Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          ehEyp0EdsY8tny9B+NYsgsez4JFxBZj73mf7EnOl70o=
Subject key identifier:   79:0A:C3:D3:AB:92:52:1E:C0:36:2C:F2:5E:94:D5:7D:E1:38:C7:CF
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       019D2704A02DD22A24BEF22988FFF981DBEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          0DD0
Signing time:             Wed 25 Mar 2026 22:01:47 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:47 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:47 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: gowye/JJbl7hooO9+ARvinvvTfl/1U4UCVmOXGSpBPg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:a0:2d:d2:2a:24:be:f2:29:88:ff:f9:81:db:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: Mar 25 22:01:47 2026 GMT
            Not After : Mar 26 22:01:47 2026 GMT
        Subject: CN=790ac3d3ab92521ec0362cf25e94d57de138c7cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:14:c7:c7:c7:e5:8d:9e:f5:9e:4f:de:25:0e:
                    36:e9:7d:7b:44:90:10:e5:6b:80:22:0b:3f:88:6c:
                    5a:4c:be:11:29:af:77:03:11:69:65:f6:75:42:81:
                    9a:b7:0e:f5:1f:55:87:e5:09:42:96:e2:d5:2f:e2:
                    d6:2d:36:96:c3:b5:ad:b4:7f:88:c9:60:8c:cc:37:
                    38:32:ed:67:b2:b7:b6:62:62:1b:1e:8b:3a:28:50:
                    41:30:67:d2:f5:7a:c4:4b:13:ce:b3:74:91:1b:0d:
                    06:30:c0:42:03:41:ed:b4:b8:bc:f0:84:7e:23:ad:
                    0d:95:dc:43:f3:7d:e6:02:f6:d5:7b:ae:67:5d:12:
                    d7:b8:c3:67:48:e6:87:ca:33:c8:a8:ad:fb:ae:19:
                    67:c4:c4:05:db:e9:49:be:0c:a8:1f:9a:4c:c5:21:
                    b1:59:1a:4d:52:59:9b:7d:32:3f:a4:4d:54:6f:77:
                    1d:7f:2f:f4:30:f8:3f:f1:a5:33:42:12:3b:8d:4d:
                    8a:51:f8:5c:0c:4c:f4:6f:1f:f7:c4:1d:b5:79:8c:
                    0d:93:3e:56:6f:fd:52:d5:0e:d0:d3:20:b7:d2:6b:
                    52:33:0d:7b:93:a3:da:ea:90:f3:90:50:2c:90:7d:
                    b0:47:e0:ab:de:65:30:e2:88:9b:68:44:09:1f:44:
                    16:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0A:C3:D3:AB:92:52:1E:C0:36:2C:F2:5E:94:D5:7D:E1:38:C7:CF
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:4e:dc:be:c1:50:13:1f:0a:75:ef:19:3d:1d:d9:18:a7:dc:
         42:71:bb:20:3e:f6:4f:8f:f4:d1:de:f3:9f:95:f9:0b:0f:66:
         d3:19:40:3e:15:ab:c9:95:e3:e8:37:da:c8:13:5e:35:58:12:
         2c:67:e3:47:9f:78:36:09:8a:8e:74:3c:f6:26:cb:f7:06:e7:
         3f:75:98:06:cc:82:d2:6a:f8:e1:d0:96:55:8d:43:35:1e:21:
         f9:e1:bc:47:a4:3a:3b:a0:5f:69:62:4c:a3:03:4f:07:55:d5:
         8b:1f:f4:63:86:9f:95:90:82:77:5c:ee:7b:c8:02:5d:58:e3:
         ac:80:bd:6b:a8:27:8a:26:a5:cb:51:fe:79:6e:68:b7:74:9a:
         b2:58:c5:a7:d5:06:8e:90:d7:1f:94:0f:12:66:50:d2:e5:e3:
         75:3b:00:1c:87:38:22:31:4b:b4:2c:fb:be:ac:43:d9:b1:89:
         4d:1b:49:a9:d6:2d:01:10:51:00:48:40:50:e2:0e:24:09:e0:
         09:69:05:43:bc:de:a9:5e:6b:96:31:df:09:82:51:13:49:9a:
         c5:7b:4d:66:0e:8d:33:89:bc:39:8a:15:fd:a2:ad:7e:04:5b:
         65:29:11:f4:18:7d:a5:56:d0:66:5f:a7:d8:7a:e9:7e:0c:fd:
         01:7a:2e:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBKAt0iokvvIpiP/5gdvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjYwMzI1MjIwMTQ3WhcNMjYwMzI2MjIwMTQ3WjAzMTEwLwYDVQQD
Eyg3OTBhYzNkM2FiOTI1MjFlYzAzNjJjZjI1ZTk0ZDU3ZGUxMzhjN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhTHx8fljZ71nk/eJQ426X17RJAQ
5WuAIgs/iGxaTL4RKa93AxFpZfZ1QoGatw71H1WH5QlCluLVL+LWLTaWw7WttH+I
yWCMzDc4Mu1nsre2YmIbHos6KFBBMGfS9XrESxPOs3SRGw0GMMBCA0HttLi88IR+
I60NldxD833mAvbVe65nXRLXuMNnSOaHyjPIqK37rhlnxMQF2+lJvgyoH5pMxSGx
WRpNUlmbfTI/pE1Ub3cdfy/0MPg/8aUzQhI7jU2KUfhcDEz0bx/3xB21eYwNkz5W
b/1S1Q7Q0yC30mtSMw17k6Pa6pDzkFAskH2wR+Cr3mUw4oibaEQJH0QWGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkKw9OrklIewDYs8l6U1X3hOMfPMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOU7cvsFQ
Ex8Kde8ZPR3ZGKfcQnG7ID72T4/00d7zn5X5Cw9m0xlAPhWryZXj6DfayBNeNVgS
LGfjR594NgmKjnQ89ibL9wbnP3WYBsyC0mr44dCWVY1DNR4h+eG8R6Q6O6BfaWJM
owNPB1XVix/0Y4aflZCCd1zue8gCXVjjrIC9a6gniialy1H+eW5ot3SasljFp9UG
jpDXH5QPEmZQ0uXjdTsAHIc4IjFLtCz7vqxD2bGJTRtJqdYtARBRAEhAUOIOJAng
CWkFQ7zeqV5rljHfCYJRE0maxXtNZg6NM4m8OYoV/aKtfgRbZSkR9Bh9pVbQZl+n
2Hrpfgz9AXou1g==
-----END CERTIFICATE-----