9:d4:f7:09:11:9b:9c:5f:d7:18:67:54:89:34:
                    41:a6:aa:6a:f3:4e:95:71:ce:67:0c:fa:93:e7:b8:
                    11:81:5e:8c:ef:79:56:fb:24:ef:ab:a2:67:b4:cb:
                    8e:f3:72:a8:cb:3e:34:4c:fd:b8:fe:c4:d4:e9:a0:
                    3b:e0:34:7e:b3:55:3d:c1:6a:5e:d5:4f:03:73:0d:
                    5d:57:c8:3b:8e:af:37:75:00:9d:6d:93:b1:ec:1d:
                    45:50:5f:b7:f6:31:31:4e:4f:d4:ac:70:d1:92:fa:
                    80:a5:c0:db:db:be:97:b0:b9:f3:f7:e3:df:78:1a:
                    ab:c8:83:04:c7:31:4a:50:c8:19:5b:9e:0d:2d:51:
                    51:12:03:45:e7:99:a5:ff:2e:a5:69:27:c4:94:cf:
                    78:d9:63:84:5f:44:da:83:ae:d4:67:5f:e8:9c:1c:
                    1b:ad:74:b4:99:c3:ed:2b:59:e9:77:4e:89:58:dd:
                    4c:4e:45:9a:3d:13:4e:89:b1:36:e5:89:f6:c6:98:
                    8c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:AC:2C:D2:21:37:7A:1A:2B:2D:58:02:47:B2:81:49:54:8C:36:32
            X509v3 Authority Key Identifier:
                keyid:A3:21:C3:F2:F6:15:81:10:E8:0E:92:E2:A3:22:1D:69:5C:27:A7:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyHD8vYVgRDoDpLioyIdaVwnp9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7d3a55-ccb7-4d0c-bd26-cff461e0df34/1/oyHD8vYVgRDoDpLioyIdaVwnp9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bd:a9:ce:e5:40:56:50:95:63:5f:f9:95:6b:a9:2e:7b:bb:0f:
         e9:3b:48:f0:00:08:6a:ec:d9:fb:8c:e1:1d:4b:d9:9f:82:b4:
         77:c1:8b:8a:6c:e4:5b:d6:87:bf:58:01:26:86:b0:55:89:ad:
         77:1c:07:79:50:ea:2c:07:72:aa:69:10:17:ed:41:b9:57:28:
         f5:da:e3:d9:6c:f0:bc:65:35:72:5b:e3:e5:7c:1c:17:92:4e:
         05:6e:40:de:b4:dc:b2:05:5a:bd:37:02:3a:93:53:6c:2a:2f:
         f6:d9:2d:93:b5:a1:86:77:8b:bc:23:ee:bb:af:97:29:bc:fe:
         9b:9c:cf:3d:db:a1:10:5d:e5:62:61:16:66:66:42:72:34:a3:
         39:10:8e:a5:5a:64:af:61:51:ff:83:01:bc:b8:60:4f:a8:a8:
         dd:99:55:e2:59:b0:4a:cf:4e:fd:ba:59:28:49:85:39:de:0e:
         80:8c:05:ca:6b:fa:52:80:0e:bf:6b:90:73:32:0f:12:4b:fb:
         c6:b7:cf:2f:60:dc:1e:56:fa:13:78:a9:b5:11:05:42:76:17:
         ae:70:a8:df:93:a4:91:a4:ac:c5:cd:55:68:91:72:b7:3e:34:
         ab:35:9b:44:69:3a:40:ba:f0:ea:3a:3c:1d:6f:44:52:ff:bc:
         f6:5a:5a:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra9YW/LbxZ6hDuSuk1T9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjFjM2YyZjYxNTgxMTBlODBlOTJlMmEzMjIxZDY5NWMy
N2E3ZDgwHhcNMjYwMzAxMjIwMTM2WhcNMjYwMzAyMjIwMTM2WjAzMTEwLwYDVQQD
EyhlOGFjMmNkMjIxMzc3YTFhMmIyZDU4MDI0N2IyODE0OTU0OGMzNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPu+I9q05ADkK3FCp7Ijrgp433/9
zPhwjiONBVfXyl5KbIgvf79MsmkIUZHWVPJpMFpjoy3pKWC8YiYG6dT3CRGbnF/X
GGdUiTRBpqpq806Vcc5nDPqT57gRgV6M73lW+yTvq6JntMuO83Koyz40TP24/sTU
6aA74DR+s1U9wWpe1U8Dcw1dV8g7jq83dQCdbZOx7B1FUF+39jExTk/UrHDRkvqA
pcDb276XsLnz9+PfeBqryIMExzFKUMgZW54NLVFREgNF55ml/y6laSfElM942WOE
X0Tag67UZ1/onBwbrXS0mcPtK1npd06JWN1MTkWaPRNOibE25Yn2xpiMzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOisLNIhN3oaKy1YAkeygUlUjDYyMB8GA1UdIwQY
MBaAFKMhw/L2FYEQ6A6S4qMiHWlcJ6fYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYt
Y2ZmNDYxZTBkZjM0LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83ZDNhNTUtY2NiNy00ZDBjLWJkMjYtY2ZmNDYxZTBkZjM0
LzEvb3lIRDh2WVZnUkRvRHBMaW95SWRhVnducDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvanO5UBW
UJVjX/mVa6kue7sP6TtI8AAIauzZ+4zhHUvZn4K0d8GLimzkW9aHv1gBJoawVYmt
dxwHeVDqLAdyqmkQF+1BuVco9drj2WzwvGU1clvj5XwcF5JOBW5A3rTcsgVavTcC
OpNTbCov9tktk7WhhneLvCPuu6+XKbz+m5zPPduhEF3lYmEWZmZCcjSjORCOpVpk
r2FR/4MBvLhgT6io3ZlV4lmwSs9O/bpZKEmFOd4OgIwFymv6UoAOv2uQczIPEkv7
xrfPL2DcHlb6E3iptREFQnYXrnCo35OkkaSsxc1VaJFytz40qzWbRGk6QLrw6jo8
HW9EUv+89lpa1w==
-----END CERTIFICATE-----