Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
File:                     x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft (raw, json)
Hash identifier:          yErQo6wg4ldnwCejrJQZqqVgipz4va02ENsjuqz/asI=
Subject key identifier:   D9:5D:54:B7:BD:FB:02:7B:3C:F9:92:1F:07:20:43:08:ED:64:7F:20
Authority key identifier: C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9
Certificate issuer:       /CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
Certificate serial:       019D28F23FA14CD708563C374964BF7F2920
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
Manifest number:          033B
Signing time:             Thu 26 Mar 2026 07:00:57 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:57 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:57 +0000
Files and hashes:         1: x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl (hash: RQ4fuIFkvnQnSY95QMVHaROSbMIhwi6YJTZ0PqgtxXM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:3f:a1:4c:d7:08:56:3c:37:49:64:bf:7f:29:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c7729a6ece2d0ebe9bbe5d8d7962f73bdc9204a9
        Validity
            Not Before: Mar 26 07:00:57 2026 GMT
            Not After : Mar 27 07:00:57 2026 GMT
        Subject: CN=d95d54b7bdfb027b3cf9921f07204308ed647f20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:8f:3c:08:a4:2e:1d:98:09:a5:5c:32:9f:68:
                    4b:78:a6:10:dc:bf:dd:4b:ea:73:01:77:38:b2:a5:
                    0b:e1:c4:eb:7a:8d:bc:af:f6:6e:16:2c:d9:f7:4d:
                    05:a0:4c:6b:b7:17:ef:7c:dd:a7:9b:b8:b4:8a:a5:
                    8b:eb:ea:53:bd:38:b9:fb:54:00:13:f0:62:84:48:
                    de:19:73:b3:06:2b:01:5e:68:05:31:cb:21:7d:44:
                    e6:b8:e4:0d:60:34:93:b8:a5:5a:60:0f:d8:50:56:
                    04:b8:4e:e9:b9:d2:76:f0:d9:a0:06:6e:7e:79:a3:
                    6b:fe:be:42:15:d1:ad:db:96:ba:9d:30:a9:00:45:
                    95:92:56:c1:52:1a:21:c1:38:33:1f:76:22:9d:f8:
                    59:10:7c:0a:e6:7d:29:be:30:e7:a3:b3:8d:7f:2f:
                    29:58:c0:47:04:87:4c:b0:ef:e4:85:ec:60:63:95:
                    8f:87:88:01:db:5d:74:2a:1e:00:a5:68:cb:6b:cc:
                    3c:be:70:6c:06:68:fa:82:0f:58:6b:27:84:45:83:
                    04:1d:98:b9:6c:b9:47:5d:23:ca:f0:dd:e0:67:7b:
                    52:95:09:5f:89:94:36:a4:a4:84:d4:d2:49:84:24:
                    16:96:92:7f:1a:aa:f1:50:0b:07:a5:27:3b:0e:11:
                    04:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:5D:54:B7:BD:FB:02:7B:3C:F9:92:1F:07:20:43:08:ED:64:7F:20
            X509v3 Authority Key Identifier:
                keyid:C7:72:9A:6E:CE:2D:0E:BE:9B:BE:5D:8D:79:62:F7:3B:DC:92:04:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3Kabs4tDr6bvl2NeWL3O9ySBKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/1c9754-32e9-4186-a691-dc3651ccf9ae/1/x3Kabs4tDr6bvl2NeWL3O9ySBKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:e3:ed:3f:d6:a0:cb:c0:fe:25:82:77:6f:55:4d:30:d6:73:
         36:9b:42:0b:bc:d9:6d:73:f2:ab:7c:07:50:b9:5d:8b:3f:2b:
         47:30:6f:29:15:f6:a6:6b:a1:7b:a8:ba:4b:3c:48:99:60:71:
         80:56:8b:a6:89:7d:de:53:1c:c6:d2:d6:58:0f:1b:db:3e:c9:
         fe:76:41:6e:e0:54:ca:b9:a0:e2:0a:76:1b:e4:7c:ef:9f:af:
         c5:44:38:77:ef:e9:19:4f:e1:44:52:2c:bf:f4:eb:80:d1:59:
         85:7e:78:ca:7d:a4:dc:c2:48:28:32:c5:dd:4d:37:d4:06:bc:
         44:c4:8c:e6:4e:cd:f7:98:b8:c7:de:63:63:47:e5:66:03:43:
         a9:5c:2d:5c:9b:eb:4d:74:9c:65:28:18:83:8d:2a:54:d3:bf:
         a7:dc:ef:5d:c9:48:b1:4e:47:48:c8:5b:7f:e1:1e:e7:f8:2d:
         32:1f:95:fb:04:1a:94:b6:fa:31:8e:ca:1e:f5:67:88:31:3c:
         7c:bb:5e:db:10:fd:19:2c:b0:55:06:b4:bb:82:94:58:bf:fe:
         0c:eb:54:62:9e:55:09:af:ff:2e:21:31:f0:f9:36:42:73:91:
         03:86:4a:4f:bc:c3:a9:e2:8d:6f:c1:42:6c:3e:4f:ba:04:37:
         2e:5d:5e:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8j+hTNcIVjw3SWS/fykgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzI5YTZlY2UyZDBlYmU5YmJlNWQ4ZDc5NjJmNzNiZGM5
MjA0YTkwHhcNMjYwMzI2MDcwMDU3WhcNMjYwMzI3MDcwMDU3WjAzMTEwLwYDVQQD
EyhkOTVkNTRiN2JkZmIwMjdiM2NmOTkyMWYwNzIwNDMwOGVkNjQ3ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto88CKQuHZgJpVwyn2hLeKYQ3L/d
S+pzAXc4sqUL4cTreo28r/ZuFizZ900FoExrtxfvfN2nm7i0iqWL6+pTvTi5+1QA
E/BihEjeGXOzBisBXmgFMcshfUTmuOQNYDSTuKVaYA/YUFYEuE7pudJ28NmgBm5+
eaNr/r5CFdGt25a6nTCpAEWVklbBUhohwTgzH3YinfhZEHwK5n0pvjDno7ONfy8p
WMBHBIdMsO/khexgY5WPh4gB2110Kh4ApWjLa8w8vnBsBmj6gg9YayeERYMEHZi5
bLlHXSPK8N3gZ3tSlQlfiZQ2pKSE1NJJhCQWlpJ/GqrxUAsHpSc7DhEE6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNldVLe9+wJ7PPmSHwcgQwjtZH8gMB8GA1UdIwQY
MBaAFMdymm7OLQ6+m75djXli9zvckgSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEt
ZGMzNjUxY2NmOWFlLzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8xYzk3NTQtMzJlOS00MTg2LWE2OTEtZGMzNjUxY2NmOWFl
LzEveDNLYWJzNHREcjZidmwyTmVXTDNPOXlTQktrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+PtP9ag
y8D+JYJ3b1VNMNZzNptCC7zZbXPyq3wHULldiz8rRzBvKRX2pmuhe6i6SzxImWBx
gFaLpol93lMcxtLWWA8b2z7J/nZBbuBUyrmg4gp2G+R875+vxUQ4d+/pGU/hRFIs
v/TrgNFZhX54yn2k3MJIKDLF3U031Aa8RMSM5k7N95i4x95jY0flZgNDqVwtXJvr
TXScZSgYg40qVNO/p9zvXclIsU5HSMhbf+Ee5/gtMh+V+wQalLb6MY7KHvVniDE8
fLte2xD9GSywVQa0u4KUWL/+DOtUYp5VCa//LiEx8Pk2QnORA4ZKT7zDqeKNb8FC
bD5PugQ3Ll1eew==
-----END CERTIFICATE-----