Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
File:                     1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft (raw, json)
Hash identifier:          tdQJsl/n8oaYdFwnQD6Xbm4V2QliG+j9YROCcB/FEUs=
Subject key identifier:   42:95:F6:78:55:C6:F6:C5:3E:00:2E:42:86:B1:71:7C:CF:BE:F5:86
Authority key identifier: D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5
Certificate issuer:       /CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
Certificate serial:       019D25F113853BA7C90DB11AE528F59C62E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
Manifest number:          059D
Signing time:             Wed 25 Mar 2026 17:00:49 +0000
Manifest this update:     Wed 25 Mar 2026 17:00:49 +0000
Manifest next update:     Thu 26 Mar 2026 17:00:49 +0000
Files and hashes:         1: 1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl (hash: OC7WCvCdoFMGBldTYc3nS7MLzkvW8QpoC8ELfc0qPkU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:13:85:3b:a7:c9:0d:b1:1a:e5:28:f5:9c:62:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5f623da4cd2eeddc2c87c515c62518c431d3fb5
        Validity
            Not Before: Mar 25 17:00:49 2026 GMT
            Not After : Mar 26 17:00:49 2026 GMT
        Subject: CN=4295f67855c6f6c53e002e4286b1717ccfbef586
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b9:e7:20:97:ae:52:28:15:2f:f7:0b:92:d9:
                    c2:72:ba:3f:45:28:a3:34:d0:48:63:56:23:6f:c6:
                    3c:df:31:89:73:dc:3c:a6:83:b6:56:a3:95:9d:9f:
                    2f:47:ee:b6:6f:24:22:42:92:4c:64:0f:03:87:4d:
                    2b:64:71:0e:ba:36:23:54:87:94:97:cd:45:07:54:
                    08:93:f5:48:08:3e:3d:1e:06:94:3a:4d:d5:87:17:
                    ff:9e:ce:1e:b2:69:07:51:4f:92:20:28:91:1d:8c:
                    b3:78:2b:a7:f8:b8:95:14:e4:e2:89:db:50:9a:f7:
                    9a:60:58:5b:95:23:22:f5:d4:ea:5b:20:5b:e3:b6:
                    8d:c6:05:05:fa:07:38:cf:f8:77:f1:53:13:1e:12:
                    fb:f6:4a:bd:68:24:c3:7d:00:b4:7b:ca:80:e8:17:
                    85:6e:ec:03:bc:55:71:b6:17:49:d7:37:1d:b7:84:
                    7e:a9:97:fd:81:63:df:64:09:29:13:15:fe:9a:e5:
                    2a:af:54:5b:3f:92:38:5e:11:36:fe:97:6e:39:78:
                    c6:6b:56:15:53:18:80:74:43:ba:0d:81:a1:23:58:
                    d8:d8:4e:76:8d:01:73:e7:e2:e0:23:05:ec:51:31:
                    ed:f1:df:1f:06:c9:1d:7e:fd:ec:09:2a:f5:e1:25:
                    ad:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:95:F6:78:55:C6:F6:C5:3E:00:2E:42:86:B1:71:7C:CF:BE:F5:86
            X509v3 Authority Key Identifier:
                keyid:D5:F6:23:DA:4C:D2:EE:DD:C2:C8:7C:51:5C:62:51:8C:43:1D:3F:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fYj2kzS7t3CyHxRXGJRjEMdP7U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/313c11-df87-4d77-8739-04f1dcec320e/1/1fYj2kzS7t3CyHxRXGJRjEMdP7U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:32:2e:b7:fa:61:a4:73:6c:87:32:6a:d5:c7:30:b7:40:87:
         5e:c0:51:f6:88:22:04:a3:02:d3:dd:7b:a6:09:51:6a:33:34:
         c8:ae:fa:0e:2e:22:a7:76:29:f2:ec:ec:2d:91:54:77:63:9b:
         1e:14:66:e3:a1:f9:f3:7d:86:cb:fa:5b:3c:f5:76:b3:99:30:
         30:81:a1:76:50:23:4c:a8:c7:f5:b8:63:22:23:ca:79:4d:cb:
         85:a7:b0:4b:f7:ef:d6:f1:b2:dd:48:02:28:f4:d9:47:fb:8d:
         1a:76:c3:a9:ee:53:3c:8d:d3:17:f6:38:90:02:3e:fa:6a:c4:
         f4:0b:5e:78:9d:7b:45:b2:87:04:a7:81:76:10:2b:63:23:03:
         c9:eb:73:48:ee:3b:24:63:d5:4d:b2:45:1a:ae:8a:24:d8:2d:
         bb:1b:e3:71:4c:57:51:37:68:0e:5f:7f:38:64:34:63:54:b8:
         0d:1a:47:22:9d:5d:8f:05:fd:f1:0c:47:0f:57:af:44:cf:c3:
         0a:37:44:62:56:ea:80:18:9e:30:b6:e9:d9:7f:ae:6f:d4:b1:
         50:25:36:73:c5:e5:dd:af:17:d3:bf:4b:3a:e4:61:f2:4f:10:
         1a:56:45:f2:b6:65:21:b2:79:17:94:ee:bd:b8:08:4d:38:79:
         6a:3a:76:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8ROFO6fJDbEa5Sj1nGLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjYyM2RhNGNkMmVlZGRjMmM4N2M1MTVjNjI1MThjNDMx
ZDNmYjUwHhcNMjYwMzI1MTcwMDQ5WhcNMjYwMzI2MTcwMDQ5WjAzMTEwLwYDVQQD
Eyg0Mjk1ZjY3ODU1YzZmNmM1M2UwMDJlNDI4NmIxNzE3Y2NmYmVmNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrnnIJeuUigVL/cLktnCcro/RSij
NNBIY1Yjb8Y83zGJc9w8poO2VqOVnZ8vR+62byQiQpJMZA8Dh00rZHEOujYjVIeU
l81FB1QIk/VICD49HgaUOk3Vhxf/ns4esmkHUU+SICiRHYyzeCun+LiVFOTiidtQ
mveaYFhblSMi9dTqWyBb47aNxgUF+gc4z/h38VMTHhL79kq9aCTDfQC0e8qA6BeF
buwDvFVxthdJ1zcdt4R+qZf9gWPfZAkpExX+muUqr1RbP5I4XhE2/pduOXjGa1YV
UxiAdEO6DYGhI1jY2E52jQFz5+LgIwXsUTHt8d8fBskdfv3sCSr14SWtsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKV9nhVxvbFPgAuQoaxcXzPvvWGMB8GA1UdIwQY
MBaAFNX2I9pM0u7dwsh8UVxiUYxDHT+1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3Mzkt
MDRmMWRjZWMzMjBlLzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zMTNjMTEtZGY4Ny00ZDc3LTg3MzktMDRmMWRjZWMzMjBl
LzEvMWZZajJrelM3dDNDeUh4UlhHSlJqRU1kUDdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmDIut/ph
pHNshzJq1ccwt0CHXsBR9ogiBKMC0917pglRajM0yK76Di4ip3Yp8uzsLZFUd2Ob
HhRm46H5832Gy/pbPPV2s5kwMIGhdlAjTKjH9bhjIiPKeU3LhaewS/fv1vGy3UgC
KPTZR/uNGnbDqe5TPI3TF/Y4kAI++mrE9AteeJ17RbKHBKeBdhArYyMDyetzSO47
JGPVTbJFGq6KJNgtuxvjcUxXUTdoDl9/OGQ0Y1S4DRpHIp1djwX98QxHD1evRM/D
CjdEYlbqgBieMLbp2X+ub9SxUCU2c8Xl3a8X079LOuRh8k8QGlZF8rZlIbJ5F5Tu
vbgITTh5ajp2Rw==
-----END CERTIFICATE-----