Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          QX49EawPwZ4NXnS3g/OY5ky18404kXHPHRDEXuSvvyU=
Subject key identifier:   88:40:B8:59:9A:56:F6:19:F8:72:87:B6:23:4F:D4:92:01:88:07:53
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       019D2772DA2EFBC7D90842FCDDD21379CF85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0D60
Signing time:             Thu 26 Mar 2026 00:02:11 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:11 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:11 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: PMgzU/HHl8FpI5lNQmmLT8mZm1CpH9J3G1GCUpr8pvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:da:2e:fb:c7:d9:08:42:fc:dd:d2:13:79:cf:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Mar 26 00:02:11 2026 GMT
            Not After : Mar 27 00:02:11 2026 GMT
        Subject: CN=8840b8599a56f619f87287b6234fd49201880753
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:af:83:b0:7d:5d:96:4d:92:d2:b3:64:c7:bb:
                    54:9a:6f:90:d4:d0:70:b5:4b:f2:ea:90:02:7b:06:
                    dd:a6:a0:2f:c5:49:29:0c:a6:ea:1a:93:e6:67:d8:
                    0a:b4:6e:d1:ae:eb:77:a5:eb:ac:67:f8:29:08:66:
                    78:d5:ac:7e:fa:6c:ed:c3:f7:b3:73:39:99:d4:8b:
                    65:18:19:e8:51:db:1e:5b:90:2b:76:29:dd:c3:17:
                    9d:7d:26:48:2a:93:c7:e6:4b:8c:86:28:8d:04:8b:
                    9b:e2:45:02:ad:c2:7e:0f:f8:d0:b5:04:e2:5b:1a:
                    3b:8d:a6:78:47:80:9d:d9:25:99:e0:fc:a0:d0:04:
                    80:e2:e3:b9:9e:ea:dd:b0:e7:13:57:75:d4:42:bf:
                    ed:bf:3b:24:fd:ac:2c:cc:ff:70:10:f6:61:99:3e:
                    6c:14:cc:d0:6d:14:7a:ac:74:50:94:52:de:96:bc:
                    38:1a:d0:83:38:bd:86:7a:2f:aa:37:8c:a4:f2:b1:
                    b8:a8:9e:3d:10:4a:e6:3d:70:0c:cb:61:a1:ec:62:
                    16:28:39:63:75:90:86:66:bf:90:b7:d6:79:e1:8a:
                    06:c9:8e:83:3b:9e:28:ba:88:26:be:ab:b8:f2:87:
                    9b:06:ef:e7:21:5b:41:17:a5:6f:9c:a2:40:97:52:
                    8b:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:40:B8:59:9A:56:F6:19:F8:72:87:B6:23:4F:D4:92:01:88:07:53
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:d5:04:53:18:c6:e2:68:ef:09:96:e1:06:ba:6d:5d:04:a1:
         6c:c7:00:ac:04:df:10:71:2e:5d:32:f7:8f:b1:d8:cc:99:fa:
         e8:23:c2:b4:bb:9c:cc:e2:60:a1:7d:26:3e:77:a8:9b:f7:d7:
         9b:ae:ca:56:e1:7b:23:ec:dc:19:f6:6f:ef:2f:71:05:ec:d4:
         69:6d:bf:e8:b0:f6:86:52:94:24:c1:ed:8b:ca:d0:7a:16:60:
         5f:57:1f:db:32:3f:a8:5f:ee:37:ec:7b:f0:65:b6:12:6d:2d:
         ac:aa:3e:84:0a:53:b7:3f:78:ff:dd:77:9d:1c:d6:68:0a:73:
         b7:81:3f:6b:43:25:63:08:67:c5:bb:e2:59:51:cf:6b:5f:78:
         73:2e:90:e9:71:e7:3b:b9:f9:5f:bd:c2:f0:9d:97:a7:1c:2a:
         87:6a:e1:46:74:a0:22:51:f5:4e:0d:a8:0d:fc:a3:99:78:b8:
         9b:b8:a4:0f:be:92:bb:04:4d:7d:9a:c8:24:b9:0c:6b:70:26:
         dd:cc:a7:dc:d1:c9:50:4e:ae:e3:c3:56:d2:0b:05:ca:94:dc:
         7c:06:17:d2:5c:b0:15:fe:f6:10:25:ff:2a:61:7a:97:ee:86:
         ac:0e:17:95:80:a2:13:d3:7d:fc:2e:9a:cb:60:43:1d:02:4f:
         eb:91:86:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nctou+8fZCEL83dITec+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjYwMzI2MDAwMjExWhcNMjYwMzI3MDAwMjExWjAzMTEwLwYDVQQD
Eyg4ODQwYjg1OTlhNTZmNjE5Zjg3Mjg3YjYyMzRmZDQ5MjAxODgwNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK+DsH1dlk2S0rNkx7tUmm+Q1NBw
tUvy6pACewbdpqAvxUkpDKbqGpPmZ9gKtG7Rrut3peusZ/gpCGZ41ax++mztw/ez
czmZ1ItlGBnoUdseW5ArdindwxedfSZIKpPH5kuMhiiNBIub4kUCrcJ+D/jQtQTi
Wxo7jaZ4R4Cd2SWZ4Pyg0ASA4uO5nurdsOcTV3XUQr/tvzsk/awszP9wEPZhmT5s
FMzQbRR6rHRQlFLelrw4GtCDOL2Gei+qN4yk8rG4qJ49EErmPXAMy2Gh7GIWKDlj
dZCGZr+Qt9Z54YoGyY6DO54ouogmvqu48oebBu/nIVtBF6VvnKJAl1KLCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIhAuFmaVvYZ+HKHtiNP1JIBiAdTMB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9UEUxjG
4mjvCZbhBrptXQShbMcArATfEHEuXTL3j7HYzJn66CPCtLuczOJgoX0mPneom/fX
m67KVuF7I+zcGfZv7y9xBezUaW2/6LD2hlKUJMHti8rQehZgX1cf2zI/qF/uN+x7
8GW2Em0trKo+hApTtz94/913nRzWaApzt4E/a0MlYwhnxbviWVHPa194cy6Q6XHn
O7n5X73C8J2Xpxwqh2rhRnSgIlH1Tg2oDfyjmXi4m7ikD76SuwRNfZrIJLkMa3Am
3cyn3NHJUE6u48NW0gsFypTcfAYX0lywFf72ECX/KmF6l+6GrA4XlYCiE9N9/C6a
y2BDHQJP65GG9Q==
-----END CERTIFICATE-----