Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft
File:                     Km9uXKXbQ3eec6znzhbs4O55R5k.mft (raw, json)
Hash identifier:          08amgBdWNW3WCPWRMYsA6yxSJ/W7dX7X7xc8SqwtkwA=
Subject key identifier:   66:0D:76:AF:15:B6:B1:2F:72:E9:89:44:11:5B:CC:76:9C:0B:9D:C5
Authority key identifier: 2A:6F:6E:5C:A5:DB:43:77:9E:73:AC:E7:CE:16:EC:E0:EE:79:47:99
Certificate issuer:       /CN=2a6f6e5ca5db43779e73ace7ce16ece0ee794799
Certificate serial:       019D273AECA3EE51D1C9A369BFC3C5737BF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft
Manifest number:          0708
Signing time:             Wed 25 Mar 2026 23:01:06 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:06 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:06 +0000
Files and hashes:         1: Km9uXKXbQ3eec6znzhbs4O55R5k.crl (hash: PeEkT7Fg669XkYmWZHTrczRkaoSb+WN+BcPR+30odAY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3a:ec:a3:ee:51:d1:c9:a3:69:bf:c3:c5:73:7b:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6f6e5ca5db43779e73ace7ce16ece0ee794799
        Validity
            Not Before: Mar 25 23:01:06 2026 GMT
            Not After : Mar 26 23:01:06 2026 GMT
        Subject: CN=660d76af15b6b12f72e98944115bcc769c0b9dc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7c:7b:8d:df:0f:1a:e0:47:7e:8d:a8:71:2e:
                    0f:c1:c2:8b:52:e1:9a:02:f1:cb:13:6d:7a:4f:f1:
                    78:fc:26:0c:2d:c6:4d:c7:f7:a2:f2:58:1b:85:1e:
                    34:a2:e1:5b:82:c4:15:97:c4:0f:66:14:02:4d:0c:
                    8d:eb:2c:1c:fe:e2:ff:79:ec:95:35:47:19:21:f5:
                    9a:55:8b:26:05:e4:9d:3b:2f:13:e7:51:1f:e0:3d:
                    90:77:87:55:43:78:36:06:0f:18:73:70:62:27:c6:
                    6a:f4:a9:11:a0:8f:2e:8c:b3:50:e9:cd:21:86:d1:
                    ad:3d:1b:07:a0:c2:c3:16:fd:16:60:9d:90:8f:30:
                    7f:84:0b:89:7a:c8:61:0f:e1:d8:48:16:b0:67:0f:
                    f2:6d:51:61:ea:45:e9:b5:f3:9b:7c:a7:ad:6f:53:
                    40:c0:01:c7:02:ed:1d:6f:26:4f:c2:b1:2e:39:77:
                    9e:71:af:7a:77:4c:90:14:91:68:c9:78:2b:7e:00:
                    7d:0a:c1:7c:fc:5e:ff:d3:9e:1e:43:00:6b:90:19:
                    b6:80:f9:c1:fc:eb:b6:03:04:f6:f0:fd:51:4f:a9:
                    45:18:f1:f4:1e:aa:b9:e8:c1:93:7e:ab:96:ea:5b:
                    b1:d6:4f:55:ae:d9:7f:51:3c:85:8e:b2:e5:92:6e:
                    4e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:0D:76:AF:15:B6:B1:2F:72:E9:89:44:11:5B:CC:76:9C:0B:9D:C5
            X509v3 Authority Key Identifier:
                keyid:2A:6F:6E:5C:A5:DB:43:77:9E:73:AC:E7:CE:16:EC:E0:EE:79:47:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:03:62:eb:89:e4:ef:21:25:f4:15:8b:c7:38:62:ed:7a:18:
         a7:20:9a:72:8b:79:e1:70:55:8f:8f:3c:48:fb:7f:63:6a:b3:
         84:8c:3e:c0:75:cb:39:12:43:80:2b:a0:63:4f:25:a3:e2:90:
         11:41:bc:c9:ab:6b:da:f1:fa:f3:d7:fc:64:43:5a:7f:80:57:
         84:e1:48:c9:37:02:03:90:e2:e5:61:29:75:ad:9d:7e:59:77:
         dc:a1:7f:41:47:9c:2c:db:55:b1:ed:b2:6b:5f:65:f9:81:cd:
         ab:1b:6e:39:35:c2:6a:87:f6:d5:90:33:9d:37:27:c4:8d:98:
         4d:77:75:7a:8a:1c:9a:0c:64:bf:c5:31:29:c8:4c:e4:c9:f9:
         79:7a:37:fa:be:09:21:b4:5b:0b:28:c4:d1:00:b5:37:12:b8:
         c8:a5:07:c8:4c:c6:cb:f9:12:5c:a6:23:6f:e8:af:c9:9c:09:
         76:80:42:09:1d:7b:80:20:b3:5e:7f:df:94:60:7d:4e:f1:88:
         12:ff:ca:eb:6e:61:88:b3:ee:0a:94:dd:b4:f9:e9:f9:7f:94:
         ee:1f:78:02:69:48:cd:19:33:73:10:45:5d:51:13:2e:4a:36:
         3f:a6:3c:6b:8a:a4:b3:20:f6:4a:7e:b4:a0:32:de:00:63:cc:
         cc:1c:30:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOuyj7lHRyaNpv8PFc3v3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNmY2ZTVjYTVkYjQzNzc5ZTczYWNlN2NlMTZlY2UwZWU3
OTQ3OTkwHhcNMjYwMzI1MjMwMTA2WhcNMjYwMzI2MjMwMTA2WjAzMTEwLwYDVQQD
Eyg2NjBkNzZhZjE1YjZiMTJmNzJlOTg5NDQxMTViY2M3NjljMGI5ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3x7jd8PGuBHfo2ocS4PwcKLUuGa
AvHLE216T/F4/CYMLcZNx/ei8lgbhR40ouFbgsQVl8QPZhQCTQyN6ywc/uL/eeyV
NUcZIfWaVYsmBeSdOy8T51Ef4D2Qd4dVQ3g2Bg8Yc3BiJ8Zq9KkRoI8ujLNQ6c0h
htGtPRsHoMLDFv0WYJ2QjzB/hAuJeshhD+HYSBawZw/ybVFh6kXptfObfKetb1NA
wAHHAu0dbyZPwrEuOXeeca96d0yQFJFoyXgrfgB9CsF8/F7/054eQwBrkBm2gPnB
/Ou2AwT28P1RT6lFGPH0Hqq56MGTfquW6lux1k9Vrtl/UTyFjrLlkm5OsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYNdq8VtrEvcumJRBFbzHacC53FMB8GA1UdIwQY
MBaAFCpvblyl20N3nnOs584W7ODueUeZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMGE2MTEtZjZmNC00MGY3LTg2Mjgt
NzJlOTllZTQ3NjZkLzEvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMGE2MTEtZjZmNC00MGY3LTg2MjgtNzJlOTllZTQ3NjZk
LzEvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZQNi64nk
7yEl9BWLxzhi7XoYpyCacot54XBVj488SPt/Y2qzhIw+wHXLORJDgCugY08lo+KQ
EUG8yatr2vH689f8ZENaf4BXhOFIyTcCA5Di5WEpda2dfll33KF/QUecLNtVse2y
a19l+YHNqxtuOTXCaof21ZAznTcnxI2YTXd1eoocmgxkv8UxKchM5Mn5eXo3+r4J
IbRbCyjE0QC1NxK4yKUHyEzGy/kSXKYjb+ivyZwJdoBCCR17gCCzXn/flGB9TvGI
Ev/K625hiLPuCpTdtPnp+X+U7h94AmlIzRkzcxBFXVETLko2P6Y8a4qksyD2Sn60
oDLeAGPMzBwwCA==
-----END CERTIFICATE-----