Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft
File:                     aluKc4anCgzU9gC-dYHe-JRHOkE.mft (raw, json)
Hash identifier:          DOR/tOq7DM62UoYRQs9xsE3IW2PTWNj1qO6zQrCAtiE=
Subject key identifier:   B0:C5:3C:12:6E:C5:C0:A1:E2:82:ED:0C:1F:73:36:37:40:DC:0A:6D
Authority key identifier: 6A:5B:8A:73:86:A7:0A:0C:D4:F6:00:BE:75:81:DE:F8:94:47:3A:41
Certificate issuer:       /CN=6a5b8a7386a70a0cd4f600be7581def894473a41
Certificate serial:       019D25BA6FBBE8AA2B08ACE90159E74E02FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aluKc4anCgzU9gC-dYHe-JRHOkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft
Manifest number:          09A4
Signing time:             Wed 25 Mar 2026 16:01:08 +0000
Manifest this update:     Wed 25 Mar 2026 16:01:08 +0000
Manifest next update:     Thu 26 Mar 2026 16:01:08 +0000
Files and hashes:         1: aluKc4anCgzU9gC-dYHe-JRHOkE.crl (hash: pxYosZHG2s2W56BPeOrOpkpVfxsaM1IVZ+LXQelnCqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aluKc4anCgzU9gC-dYHe-JRHOkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:ba:6f:bb:e8:aa:2b:08:ac:e9:01:59:e7:4e:02:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a5b8a7386a70a0cd4f600be7581def894473a41
        Validity
            Not Before: Mar 25 16:01:08 2026 GMT
            Not After : Mar 26 16:01:08 2026 GMT
        Subject: CN=b0c53c126ec5c0a1e282ed0c1f73363740dc0a6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:af:6e:84:9a:39:aa:50:b7:e0:f1:73:5b:0f:
                    44:02:83:fc:5c:28:20:4b:1d:a4:ac:05:0b:a9:37:
                    80:9e:05:ee:eb:82:7c:c1:98:f4:87:99:59:89:a9:
                    9b:7e:9a:2d:18:ec:c8:55:55:4e:0b:ae:31:0e:3b:
                    1e:8c:9e:eb:63:fc:66:10:e3:5e:79:be:75:9c:b5:
                    2f:74:03:e4:90:fd:56:06:0a:36:17:c4:13:92:86:
                    0a:45:29:26:cf:be:82:44:9e:94:47:f0:38:96:20:
                    45:b2:e7:94:2d:7c:fc:bd:79:50:76:1d:66:43:02:
                    3e:99:3d:f3:a3:2f:4f:63:d5:52:0f:cb:99:2c:78:
                    56:75:5f:6b:53:2c:38:d5:51:9d:11:8f:eb:58:95:
                    83:2a:4b:50:82:f9:f8:2a:06:6b:0e:8c:f8:3a:5d:
                    94:96:68:b6:fc:b3:d5:69:36:0a:d6:98:d6:17:35:
                    47:d3:d7:d9:5c:ca:c5:b9:ba:e4:3c:48:45:dd:9b:
                    31:d2:5d:84:88:19:2b:38:70:0f:84:63:f7:04:1c:
                    b3:34:ee:76:f4:a6:36:2b:7e:ff:9d:56:3d:04:3a:
                    67:db:49:b8:33:6c:7c:67:99:59:fa:2b:41:75:43:
                    64:77:4c:1c:80:ba:48:ee:16:f3:9d:13:65:df:bb:
                    2f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:C5:3C:12:6E:C5:C0:A1:E2:82:ED:0C:1F:73:36:37:40:DC:0A:6D
            X509v3 Authority Key Identifier:
                keyid:6A:5B:8A:73:86:A7:0A:0C:D4:F6:00:BE:75:81:DE:F8:94:47:3A:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aluKc4anCgzU9gC-dYHe-JRHOkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/854c21-5e1a-451d-aea1-fca0741a586e/1/aluKc4anCgzU9gC-dYHe-JRHOkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:53:de:0a:da:bd:9e:4f:cc:6b:12:8d:34:54:9d:6d:f9:76:
         3f:db:ad:36:56:dd:40:b1:12:b0:0b:2a:2b:5c:76:65:a1:69:
         85:b7:90:f2:92:9f:c5:c4:d8:dc:69:c7:6b:e7:e0:4c:57:b7:
         2d:99:04:bf:06:8a:92:5a:e0:b0:1a:05:39:2e:a7:d4:85:32:
         37:73:bf:28:65:77:db:32:45:21:5a:67:16:d0:c0:04:8d:fb:
         8e:e9:42:1c:14:1b:74:ec:92:14:3a:1f:02:65:b5:c1:11:1e:
         6e:d2:9a:40:6d:5f:f5:0d:2a:aa:cf:ff:93:e6:5e:c5:b6:92:
         41:69:67:1f:00:6d:ca:ae:96:60:20:12:be:0b:82:0f:f1:6f:
         d6:f1:d5:54:ca:e7:10:b5:0a:49:b7:d3:6e:9b:b2:3b:92:14:
         52:90:4e:3f:b7:e5:45:a9:4e:b3:7a:fa:48:97:c2:7b:86:e0:
         17:13:7d:40:23:70:b8:df:5b:04:e7:a9:af:69:b9:13:c6:14:
         81:08:cf:e9:bf:40:30:0c:a9:d3:00:8f:6c:6e:2b:d4:85:b9:
         97:cc:cd:3a:05:38:7f:48:29:84:93:38:eb:ce:ec:99:5d:51:
         a0:75:e6:e5:3d:9d:b6:88:d7:68:20:96:c2:e5:dc:92:91:f3:
         28:21:51:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lum+76KorCKzpAVnnTgL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNWI4YTczODZhNzBhMGNkNGY2MDBiZTc1ODFkZWY4OTQ0
NzNhNDEwHhcNMjYwMzI1MTYwMTA4WhcNMjYwMzI2MTYwMTA4WjAzMTEwLwYDVQQD
EyhiMGM1M2MxMjZlYzVjMGExZTI4MmVkMGMxZjczMzYzNzQwZGMwYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4a9uhJo5qlC34PFzWw9EAoP8XCgg
Sx2krAULqTeAngXu64J8wZj0h5lZiambfpotGOzIVVVOC64xDjsejJ7rY/xmEONe
eb51nLUvdAPkkP1WBgo2F8QTkoYKRSkmz76CRJ6UR/A4liBFsueULXz8vXlQdh1m
QwI+mT3zoy9PY9VSD8uZLHhWdV9rUyw41VGdEY/rWJWDKktQgvn4KgZrDoz4Ol2U
lmi2/LPVaTYK1pjWFzVH09fZXMrFubrkPEhF3Zsx0l2EiBkrOHAPhGP3BByzNO52
9KY2K37/nVY9BDpn20m4M2x8Z5lZ+itBdUNkd0wcgLpI7hbznRNl37svLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLDFPBJuxcCh4oLtDB9zNjdA3AptMB8GA1UdIwQY
MBaAFGpbinOGpwoM1PYAvnWB3viURzpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWx1S2M0YW5DZ3pVOWdDLWRZSGUtSlJIT2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS84NTRjMjEtNWUxYS00NTFkLWFlYTEt
ZmNhMDc0MWE1ODZlLzEvYWx1S2M0YW5DZ3pVOWdDLWRZSGUtSlJIT2tFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS84NTRjMjEtNWUxYS00NTFkLWFlYTEtZmNhMDc0MWE1ODZl
LzEvYWx1S2M0YW5DZ3pVOWdDLWRZSGUtSlJIT2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiVPeCtq9
nk/MaxKNNFSdbfl2P9utNlbdQLESsAsqK1x2ZaFphbeQ8pKfxcTY3GnHa+fgTFe3
LZkEvwaKklrgsBoFOS6n1IUyN3O/KGV32zJFIVpnFtDABI37julCHBQbdOySFDof
AmW1wREebtKaQG1f9Q0qqs//k+ZexbaSQWlnHwBtyq6WYCASvguCD/Fv1vHVVMrn
ELUKSbfTbpuyO5IUUpBOP7flRalOs3r6SJfCe4bgFxN9QCNwuN9bBOepr2m5E8YU
gQjP6b9AMAyp0wCPbG4r1IW5l8zNOgU4f0gphJM4687smV1RoHXm5T2dtojXaCCW
wuXckpHzKCFRmA==
-----END CERTIFICATE-----