Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
File:                     k4EH0RRkaaEaY-X10tfbj28717M.mft (raw, json)
Hash identifier:          vHHw5GwfQqvYJOlau/fZ+SxDQQYyAvmlhVN1Z6e9weM=
Subject key identifier:   9B:87:0D:75:51:B4:1A:4D:5F:C8:D0:9B:AA:36:83:48:0A:87:2F:5F
Authority key identifier: 93:81:07:D1:14:64:69:A1:1A:63:E5:F5:D2:D7:DB:8F:6F:3B:D7:B3
Certificate issuer:       /CN=938107d1146469a11a63e5f5d2d7db8f6f3bd7b3
Certificate serial:       019D348899FE5371FABBB9509169CA8C6484
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
Manifest number:          08F1
Signing time:             Sat 28 Mar 2026 13:01:00 +0000
Manifest this update:     Sat 28 Mar 2026 13:01:00 +0000
Manifest next update:     Sun 29 Mar 2026 13:01:00 +0000
Files and hashes:         1: k4EH0RRkaaEaY-X10tfbj28717M.crl (hash: j061djn+uuv9b8ZSw8R49zX66mbm6zgnQBuUFeIi2Us=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:34:88:99:fe:53:71:fa:bb:b9:50:91:69:ca:8c:64:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=938107d1146469a11a63e5f5d2d7db8f6f3bd7b3
        Validity
            Not Before: Mar 28 13:01:00 2026 GMT
            Not After : Mar 29 13:01:00 2026 GMT
        Subject: CN=9b870d7551b41a4d5fc8d09baa3683480a872f5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1d:95:af:e7:66:43:bc:ee:f6:12:ff:92:63:
                    5b:5b:28:98:5d:b5:2f:98:04:a1:55:41:18:57:65:
                    eb:8a:19:d3:c6:60:14:1f:41:fa:51:65:48:17:6f:
                    b6:89:65:b2:a0:b8:8f:b2:3b:e9:79:95:43:5a:01:
                    c2:7d:f9:59:48:b6:bd:45:2e:e1:fe:ab:f5:d7:af:
                    3d:39:13:74:4b:45:cb:b7:e4:7b:9e:b4:7e:f0:7d:
                    c6:54:d4:77:08:24:c1:b3:d8:74:19:12:ad:ba:e2:
                    1e:fa:93:16:79:9a:7e:96:ed:46:a5:46:fd:69:e0:
                    c9:8e:ea:86:88:fa:38:ce:bd:b3:4b:a2:89:0a:12:
                    4b:bb:d0:5a:56:0c:23:70:f4:10:23:af:8f:db:37:
                    fa:60:52:21:70:45:da:7d:a9:cd:69:71:a1:b3:7f:
                    23:d9:6b:97:d1:2f:1c:2f:5d:89:41:8d:44:71:cc:
                    d3:77:87:96:9d:be:cf:d2:33:a0:6a:6b:b2:fa:df:
                    f5:f5:f7:dd:e7:d4:f7:d4:f1:3b:77:4d:1f:6f:58:
                    8e:13:52:ae:56:2b:be:f5:6d:dd:48:9e:38:8b:05:
                    9e:de:83:7c:d7:97:95:63:17:f6:06:ab:7e:83:69:
                    b6:4a:8b:75:3d:81:1f:50:95:a8:93:b5:61:e5:26:
                    42:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:87:0D:75:51:B4:1A:4D:5F:C8:D0:9B:AA:36:83:48:0A:87:2F:5F
            X509v3 Authority Key Identifier:
                keyid:93:81:07:D1:14:64:69:A1:1A:63:E5:F5:D2:D7:DB:8F:6F:3B:D7:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:61:be:5b:3d:83:ad:bb:1d:19:e8:6f:2b:54:87:a9:15:89:
         2d:7b:ab:53:47:28:a3:14:5e:19:5b:c6:81:a5:c7:5d:fb:19:
         de:d5:7a:ce:d3:34:52:fd:b7:49:79:da:1f:34:7b:19:1e:58:
         c0:7b:eb:f0:72:7e:10:07:eb:99:bb:3e:00:66:97:f2:83:17:
         ae:07:2e:fa:66:69:39:f1:0e:f2:43:84:70:bc:7b:e2:33:a1:
         dc:6d:77:2a:33:b3:b7:bc:ed:72:cc:d8:72:eb:4a:85:e2:d3:
         e0:82:0f:13:74:43:25:c0:84:f0:eb:90:27:62:11:cc:e0:2e:
         d4:b9:dc:ba:0c:e7:71:58:51:39:a7:dc:a2:3a:69:40:93:28:
         80:9a:f2:cc:7c:12:8e:e8:73:93:b8:72:04:bf:2a:f3:77:10:
         66:f6:9e:91:cf:ff:6e:33:56:f2:f9:6c:48:5b:20:8e:af:d3:
         e6:55:db:1a:5a:c7:59:65:bf:48:35:aa:f7:35:72:80:fd:db:
         46:63:8c:4b:ff:4a:43:10:ea:2b:46:4c:b4:6e:e8:f5:2e:8c:
         1e:4f:3a:4e:91:ac:18:d6:fe:12:54:b6:ac:33:bb:c7:52:98:
         23:e8:7c:28:a8:11:c3:6b:66:a3:34:ac:78:cb:c8:b3:ca:3a:
         c7:6d:a6:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ00iJn+U3H6u7lQkWnKjGSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzODEwN2QxMTQ2NDY5YTExYTYzZTVmNWQyZDdkYjhmNmYz
YmQ3YjMwHhcNMjYwMzI4MTMwMTAwWhcNMjYwMzI5MTMwMTAwWjAzMTEwLwYDVQQD
Eyg5Yjg3MGQ3NTUxYjQxYTRkNWZjOGQwOWJhYTM2ODM0ODBhODcyZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh2Vr+dmQ7zu9hL/kmNbWyiYXbUv
mAShVUEYV2XrihnTxmAUH0H6UWVIF2+2iWWyoLiPsjvpeZVDWgHCfflZSLa9RS7h
/qv11689ORN0S0XLt+R7nrR+8H3GVNR3CCTBs9h0GRKtuuIe+pMWeZp+lu1GpUb9
aeDJjuqGiPo4zr2zS6KJChJLu9BaVgwjcPQQI6+P2zf6YFIhcEXafanNaXGhs38j
2WuX0S8cL12JQY1EcczTd4eWnb7P0jOgamuy+t/19ffd59T31PE7d00fb1iOE1Ku
Viu+9W3dSJ44iwWe3oN815eVYxf2Bqt+g2m2Sot1PYEfUJWok7Vh5SZCOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuHDXVRtBpNX8jQm6o2g0gKhy9fMB8GA1UdIwQY
MBaAFJOBB9EUZGmhGmPl9dLX249vO9ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hZmY0YTktM2M1ZS00YTcxLWI1MjQt
Y2JjNmNjYzA4OTMyLzEvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hZmY0YTktM2M1ZS00YTcxLWI1MjQtY2JjNmNjYzA4OTMy
LzEvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemG+Wz2D
rbsdGehvK1SHqRWJLXurU0cooxReGVvGgaXHXfsZ3tV6ztM0Uv23SXnaHzR7GR5Y
wHvr8HJ+EAfrmbs+AGaX8oMXrgcu+mZpOfEO8kOEcLx74jOh3G13KjOzt7ztcszY
cutKheLT4IIPE3RDJcCE8OuQJ2IRzOAu1LncugzncVhROafcojppQJMogJryzHwS
juhzk7hyBL8q83cQZvaekc//bjNW8vlsSFsgjq/T5lXbGlrHWWW/SDWq9zVygP3b
RmOMS/9KQxDqK0ZMtG7o9S6MHk86TpGsGNb+ElS2rDO7x1KYI+h8KKgRw2tmozSs
eMvIs8o6x22mnA==
-----END CERTIFICATE-----