Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          Bp6tuJozTCJtJznovZQNp9zDco+qquesBA9SlgH+yvI=
Subject key identifier:   A3:06:43:99:F0:6B:F3:74:0F:9A:A3:32:77:D7:32:4E:48:CA:EA:40
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       019D25F1EACE5177914B7289A6E1886AFEE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          035A
Signing time:             Wed 25 Mar 2026 17:01:44 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:44 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:44 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: npZF7aihhkvfAzEg+dwAKGR2kW2FpkPRsCzADUPHDGo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:ea:ce:51:77:91:4b:72:89:a6:e1:88:6a:fe:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Mar 25 17:01:44 2026 GMT
            Not After : Mar 26 17:01:44 2026 GMT
        Subject: CN=a3064399f06bf3740f9aa33277d7324e48caea40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:b2:55:b0:5a:f4:f3:d3:e4:3f:81:04:a3:aa:
                    4d:96:c4:e0:b5:b6:2e:51:68:6b:52:95:7d:1e:90:
                    15:9e:c2:92:80:7f:50:04:c3:d3:fb:29:b4:b6:13:
                    9f:b7:d8:76:cb:65:86:62:41:cf:9d:7f:bb:6d:68:
                    88:10:fc:e4:cf:0e:5a:bb:b9:09:6b:3b:37:63:0b:
                    a2:1a:e3:a9:2c:d2:8b:bc:bb:4b:2c:26:ff:55:94:
                    79:d6:c0:bd:9d:92:de:bf:91:51:ea:b1:8d:4d:67:
                    10:8b:f4:70:b2:12:00:44:14:57:ec:e5:46:06:10:
                    4f:bb:49:c3:05:df:5d:21:2e:a5:b7:f5:d9:a7:a2:
                    21:c2:87:c4:50:13:43:c5:91:51:4f:9d:9f:c0:69:
                    c1:2a:2c:28:91:79:3d:10:3e:28:4c:26:4d:ed:74:
                    4c:32:66:88:d3:58:55:08:08:11:a0:bd:43:74:44:
                    ec:49:cf:bb:ad:92:e0:8f:cc:83:cf:7f:ba:f8:18:
                    5f:fd:1e:1f:21:21:ea:e3:13:a6:5e:e1:31:62:f6:
                    dd:1b:a3:cd:a0:1a:75:8a:24:6f:8a:de:ba:e7:1e:
                    e6:25:c6:a4:f6:35:5f:0d:73:c1:6a:ab:2d:5c:01:
                    b4:4e:2e:e5:e9:1d:b6:a2:da:31:69:30:0d:a2:f6:
                    41:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:06:43:99:F0:6B:F3:74:0F:9A:A3:32:77:D7:32:4E:48:CA:EA:40
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:2f:65:0d:bb:f1:a7:b2:52:b3:dc:5b:42:10:a2:62:c9:d5:
         6a:3d:40:d7:d4:fe:51:e2:b9:cc:de:08:f7:4d:97:6b:0c:c3:
         75:61:36:e0:fd:4a:d4:62:9e:2a:12:b1:8d:a5:0b:1a:81:eb:
         63:47:28:a6:bf:9f:f5:7b:f2:ed:60:0f:9f:b5:dd:d7:c0:11:
         ee:96:0a:51:06:84:71:8a:56:2a:33:0e:fc:65:39:6c:5d:8f:
         9a:b5:ac:46:f9:d3:7e:73:96:ec:c3:4f:d2:f3:61:e2:af:16:
         1f:a3:07:07:a3:26:33:65:d8:0c:c5:35:7f:c9:3d:ae:6f:47:
         6e:8c:8f:c0:5d:b2:bc:5b:34:1c:70:e4:d5:b3:1c:d6:d7:a0:
         f2:36:08:67:d5:cc:a3:e5:9d:21:61:df:f2:c4:b4:0a:ca:ec:
         aa:e9:98:cf:f4:ee:bd:0e:86:87:33:26:7c:8c:e3:6b:f1:b2:
         3a:62:e3:39:7e:03:83:c1:53:01:68:54:85:08:66:00:b8:e1:
         e9:3d:b8:46:1b:20:ec:67:2f:03:68:46:f6:55:d0:f0:33:a0:
         66:86:57:6c:24:4f:ac:83:90:ab:06:c4:62:f3:8b:7a:a6:42:
         85:06:32:ef:af:c8:b8:64:f5:f6:e5:50:7e:89:f8:97:d7:c2:
         ed:79:ba:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8erOUXeRS3KJpuGIav7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjYwMzI1MTcwMTQ0WhcNMjYwMzI2MTcwMTQ0WjAzMTEwLwYDVQQD
EyhhMzA2NDM5OWYwNmJmMzc0MGY5YWEzMzI3N2Q3MzI0ZTQ4Y2FlYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorJVsFr089PkP4EEo6pNlsTgtbYu
UWhrUpV9HpAVnsKSgH9QBMPT+ym0thOft9h2y2WGYkHPnX+7bWiIEPzkzw5au7kJ
azs3YwuiGuOpLNKLvLtLLCb/VZR51sC9nZLev5FR6rGNTWcQi/RwshIARBRX7OVG
BhBPu0nDBd9dIS6lt/XZp6IhwofEUBNDxZFRT52fwGnBKiwokXk9ED4oTCZN7XRM
MmaI01hVCAgRoL1DdETsSc+7rZLgj8yDz3+6+Bhf/R4fISHq4xOmXuExYvbdG6PN
oBp1iiRvit665x7mJcak9jVfDXPBaqstXAG0Ti7l6R22otoxaTANovZBewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMGQ5nwa/N0D5qjMnfXMk5IyupAMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANy9lDbvx
p7JSs9xbQhCiYsnVaj1A19T+UeK5zN4I902XawzDdWE24P1K1GKeKhKxjaULGoHr
Y0copr+f9Xvy7WAPn7Xd18AR7pYKUQaEcYpWKjMO/GU5bF2PmrWsRvnTfnOW7MNP
0vNh4q8WH6MHB6MmM2XYDMU1f8k9rm9HboyPwF2yvFs0HHDk1bMc1teg8jYIZ9XM
o+WdIWHf8sS0CsrsqumYz/TuvQ6GhzMmfIzja/GyOmLjOX4Dg8FTAWhUhQhmALjh
6T24Rhsg7GcvA2hG9lXQ8DOgZoZXbCRPrIOQqwbEYvOLeqZChQYy76/IuGT19uVQ
fon4l9fC7Xm6YQ==
-----END CERTIFICATE-----