Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          n3WmqO3WZy919HAUcce2pVi/LDPsD4U9y8c7ocF2Lhc=
Subject key identifier:   9D:40:36:8F:9B:DE:4D:98:64:BD:7C:49:82:44:D0:E0:D8:2E:9F:CD
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       019D2928FC251C2D1C93DC96587D837125BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          0664
Signing time:             Thu 26 Mar 2026 08:00:44 +0000
Manifest this update:     Thu 26 Mar 2026 08:00:44 +0000
Manifest next update:     Fri 27 Mar 2026 08:00:44 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: 6JpY0iLmGPX1khPr31tKpfyLiwPaOcNwIpzszbiLTx4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 08:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:28:fc:25:1c:2d:1c:93:dc:96:58:7d:83:71:25:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Mar 26 08:00:44 2026 GMT
            Not After : Mar 27 08:00:44 2026 GMT
        Subject: CN=9d40368f9bde4d9864bd7c498244d0e0d82e9fcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6e:8b:32:bf:06:9b:d4:e3:bc:31:f0:be:74:
                    c4:e2:04:8a:3d:94:5f:18:85:fd:6f:b2:71:d2:82:
                    0f:33:53:1d:3a:fd:f4:15:c5:24:cc:ac:2f:32:18:
                    6c:2d:47:62:31:67:20:a2:18:9c:9f:b8:de:f2:58:
                    cd:36:34:51:96:7a:21:27:bd:6b:b6:ca:0e:19:4a:
                    48:00:7a:84:6f:0a:c4:19:4e:2a:29:d8:2f:38:42:
                    6a:5c:b4:b8:c6:7a:71:86:57:b7:b9:3c:45:97:5e:
                    82:3a:84:71:f4:bc:90:a9:a6:cb:77:c9:6c:26:f1:
                    31:e0:dc:7b:50:de:2a:5a:28:d8:fb:69:21:e4:99:
                    69:f0:1c:1a:ef:8c:b4:29:6b:c3:c9:8d:c7:d4:77:
                    18:fe:4c:6e:fb:2a:17:5e:5c:cd:30:7f:34:79:06:
                    d2:8f:fc:04:a9:d2:08:1a:64:3b:30:e6:d1:c6:b7:
                    0e:a2:b6:00:ad:c0:ac:5e:51:5e:46:0f:3d:44:4d:
                    1a:a6:b2:24:68:29:a3:af:16:54:83:90:79:22:a6:
                    46:af:62:4f:8e:46:91:f3:d2:15:bd:0c:2e:30:5f:
                    50:6e:e8:fd:3f:45:68:a2:4e:2c:19:c0:e7:19:1c:
                    df:08:c9:9d:e9:94:74:d7:b9:76:76:67:8d:1f:4b:
                    5c:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:40:36:8F:9B:DE:4D:98:64:BD:7C:49:82:44:D0:E0:D8:2E:9F:CD
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:b7:aa:ff:51:7f:57:c7:66:4e:35:f0:ef:1f:88:e6:3d:6a:
         9f:1e:06:58:dd:a9:51:52:bf:1a:ab:5b:69:1e:da:60:11:9d:
         da:14:a7:ca:9c:78:41:41:7a:b9:e2:a6:aa:ba:ca:1e:8d:7a:
         1d:b8:66:95:ed:59:85:34:db:24:44:85:b6:e8:17:bb:46:37:
         e2:d8:fc:ac:c0:71:d0:f6:41:bd:a4:51:78:b5:ee:af:72:99:
         c9:db:89:da:fe:51:32:dc:8a:6d:8c:7e:73:1b:b4:96:fb:3d:
         d2:3f:c3:2f:93:a4:7a:d4:01:f6:ad:6c:83:55:bf:f7:86:64:
         46:79:3a:72:00:1a:cf:45:61:79:5e:bf:31:aa:d2:4a:04:6e:
         fb:d6:90:92:0b:15:62:f3:91:59:e2:41:28:b5:75:3e:a4:45:
         40:77:c7:91:d9:cb:01:7d:41:1c:81:57:d2:d9:27:77:9c:9b:
         9d:c4:80:82:f5:2f:ac:cf:b4:c1:90:21:78:57:00:b1:e9:5b:
         0c:30:17:7f:b2:bc:70:0b:8c:dd:d3:32:6a:d6:86:3d:c4:11:
         77:fe:97:db:e7:3c:02:32:1a:1f:05:88:d0:75:07:6b:91:f1:
         8d:4a:65:b7:59:a7:6b:88:e2:1e:f2:43:6f:36:13:3b:46:6d:
         86:aa:09:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKPwlHC0ck9yWWH2DcSW/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjYwMzI2MDgwMDQ0WhcNMjYwMzI3MDgwMDQ0WjAzMTEwLwYDVQQD
Eyg5ZDQwMzY4ZjliZGU0ZDk4NjRiZDdjNDk4MjQ0ZDBlMGQ4MmU5ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw26LMr8Gm9TjvDHwvnTE4gSKPZRf
GIX9b7Jx0oIPM1MdOv30FcUkzKwvMhhsLUdiMWcgohicn7je8ljNNjRRlnohJ71r
tsoOGUpIAHqEbwrEGU4qKdgvOEJqXLS4xnpxhle3uTxFl16COoRx9LyQqabLd8ls
JvEx4Nx7UN4qWijY+2kh5Jlp8Bwa74y0KWvDyY3H1HcY/kxu+yoXXlzNMH80eQbS
j/wEqdIIGmQ7MObRxrcOorYArcCsXlFeRg89RE0aprIkaCmjrxZUg5B5IqZGr2JP
jkaR89IVvQwuMF9Qbuj9P0Vook4sGcDnGRzfCMmd6ZR017l2dmeNH0tcAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1ANo+b3k2YZL18SYJE0ODYLp/NMB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB7eq/1F/
V8dmTjXw7x+I5j1qnx4GWN2pUVK/GqtbaR7aYBGd2hSnypx4QUF6ueKmqrrKHo16
Hbhmle1ZhTTbJESFtugXu0Y34tj8rMBx0PZBvaRReLXur3KZyduJ2v5RMtyKbYx+
cxu0lvs90j/DL5OketQB9q1sg1W/94ZkRnk6cgAaz0VheV6/MarSSgRu+9aQkgsV
YvORWeJBKLV1PqRFQHfHkdnLAX1BHIFX0tknd5ybncSAgvUvrM+0wZAheFcAselb
DDAXf7K8cAuM3dMyataGPcQRd/6X2+c8AjIaHwWI0HUHa5HxjUplt1mna4jiHvJD
bzYTO0ZthqoJkg==
-----END CERTIFICATE-----