Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          FTMKx88G773s5fCCQqka6vg312FacGS5M3El97KpeIQ=
Subject key identifier:   7B:00:3F:B2:E2:AF:A1:94:C4:49:8E:9E:90:E4:F5:8D:CE:7F:F7:BB
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019D2772EE2C24788932F43FBEB147C2423B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          07B0
Signing time:             Thu 26 Mar 2026 00:02:16 +0000
Manifest this update:     Thu 26 Mar 2026 00:02:16 +0000
Manifest next update:     Fri 27 Mar 2026 00:02:16 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: XPzOQ+YOhGDuj+6Xz3VVInrv0zxtJCan6prRjd4KgIU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:72:ee:2c:24:78:89:32:f4:3f:be:b1:47:c2:42:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Mar 26 00:02:16 2026 GMT
            Not After : Mar 27 00:02:16 2026 GMT
        Subject: CN=7b003fb2e2afa194c4498e9e90e4f58dce7ff7bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:71:bc:84:c5:13:1b:57:05:49:f1:02:6e:25:
                    a1:7e:d8:c2:8f:8f:57:8a:3a:bf:fb:ab:ef:e8:38:
                    51:64:ac:5d:5f:ab:c4:e2:22:d7:a4:76:42:a2:c2:
                    94:9a:e9:37:27:60:d8:6d:32:10:a2:d2:93:4d:54:
                    06:3f:f0:24:77:02:05:69:05:6d:9a:97:35:cc:d9:
                    7c:54:4e:e3:66:75:b8:8e:c4:83:85:5d:7e:09:1d:
                    b2:79:aa:33:b9:d7:a3:23:d7:ac:a0:41:87:9b:dc:
                    8d:0d:ac:8f:79:1c:57:54:f3:b0:03:8c:4f:08:ee:
                    82:0c:7d:c6:8b:a4:05:89:9b:66:89:aa:c8:d8:f6:
                    f9:a2:75:46:81:ad:68:fd:eb:62:29:83:3c:53:ff:
                    15:b5:49:01:48:f6:80:de:c0:7d:c2:b3:52:74:e3:
                    ec:bf:9f:36:e0:cc:bc:98:56:19:eb:27:b0:50:65:
                    5f:fd:c4:32:21:9b:01:58:96:0d:71:9e:14:fe:f4:
                    16:1c:65:7d:d1:40:75:89:7d:2f:94:0f:d4:38:ef:
                    50:7d:e1:70:24:7a:ef:2a:98:bc:51:f5:f0:61:bf:
                    cc:db:a2:9a:26:e9:18:2f:e2:e4:09:3f:af:94:ed:
                    0b:d6:55:65:42:e5:3c:5a:42:9f:3a:52:25:9e:83:
                    3b:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:00:3F:B2:E2:AF:A1:94:C4:49:8E:9E:90:E4:F5:8D:CE:7F:F7:BB
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:83:65:75:3e:64:a7:16:67:65:67:0e:e9:6c:6b:be:cd:13:
         04:9d:18:6a:a9:9c:54:9e:b2:7f:20:bc:8a:58:c9:16:33:22:
         7c:04:c8:db:09:92:80:85:0a:57:96:18:0d:26:19:75:ea:ee:
         7b:15:b8:75:e3:62:4d:14:97:0a:cf:32:b6:53:93:84:11:43:
         ce:a3:7c:b1:af:7e:2c:b1:84:79:5e:c4:01:26:7d:35:08:e0:
         32:3f:98:68:9d:27:41:a2:cd:ae:45:fd:9b:1b:4e:8a:14:45:
         79:5c:70:24:28:cd:6b:8e:9f:55:8a:22:a0:7e:7c:a5:e3:44:
         7d:37:f0:92:bf:cc:10:74:12:cd:f2:8a:0f:13:ea:03:d8:93:
         b9:8a:ed:0f:82:02:c4:93:fd:02:c3:32:85:93:8e:b5:29:89:
         fd:87:3c:fe:6d:c1:0b:ba:bc:e1:30:80:f4:20:fb:b0:04:f1:
         8c:5e:46:dc:23:91:26:53:db:ba:6a:79:a4:4d:5b:57:4c:98:
         77:43:db:68:0d:05:96:e0:57:63:2b:26:8a:3e:bb:08:4c:36:
         1d:5d:d4:db:55:0f:53:24:df:f3:d7:2f:98:85:4d:97:e2:77:
         fb:02:06:ca:82:5e:ab:2b:de:50:60:aa:bc:6a:88:34:70:28:
         02:64:e8:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncu4sJHiJMvQ/vrFHwkI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjYwMzI2MDAwMjE2WhcNMjYwMzI3MDAwMjE2WjAzMTEwLwYDVQQD
Eyg3YjAwM2ZiMmUyYWZhMTk0YzQ0OThlOWU5MGU0ZjU4ZGNlN2ZmN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnG8hMUTG1cFSfECbiWhftjCj49X
ijq/+6vv6DhRZKxdX6vE4iLXpHZCosKUmuk3J2DYbTIQotKTTVQGP/AkdwIFaQVt
mpc1zNl8VE7jZnW4jsSDhV1+CR2yeaozudejI9esoEGHm9yNDayPeRxXVPOwA4xP
CO6CDH3Gi6QFiZtmiarI2Pb5onVGga1o/etiKYM8U/8VtUkBSPaA3sB9wrNSdOPs
v5824My8mFYZ6yewUGVf/cQyIZsBWJYNcZ4U/vQWHGV90UB1iX0vlA/UOO9QfeFw
JHrvKpi8UfXwYb/M26KaJukYL+LkCT+vlO0L1lVlQuU8WkKfOlIlnoM7dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsAP7Lir6GUxEmOnpDk9Y3Of/e7MB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOoNldT5k
pxZnZWcO6Wxrvs0TBJ0YaqmcVJ6yfyC8iljJFjMifATI2wmSgIUKV5YYDSYZderu
exW4deNiTRSXCs8ytlOThBFDzqN8sa9+LLGEeV7EASZ9NQjgMj+YaJ0nQaLNrkX9
mxtOihRFeVxwJCjNa46fVYoioH58peNEfTfwkr/MEHQSzfKKDxPqA9iTuYrtD4IC
xJP9AsMyhZOOtSmJ/Yc8/m3BC7q84TCA9CD7sATxjF5G3CORJlPbump5pE1bV0yY
d0PbaA0FluBXYysmij67CEw2HV3U21UPUyTf89cvmIVNl+J3+wIGyoJeqyveUGCq
vGqINHAoAmTofw==
-----END CERTIFICATE-----