Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
File:                     OEzdzXTQQilYPSwr7tBz4AlrozU.mft (raw, json)
Hash identifier:          T3U04TRkiFLt5rqqEKYi3k/i6l/uUYcjTEKvzY/DnaI=
Subject key identifier:   44:DB:4F:FF:66:2A:54:B3:95:1D:58:54:8B:96:72:B4:3B:B0:B6:BF
Authority key identifier: 38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35
Certificate issuer:       /CN=384cddcd74d04229583d2c2beed073e0096ba335
Certificate serial:       019CAB6C0355FF6DC5B2C8AEA8A305A1EEDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
Manifest number:          0898
Signing time:             Sun 01 Mar 2026 22:01:48 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:48 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:48 +0000
Files and hashes:         1: OEzdzXTQQilYPSwr7tBz4AlrozU.crl (hash: C23p+oAxS0AxISqGhqOnRsvMeVKoZ/zluJr87FEG9mk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6c:03:55:ff:6d:c5:b2:c8:ae:a8:a3:05:a1:ee:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384cddcd74d04229583d2c2beed073e0096ba335
        Validity
            Not Before: Mar  1 22:01:48 2026 GMT
            Not After : Mar  2 22:01:48 2026 GMT
        Subject: CN=44db4fff662a54b3951d58548b9672b43bb0b6bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:72:64:77:84:d7:b4:0d:c0:61:9a:f8:b9:91:
                    4d:24:42:23:14:1f:cf:91:33:42:5a:7c:0b:bc:92:
                    91:01:29:47:d8:3a:76:83:e1:1a:d0:d0:90:84:3d:
                    6f:5e:41:f6:e3:02:04:4b:be:04:4f:0b:9c:b9:2b:
                    6c:37:bc:2d:65:6e:ff:a1:78:c8:cb:e9:a8:3b:c2:
                    db:83:f7:f5:1f:29:cf:3a:cb:93:0f:cc:37:e5:6b:
                    57:70:ea:b4:a5:d8:29:a5:37:47:49:da:ef:c7:98:
                    65:aa:22:c1:a5:85:1b:19:8b:38:54:26:71:c9:4b:
                    a3:59:76:e9:50:37:e3:40:bd:a3:ca:92:f7:9d:00:
                    c1:e9:ac:39:11:4f:f0:68:5d:f6:ba:1d:d4:4c:55:
                    7a:cf:ae:c7:aa:2c:3f:7b:6e:32:85:ff:2b:f1:c0:
                    8f:b5:32:e8:94:60:00:70:3f:8b:ea:fb:23:48:45:
                    d9:2f:cf:62:c0:e1:a8:7d:e1:14:3a:c5:cd:e1:a6:
                    e9:fc:18:33:76:5c:01:a4:7f:35:f7:e0:65:37:b1:
                    dd:1f:c6:14:1f:b1:21:83:a0:ed:b1:c6:ab:f0:7b:
                    01:fb:6e:e7:ab:2b:b7:3c:99:e4:e8:b8:53:cd:c5:
                    de:53:3d:6e:a1:a2:cb:73:7c:2c:65:f1:01:df:7e:
                    99:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:DB:4F:FF:66:2A:54:B3:95:1D:58:54:8B:96:72:B4:3B:B0:B6:BF
            X509v3 Authority Key Identifier:
                keyid:38:4C:DD:CD:74:D0:42:29:58:3D:2C:2B:EE:D0:73:E0:09:6B:A3:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEzdzXTQQilYPSwr7tBz4AlrozU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/151c3e-95d8-483b-8dc2-998ad50f4a2a/1/OEzdzXTQQilYPSwr7tBz4AlrozU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:91:37:bd:2a:dc:8c:7b:b4:23:a1:db:e8:a2:08:46:50:bf:
         6b:48:1b:af:ee:6c:84:bf:41:6d:4b:f0:82:87:8e:cc:ce:63:
         8b:9d:b9:01:55:2c:d9:3e:5b:af:e2:21:8c:71:60:dd:a8:1b:
         48:a6:c8:f9:32:f7:2f:73:e0:54:fa:81:fe:13:bc:07:4d:45:
         07:2b:67:9b:66:c2:bc:1b:9f:a8:ac:6a:6f:40:eb:72:ab:6f:
         de:cc:af:1e:25:dd:54:e4:ad:d8:b3:56:70:07:eb:a7:72:3c:
         df:07:9e:58:50:b0:84:d7:56:10:7a:c7:fe:c6:21:c4:c1:7e:
         de:57:ba:c4:86:c1:e2:9a:52:d2:10:e0:35:8a:4d:13:ca:07:
         f9:cd:17:60:30:96:16:72:a7:8e:1b:35:80:96:40:20:4f:fc:
         6c:fd:1e:09:45:4d:0b:da:35:5d:bd:66:33:a6:ff:d7:dc:cf:
         ad:67:61:ea:45:59:9c:52:d2:56:0b:95:98:64:d8:e7:89:36:
         a0:96:3a:b8:b8:71:ac:e6:ae:a5:16:bb:fd:68:e3:86:0f:38:
         3e:5a:01:83:d7:b5:f9:7b:77:0d:3f:ce:a3:f3:b5:f7:00:3a:
         a2:4e:51:c3:9e:d4:95:94:dd:20:5c:2f:9f:b3:ae:f8:3a:c8:
         a7:41:e6:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrbANV/23FssiuqKMFoe7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGNkZGNkNzRkMDQyMjk1ODNkMmMyYmVlZDA3M2UwMDk2
YmEzMzUwHhcNMjYwMzAxMjIwMTQ4WhcNMjYwMzAyMjIwMTQ4WjAzMTEwLwYDVQQD
Eyg0NGRiNGZmZjY2MmE1NGIzOTUxZDU4NTQ4Yjk2NzJiNDNiYjBiNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3Jkd4TXtA3AYZr4uZFNJEIjFB/P
kTNCWnwLvJKRASlH2Dp2g+Ea0NCQhD1vXkH24wIES74ETwucuStsN7wtZW7/oXjI
y+moO8Lbg/f1HynPOsuTD8w35WtXcOq0pdgppTdHSdrvx5hlqiLBpYUbGYs4VCZx
yUujWXbpUDfjQL2jypL3nQDB6aw5EU/waF32uh3UTFV6z67Hqiw/e24yhf8r8cCP
tTLolGAAcD+L6vsjSEXZL89iwOGofeEUOsXN4abp/BgzdlwBpH819+BlN7HdH8YU
H7Ehg6Dtscar8HsB+27nqyu3PJnk6LhTzcXeUz1uoaLLc3wsZfEB336ZswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETbT/9mKlSzlR1YVIuWcrQ7sLa/MB8GA1UdIwQY
MBaAFDhM3c100EIpWD0sK+7Qc+AJa6M1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzIt
OTk4YWQ1MGY0YTJhLzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNTFjM2UtOTVkOC00ODNiLThkYzItOTk4YWQ1MGY0YTJh
LzEvT0V6ZHpYVFFRaWxZUFN3cjd0Qno0QWxyb3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApE3vSrc
jHu0I6Hb6KIIRlC/a0gbr+5shL9BbUvwgoeOzM5ji525AVUs2T5br+IhjHFg3agb
SKbI+TL3L3PgVPqB/hO8B01FBytnm2bCvBufqKxqb0Drcqtv3syvHiXdVOSt2LNW
cAfrp3I83weeWFCwhNdWEHrH/sYhxMF+3le6xIbB4ppS0hDgNYpNE8oH+c0XYDCW
FnKnjhs1gJZAIE/8bP0eCUVNC9o1Xb1mM6b/19zPrWdh6kVZnFLSVguVmGTY54k2
oJY6uLhxrOaupRa7/Wjjhg84PloBg9e1+Xt3DT/Oo/O19wA6ok5Rw57UlZTdIFwv
n7Ou+DrIp0HmQA==
-----END CERTIFICATE-----