Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          hEI3M8uRdF5vtoNZDEG/nLAiPmGKGE5Xb6EampzILp4=
Subject key identifier:   99:A2:B7:D9:D1:1D:71:9B:84:E8:92:4B:B4:6E:48:BA:6D:4F:A1:1F
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       019D2772A828A86DC18F842633FEC41782C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          11AF
Signing time:             Thu 26 Mar 2026 00:01:58 +0000
Manifest this update:     Thu 26 Mar 2026 00:01:58 +0000
Manifest next update:     Fri 27 Mar 2026 00:01:58 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: E3uxLTEYGFwlVs4hzU2sVF5GIpWCXemtZgaQsFEl95Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:a8:28:a8:6d:c1:8f:84:26:33:fe:c4:17:82:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: Mar 26 00:01:58 2026 GMT
            Not After : Mar 27 00:01:58 2026 GMT
        Subject: CN=99a2b7d9d11d719b84e8924bb46e48ba6d4fa11f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:33:8e:4b:b2:d6:30:a8:94:25:34:fd:80:66:
                    df:16:61:a2:1e:56:2d:3d:e8:49:57:13:10:b5:b4:
                    0e:4a:d1:1b:59:24:39:97:ce:7d:9e:93:c8:6d:ec:
                    36:3e:a0:ba:7c:a5:f5:14:f0:1d:b3:cb:7d:d4:83:
                    6b:61:aa:71:7d:4e:fa:94:9e:14:68:fd:d6:a2:7c:
                    da:94:d8:4f:ff:cb:ef:a1:d9:78:02:2d:e2:d8:84:
                    dc:fb:8f:d4:14:97:c8:f2:c1:94:b6:ac:0f:09:32:
                    73:e7:78:16:09:c2:c1:16:34:11:25:53:42:03:a4:
                    54:c9:73:4a:bd:f0:dd:a4:b4:fa:66:f7:e3:e7:7b:
                    77:e8:03:75:a9:cc:66:6f:08:6b:56:07:9f:4c:8d:
                    0b:ea:4c:01:54:9c:87:b4:3f:df:a0:b0:b6:ab:ba:
                    d1:a9:37:55:c7:e2:4d:7e:41:21:ff:3f:91:b2:9f:
                    69:1c:61:55:1a:74:5f:52:f4:b1:71:af:cc:f3:52:
                    db:0e:2a:76:8f:55:a5:69:cf:ac:1b:99:e0:9e:07:
                    23:98:fa:9f:a8:f3:01:45:8b:12:8f:0c:1c:ea:ef:
                    da:40:83:11:c2:d1:8e:15:1b:cd:73:7b:9d:b1:f6:
                    2c:c9:ff:d2:a7:be:2c:1c:5e:0c:78:46:51:67:2a:
                    d7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A2:B7:D9:D1:1D:71:9B:84:E8:92:4B:B4:6E:48:BA:6D:4F:A1:1F
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:af:1b:6a:8a:f3:3e:65:a6:38:53:a6:d8:4b:da:5a:12:7a:
         71:3d:e6:23:7f:25:61:a1:c4:1b:53:5b:43:1c:2b:7c:2e:e9:
         fd:48:b0:3b:76:1d:87:51:36:78:7a:af:a5:c4:9a:af:2a:19:
         ef:ee:3e:81:ac:49:fa:81:b6:b3:33:cf:3d:82:d6:d2:d0:b6:
         86:f0:af:e0:8a:1a:0e:f6:2e:5e:84:53:f3:9c:b6:17:3a:05:
         78:e9:e8:57:c5:de:2c:6a:54:11:42:23:61:4a:ce:96:ac:3e:
         71:60:3e:f8:55:18:df:a0:aa:3e:b0:fa:8b:20:56:31:8d:0f:
         b0:70:09:07:0c:e6:e4:f9:05:d2:6d:1b:1b:27:63:4b:82:8c:
         be:1f:92:73:bc:93:21:d2:d9:8f:bc:1e:90:af:43:de:1d:77:
         0b:f7:ee:41:e0:c1:eb:20:5f:06:1f:f2:6f:e7:a1:48:74:51:
         8e:98:e9:8d:3f:63:72:ee:40:e6:e9:14:ae:53:dc:40:77:04:
         e7:c2:4b:69:d8:13:ce:36:ef:29:64:52:04:9f:bd:53:fc:21:
         7b:42:19:be:00:85:d0:47:b8:f6:38:08:b0:5c:ec:60:35:5b:
         ab:c7:e5:c2:60:d1:a2:5b:9d:77:cd:78:d1:59:f1:7d:d6:80:
         2f:2c:33:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncqgoqG3Bj4QmM/7EF4LJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjYwMzI2MDAwMTU4WhcNMjYwMzI3MDAwMTU4WjAzMTEwLwYDVQQD
Eyg5OWEyYjdkOWQxMWQ3MTliODRlODkyNGJiNDZlNDhiYTZkNGZhMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozOOS7LWMKiUJTT9gGbfFmGiHlYt
PehJVxMQtbQOStEbWSQ5l859npPIbew2PqC6fKX1FPAds8t91INrYapxfU76lJ4U
aP3WonzalNhP/8vvodl4Ai3i2ITc+4/UFJfI8sGUtqwPCTJz53gWCcLBFjQRJVNC
A6RUyXNKvfDdpLT6Zvfj53t36AN1qcxmbwhrVgefTI0L6kwBVJyHtD/foLC2q7rR
qTdVx+JNfkEh/z+Rsp9pHGFVGnRfUvSxca/M81LbDip2j1Wlac+sG5ngngcjmPqf
qPMBRYsSjwwc6u/aQIMRwtGOFRvNc3udsfYsyf/Sp74sHF4MeEZRZyrXoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmit9nRHXGbhOiSS7RuSLptT6EfMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQK8baorz
PmWmOFOm2EvaWhJ6cT3mI38lYaHEG1NbQxwrfC7p/UiwO3Ydh1E2eHqvpcSaryoZ
7+4+gaxJ+oG2szPPPYLW0tC2hvCv4IoaDvYuXoRT85y2FzoFeOnoV8XeLGpUEUIj
YUrOlqw+cWA++FUY36CqPrD6iyBWMY0PsHAJBwzm5PkF0m0bGydjS4KMvh+Sc7yT
IdLZj7wekK9D3h13C/fuQeDB6yBfBh/yb+ehSHRRjpjpjT9jcu5A5ukUrlPcQHcE
58JLadgTzjbvKWRSBJ+9U/whe0IZvgCF0Ee49jgIsFzsYDVbq8flwmDRoludd814
0VnxfdaALywztQ==
-----END CERTIFICATE-----