Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft
File:                     1T5Pyhar83QtTaK_nD2abpHpbuU.mft (raw, json)
Hash identifier:          XynLg4ZhpJHG9U0vEx5EhAiuUIEXrbopdHYLwO9eUHA=
Subject key identifier:   3A:92:02:42:DE:4A:87:65:0F:B4:92:B8:E2:93:D4:0F:8C:AF:A3:C4
Authority key identifier: D5:3E:4F:CA:16:AB:F3:74:2D:4D:A2:BF:9C:3D:9A:6E:91:E9:6E:E5
Certificate issuer:       /CN=d53e4fca16abf3742d4da2bf9c3d9a6e91e96ee5
Certificate serial:       019D25F1E633F0B7450A36BEE99FF87B8EE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft
Manifest number:          1598
Signing time:             Wed 25 Mar 2026 17:01:43 +0000
Manifest this update:     Wed 25 Mar 2026 17:01:43 +0000
Manifest next update:     Thu 26 Mar 2026 17:01:43 +0000
Files and hashes:         1: 1T5Pyhar83QtTaK_nD2abpHpbuU.crl (hash: ukQvBD+dwvsiIwAtMTWABU8pFFzllFM3TY3IwuUWTXE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:25:f1:e6:33:f0:b7:45:0a:36:be:e9:9f:f8:7b:8e:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d53e4fca16abf3742d4da2bf9c3d9a6e91e96ee5
        Validity
            Not Before: Mar 25 17:01:43 2026 GMT
            Not After : Mar 26 17:01:43 2026 GMT
        Subject: CN=3a920242de4a87650fb492b8e293d40f8cafa3c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:df:1f:ec:05:91:a6:02:5b:85:91:69:07:5a:
                    a8:43:62:c8:78:38:e1:48:66:87:2d:89:5a:54:e0:
                    98:58:93:f9:8e:2b:5a:b0:5c:3d:fe:2a:51:a6:ed:
                    4b:63:ea:52:68:9e:63:bb:45:84:fc:97:d4:64:0b:
                    e7:c9:45:bd:03:8b:cd:e3:1f:11:a3:5d:43:3b:0a:
                    6e:c8:d3:08:3f:e4:28:6b:fb:f0:1e:47:76:f6:43:
                    f6:7a:9b:21:0d:02:fc:db:11:19:af:ae:d2:74:07:
                    45:75:71:61:c0:ef:21:9c:0e:17:5f:51:01:81:48:
                    f4:48:3c:67:31:62:65:da:a8:56:4f:55:8f:0a:45:
                    35:ce:43:54:07:c0:7a:a8:15:bf:f2:2b:47:2a:75:
                    2e:5e:42:6f:bd:52:c8:f1:6a:e2:c7:1f:07:7c:6e:
                    06:47:4b:3b:af:5f:5c:13:0a:cf:13:ed:d9:2f:5a:
                    9a:4b:25:4f:7b:2f:19:3d:9f:a5:2f:ac:5a:04:5f:
                    70:1f:c3:fa:5c:a5:ba:49:78:5f:a1:c5:89:d9:38:
                    5c:bf:8f:3a:bf:15:d7:96:3c:2c:28:f7:a6:2f:11:
                    f4:95:22:45:71:d6:92:2a:ee:a7:0c:ad:05:49:9f:
                    09:76:1c:8f:a6:a0:7a:57:f2:af:1f:97:66:50:5b:
                    2b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:92:02:42:DE:4A:87:65:0F:B4:92:B8:E2:93:D4:0F:8C:AF:A3:C4
            X509v3 Authority Key Identifier:
                keyid:D5:3E:4F:CA:16:AB:F3:74:2D:4D:A2:BF:9C:3D:9A:6E:91:E9:6E:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1T5Pyhar83QtTaK_nD2abpHpbuU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3df09b-61ed-4083-978b-263350dec194/1/1T5Pyhar83QtTaK_nD2abpHpbuU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:b9:c6:41:af:5f:4c:35:40:af:f5:01:14:f6:7a:ac:0f:84:
         84:a6:98:f0:11:10:32:87:0c:bb:6d:15:e7:f5:13:18:c8:92:
         3e:42:3e:be:01:b1:50:34:e3:f2:06:0d:27:c6:88:49:d9:c6:
         d1:17:5d:18:36:c3:72:81:3e:68:70:73:a6:c9:ea:24:09:80:
         4d:26:13:e8:29:16:8a:6a:72:4b:ce:85:39:43:59:32:9d:c9:
         7e:f2:54:f2:73:d2:35:0e:25:5d:57:06:4b:c1:92:4f:dc:a0:
         b6:fa:58:77:52:09:bf:f3:28:25:dd:e2:86:bd:c4:3a:92:5b:
         9a:04:ef:0f:b1:b1:c6:e3:3e:d1:a6:77:a7:19:2f:3c:6b:37:
         87:47:c1:f1:3c:32:09:bf:6f:e3:f7:01:cf:2a:13:9c:6a:b2:
         7a:63:48:03:bb:97:44:28:9b:d0:91:6f:4f:7b:8d:c1:07:2e:
         b5:d5:ba:1d:aa:4f:88:28:de:7c:8c:cb:91:14:87:4c:5e:4a:
         3d:72:57:2d:fd:19:11:b0:e1:de:69:62:93:a9:4e:53:00:1c:
         42:22:13:e7:d5:76:f1:17:cd:3c:9e:3e:81:44:15:e6:3c:7b:
         c2:84:96:03:45:96:62:b4:d5:70:e2:3a:e3:e0:8f:73:9e:f4:
         ba:94:9b:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8eYz8LdFCja+6Z/4e47mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1M2U0ZmNhMTZhYmYzNzQyZDRkYTJiZjljM2Q5YTZlOTFl
OTZlZTUwHhcNMjYwMzI1MTcwMTQzWhcNMjYwMzI2MTcwMTQzWjAzMTEwLwYDVQQD
EygzYTkyMDI0MmRlNGE4NzY1MGZiNDkyYjhlMjkzZDQwZjhjYWZhM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN8f7AWRpgJbhZFpB1qoQ2LIeDjh
SGaHLYlaVOCYWJP5jitasFw9/ipRpu1LY+pSaJ5ju0WE/JfUZAvnyUW9A4vN4x8R
o11DOwpuyNMIP+Qoa/vwHkd29kP2epshDQL82xEZr67SdAdFdXFhwO8hnA4XX1EB
gUj0SDxnMWJl2qhWT1WPCkU1zkNUB8B6qBW/8itHKnUuXkJvvVLI8Wrixx8HfG4G
R0s7r19cEwrPE+3ZL1qaSyVPey8ZPZ+lL6xaBF9wH8P6XKW6SXhfocWJ2Thcv486
vxXXljwsKPemLxH0lSJFcdaSKu6nDK0FSZ8JdhyPpqB6V/KvH5dmUFsrRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqSAkLeSodlD7SSuOKT1A+Mr6PEMB8GA1UdIwQY
MBaAFNU+T8oWq/N0LU2iv5w9mm6R6W7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zZGYwOWItNjFlZC00MDgzLTk3OGIt
MjYzMzUwZGVjMTk0LzEvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zZGYwOWItNjFlZC00MDgzLTk3OGItMjYzMzUwZGVjMTk0
LzEvMVQ1UHloYXI4M1F0VGFLX25EMmFicEhwYnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKrnGQa9f
TDVAr/UBFPZ6rA+EhKaY8BEQMocMu20V5/UTGMiSPkI+vgGxUDTj8gYNJ8aISdnG
0RddGDbDcoE+aHBzpsnqJAmATSYT6CkWimpyS86FOUNZMp3JfvJU8nPSNQ4lXVcG
S8GST9ygtvpYd1IJv/MoJd3ihr3EOpJbmgTvD7GxxuM+0aZ3pxkvPGs3h0fB8Twy
Cb9v4/cBzyoTnGqyemNIA7uXRCib0JFvT3uNwQcutdW6HapPiCjefIzLkRSHTF5K
PXJXLf0ZEbDh3mlik6lOUwAcQiIT59V28RfNPJ4+gUQV5jx7woSWA0WWYrTVcOI6
4+CPc570upSbUQ==
-----END CERTIFICATE-----