Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
File:                     dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft (raw, json)
Hash identifier:          DVkG4m3VSH2/JsT3MJXY2iIIYvKkKxhsCPtDdHFiEMo=
Subject key identifier:   A9:55:40:AC:4E:3F:2B:51:EF:B9:27:46:2B:5E:8E:F9:67:7E:38:35
Authority key identifier: 74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6
Certificate issuer:       /CN=74230d142eec7f6a99b0db4096f93a0420483fe6
Certificate serial:       019D2703E0FD12D1FF38F35B5A88E06FBC9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
Manifest number:          0A7B
Signing time:             Wed 25 Mar 2026 22:00:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:58 +0000
Files and hashes:         1: dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl (hash: I6TLVX4YrY4A6i9JRfABdqfGxt9VZOgnCyJalJVPYVk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:e0:fd:12:d1:ff:38:f3:5b:5a:88:e0:6f:bc:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74230d142eec7f6a99b0db4096f93a0420483fe6
        Validity
            Not Before: Mar 25 22:00:58 2026 GMT
            Not After : Mar 26 22:00:58 2026 GMT
        Subject: CN=a95540ac4e3f2b51efb927462b5e8ef9677e3835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9c:4d:0d:20:e2:91:f3:17:f5:ff:f5:93:56:
                    4d:53:b2:c0:1a:75:cc:98:c3:e6:74:77:0f:dc:23:
                    eb:9f:81:be:ab:2f:89:97:de:a2:b1:cb:db:d2:d7:
                    a9:2f:26:00:d8:18:6b:81:12:3a:f1:59:e3:56:88:
                    b7:ac:7f:bf:9e:51:1c:06:80:95:0e:b4:a8:d6:0f:
                    d3:8a:80:8c:ab:91:8a:05:5a:2b:3c:6e:1e:62:6b:
                    dc:7d:6c:4a:76:8d:98:f0:10:cf:ee:d6:23:61:b9:
                    7e:b7:3b:72:2f:1f:3e:57:66:57:75:bd:a8:a1:b7:
                    b3:86:5e:36:17:98:64:e6:21:f0:95:6b:e3:92:a3:
                    9f:60:c2:04:88:a0:dc:c3:b4:b3:c2:42:71:c3:e9:
                    60:29:40:1c:6b:3c:e8:d4:08:76:12:a3:c2:61:de:
                    6c:e1:ce:48:f2:25:f9:83:4c:ea:8d:50:43:bd:8e:
                    4d:e1:1c:9e:92:5d:d5:ca:29:2c:bc:2f:34:f4:01:
                    cc:51:d1:72:44:52:4d:44:c7:18:1d:0b:50:9a:28:
                    20:f2:29:5e:06:50:55:39:97:5c:02:5c:f3:08:df:
                    73:c5:fa:3f:33:de:d4:95:5a:a3:a9:21:4f:7c:7a:
                    d4:2a:5c:8b:4a:1d:db:a0:76:a5:ea:8f:bd:56:1b:
                    da:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:55:40:AC:4E:3F:2B:51:EF:B9:27:46:2B:5E:8E:F9:67:7E:38:35
            X509v3 Authority Key Identifier:
                keyid:74:23:0D:14:2E:EC:7F:6A:99:B0:DB:40:96:F9:3A:04:20:48:3F:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/697564-0025-4f92-8dfd-ce1c03400d4d/1/dCMNFC7sf2qZsNtAlvk6BCBIP-Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:cd:1b:02:57:c8:4e:66:e6:4b:5b:9d:69:53:3b:e6:36:a4:
         b8:af:b5:85:86:cd:08:e1:08:86:73:f7:05:75:bb:a1:00:02:
         9f:05:c0:43:8a:44:b5:f3:80:30:d1:03:fe:64:fc:6f:b6:b9:
         5b:46:e8:d0:dc:10:65:e1:b4:da:3e:61:22:5c:9d:4e:d6:a5:
         4e:cc:aa:22:ce:ba:3e:ed:7a:ec:f7:57:fc:a7:38:8c:f9:10:
         74:21:8f:4c:ad:9e:8a:da:9a:15:cb:76:60:30:d3:81:34:af:
         2e:59:69:6a:ee:b2:30:5e:bb:8c:bd:32:b0:04:81:c9:94:a6:
         97:ae:81:93:10:7f:7b:1b:83:c1:64:81:e2:a6:37:80:62:26:
         0c:ba:fb:a4:8f:68:66:64:43:6e:a6:78:83:89:f3:99:18:67:
         e5:3f:67:e2:ca:29:8d:dc:34:23:df:05:67:c5:ed:3d:e1:a2:
         3a:46:6b:96:53:51:19:a8:c8:3c:ff:79:7f:41:9f:75:61:c4:
         59:17:4b:48:44:1a:72:80:fc:67:a9:15:c0:1b:88:42:32:45:
         cf:c0:5f:04:13:51:e0:1a:46:0e:0e:81:79:8f:b4:9b:69:1a:
         e9:bf:27:d2:92:56:21:b5:81:92:81:29:4b:45:57:34:5b:05:
         2e:75:cf:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA+D9EtH/OPNbWojgb7ycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjMwZDE0MmVlYzdmNmE5OWIwZGI0MDk2ZjkzYTA0MjA0
ODNmZTYwHhcNMjYwMzI1MjIwMDU4WhcNMjYwMzI2MjIwMDU4WjAzMTEwLwYDVQQD
EyhhOTU1NDBhYzRlM2YyYjUxZWZiOTI3NDYyYjVlOGVmOTY3N2UzODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pxNDSDikfMX9f/1k1ZNU7LAGnXM
mMPmdHcP3CPrn4G+qy+Jl96iscvb0tepLyYA2BhrgRI68VnjVoi3rH+/nlEcBoCV
DrSo1g/TioCMq5GKBVorPG4eYmvcfWxKdo2Y8BDP7tYjYbl+tztyLx8+V2ZXdb2o
obezhl42F5hk5iHwlWvjkqOfYMIEiKDcw7SzwkJxw+lgKUAcazzo1Ah2EqPCYd5s
4c5I8iX5g0zqjVBDvY5N4Ryekl3VyiksvC809AHMUdFyRFJNRMcYHQtQmigg8ile
BlBVOZdcAlzzCN9zxfo/M97UlVqjqSFPfHrUKlyLSh3boHal6o+9VhvaYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlVQKxOPytR77knRitejvlnfjg1MB8GA1UdIwQY
MBaAFHQjDRQu7H9qmbDbQJb5OgQgSD/mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQt
Y2UxYzAzNDAwZDRkLzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82OTc1NjQtMDAyNS00ZjkyLThkZmQtY2UxYzAzNDAwZDRk
LzEvZENNTkZDN3NmMnFac050QWx2azZCQ0JJUC1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAms0bAlfI
TmbmS1udaVM75jakuK+1hYbNCOEIhnP3BXW7oQACnwXAQ4pEtfOAMNED/mT8b7a5
W0bo0NwQZeG02j5hIlydTtalTsyqIs66Pu167PdX/Kc4jPkQdCGPTK2eitqaFct2
YDDTgTSvLllpau6yMF67jL0ysASByZSml66BkxB/exuDwWSB4qY3gGImDLr7pI9o
ZmRDbqZ4g4nzmRhn5T9n4sopjdw0I98FZ8XtPeGiOkZrllNRGajIPP95f0GfdWHE
WRdLSEQacoD8Z6kVwBuIQjJFz8BfBBNR4BpGDg6BeY+0m2ka6b8n0pJWIbWBkoEp
S0VXNFsFLnXPQA==
-----END CERTIFICATE-----