Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          /fuaGDIDnUBLTfZdU6fG9XiAdAvb0Edj2s/nq6LnDz4=
Subject key identifier:   9B:09:E8:0B:C7:CB:33:67:10:11:E3:4D:77:5B:F1:C5:1A:08:4F:DD
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       019D27E041AF2132DAD2609C01B64A907069
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          1883
Signing time:             Thu 26 Mar 2026 02:01:41 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:41 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:41 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: hYY3i1cc8iz3ZXbeF0p2ZAQJ517GU6GenzRsXMQ+pr8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:e0:41:af:21:32:da:d2:60:9c:01:b6:4a:90:70:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Mar 26 02:01:41 2026 GMT
            Not After : Mar 27 02:01:41 2026 GMT
        Subject: CN=9b09e80bc7cb33671011e34d775bf1c51a084fdd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:99:60:fc:be:66:5f:f0:ce:e1:6f:41:66:69:
                    a9:69:eb:ef:b9:37:ae:03:46:65:db:32:86:04:1d:
                    2b:05:64:14:b3:0e:f2:e8:ff:09:57:90:26:2e:88:
                    f7:ef:b7:e9:e9:cc:b0:63:14:88:77:6b:1a:6f:9b:
                    3d:6a:7c:0f:e4:fe:cf:68:e0:26:46:3f:a4:8a:60:
                    34:0e:46:18:04:a7:a2:a2:d6:5f:c9:29:e0:a8:a5:
                    d2:c1:d9:f2:2b:48:f5:b7:36:3e:3d:17:30:86:c8:
                    19:d3:67:db:ab:b0:38:ce:03:93:29:d6:36:e4:9d:
                    68:9e:17:b7:e9:d2:85:c9:ea:90:93:3a:9c:08:8c:
                    30:37:a5:62:28:f7:1f:38:4e:7a:5b:62:46:41:3e:
                    a5:d8:33:93:0d:56:47:91:35:da:07:e6:aa:b3:72:
                    41:dd:ce:55:b5:56:4a:f3:6c:a2:69:c1:2c:2e:9e:
                    09:c2:e6:17:b1:20:d7:a0:29:48:01:4c:07:b9:08:
                    bb:8f:d8:82:44:43:19:2c:0c:e6:0f:cc:4b:c8:ac:
                    31:26:33:f5:c1:de:af:d1:1e:f6:ab:3e:fc:ec:80:
                    ed:69:e5:35:80:80:21:82:89:a1:59:19:8e:9c:49:
                    7d:91:09:1c:c4:3b:08:cd:12:b7:89:d1:25:9d:ab:
                    03:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:09:E8:0B:C7:CB:33:67:10:11:E3:4D:77:5B:F1:C5:1A:08:4F:DD
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cb:21:30:10:58:36:d1:07:5c:81:d2:c0:cc:96:45:b7:7d:97:
         eb:32:b7:7c:50:56:02:de:dc:17:08:d9:2a:39:da:d7:8a:a9:
         4f:24:89:dc:ea:c9:b0:5c:9e:06:a0:ca:41:91:37:57:08:c8:
         53:3d:53:e4:54:37:69:09:9e:9b:2d:f9:a5:7b:c4:5e:d9:f3:
         58:52:c3:22:cb:80:f3:6b:04:cd:98:58:95:8e:10:de:58:af:
         e8:f4:ab:26:6b:6f:d8:99:51:ef:5b:5a:25:95:d2:0a:06:de:
         a5:b2:13:b8:ec:ea:c8:30:df:9d:dd:8b:6a:cf:7d:f2:2f:85:
         91:51:9b:32:f4:c4:b7:b7:44:37:86:d8:bf:57:51:40:78:65:
         81:7d:0a:39:fc:a6:9d:aa:b7:1d:1b:09:0e:c4:8d:2d:d3:a7:
         5a:81:25:5a:c5:26:54:4f:e0:35:69:33:6a:8f:e2:36:19:53:
         cd:4e:5f:f3:8a:4f:b0:18:77:10:1f:a6:43:2e:e1:d2:81:f2:
         67:e8:93:47:04:80:c1:0c:86:d8:71:a2:2a:98:de:14:59:52:
         07:be:8f:55:d9:7e:87:a4:d1:06:61:ad:5a:8d:c4:5d:8e:92:
         79:03:5c:82:a6:cf:fb:46:4d:bc:f8:7f:21:9f:6c:22:7d:6d:
         ed:e2:cf:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n4EGvITLa0mCcAbZKkHBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjYwMzI2MDIwMTQxWhcNMjYwMzI3MDIwMTQxWjAzMTEwLwYDVQQD
Eyg5YjA5ZTgwYmM3Y2IzMzY3MTAxMWUzNGQ3NzViZjFjNTFhMDg0ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZlg/L5mX/DO4W9BZmmpaevvuTeu
A0Zl2zKGBB0rBWQUsw7y6P8JV5AmLoj377fp6cywYxSId2sab5s9anwP5P7PaOAm
Rj+kimA0DkYYBKeiotZfySngqKXSwdnyK0j1tzY+PRcwhsgZ02fbq7A4zgOTKdY2
5J1onhe36dKFyeqQkzqcCIwwN6ViKPcfOE56W2JGQT6l2DOTDVZHkTXaB+aqs3JB
3c5VtVZK82yiacEsLp4JwuYXsSDXoClIAUwHuQi7j9iCREMZLAzmD8xLyKwxJjP1
wd6v0R72qz787IDtaeU1gIAhgomhWRmOnEl9kQkcxDsIzRK3idElnasDowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsJ6AvHyzNnEBHjTXdb8cUaCE/dMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyyEwEFg2
0QdcgdLAzJZFt32X6zK3fFBWAt7cFwjZKjna14qpTySJ3OrJsFyeBqDKQZE3VwjI
Uz1T5FQ3aQmemy35pXvEXtnzWFLDIsuA82sEzZhYlY4Q3liv6PSrJmtv2JlR71ta
JZXSCgbepbITuOzqyDDfnd2Las998i+FkVGbMvTEt7dEN4bYv1dRQHhlgX0KOfym
naq3HRsJDsSNLdOnWoElWsUmVE/gNWkzao/iNhlTzU5f84pPsBh3EB+mQy7h0oHy
Z+iTRwSAwQyG2HGiKpjeFFlSB76PVdl+h6TRBmGtWo3EXY6SeQNcgqbP+0ZNvPh/
IZ9sIn1t7eLPgA==
-----END CERTIFICATE-----