Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
File:                     PFlVXsIygmx91tmpJrU2AoN5SfY.mft (raw, json)
Hash identifier:          wAlqvRy6tzJIimYmHPqCZt4vm2nrxkgjPiD6Ymw+/EU=
Subject key identifier:   D9:54:3C:F7:65:6A:47:16:4F:83:CD:1A:BA:ED:C5:1B:5B:73:A4:94
Authority key identifier: 3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6
Certificate issuer:       /CN=3c59555ec232826c7dd6d9a926b53602837949f6
Certificate serial:       019D269620588184C4A10D5D56446C45D38B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
Manifest number:          043A
Signing time:             Wed 25 Mar 2026 20:01:06 +0000
Manifest this update:     Wed 25 Mar 2026 20:01:06 +0000
Manifest next update:     Thu 26 Mar 2026 20:01:06 +0000
Files and hashes:         1: PFlVXsIygmx91tmpJrU2AoN5SfY.crl (hash: IK2NUEyD71oh/Qc+/piMQbZxfdqJBAmMefAwDP4/Kwc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:96:20:58:81:84:c4:a1:0d:5d:56:44:6c:45:d3:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c59555ec232826c7dd6d9a926b53602837949f6
        Validity
            Not Before: Mar 25 20:01:06 2026 GMT
            Not After : Mar 26 20:01:06 2026 GMT
        Subject: CN=d9543cf7656a47164f83cd1abaedc51b5b73a494
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:69:de:7f:41:6b:2d:8c:37:e0:81:40:56:62:
                    dd:8a:bb:93:3b:59:de:44:be:46:ec:a7:6b:c2:bd:
                    87:f8:6d:4a:2f:0b:ed:f4:a4:3c:9b:91:ad:61:e4:
                    94:1f:d9:c5:fa:e3:f4:cc:86:56:bf:d0:00:3d:3a:
                    37:4c:6f:9d:86:f7:80:94:df:92:d6:e5:f9:ee:e3:
                    73:fd:7c:3d:da:30:ca:a9:3b:04:76:19:f6:68:b1:
                    7e:44:69:42:1d:48:e4:16:63:1d:00:91:e4:f4:5b:
                    2b:ea:b6:e2:46:ff:46:2e:fb:c5:13:29:f7:02:18:
                    d5:a6:a2:8e:cb:4d:5d:0b:80:7a:11:c8:69:c0:5f:
                    aa:70:4f:d2:b4:da:42:88:87:f6:ea:73:a8:ff:34:
                    44:34:61:18:16:b4:b0:a5:bc:42:1c:3c:2c:b3:5f:
                    74:53:0f:f2:16:02:35:09:69:3f:e0:78:78:41:da:
                    71:6a:74:73:d4:2d:90:5d:9b:0a:ed:a9:1f:02:a2:
                    ff:8a:7d:49:5d:6c:11:86:d4:02:5e:c4:78:08:9b:
                    aa:e8:31:c5:8f:4d:f8:01:f8:e8:52:3d:50:db:44:
                    e6:3d:c7:fa:18:85:44:83:cc:2f:c8:f2:0a:ff:58:
                    22:71:92:34:e8:20:e4:a2:1a:15:dc:e8:bf:b7:4e:
                    2e:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:54:3C:F7:65:6A:47:16:4F:83:CD:1A:BA:ED:C5:1B:5B:73:A4:94
            X509v3 Authority Key Identifier:
                keyid:3C:59:55:5E:C2:32:82:6C:7D:D6:D9:A9:26:B5:36:02:83:79:49:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFlVXsIygmx91tmpJrU2AoN5SfY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ba9404-78f3-4935-9e2e-95b1373c5399/1/PFlVXsIygmx91tmpJrU2AoN5SfY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:d5:a5:d2:17:7b:f6:0c:85:19:09:05:bb:48:68:0f:44:ac:
         20:11:5d:67:3f:5b:b7:72:09:80:f9:94:cf:63:e0:5e:ab:fc:
         d7:d3:12:a8:1c:ba:81:a9:09:c0:5f:ae:0c:8a:95:27:1f:d5:
         87:df:64:ff:d4:80:ea:5e:55:c7:7c:0e:83:4b:8a:93:70:06:
         6d:23:df:3d:4e:04:5a:19:de:b3:06:c7:76:a8:ce:72:61:20:
         d1:bd:66:1e:18:f4:03:2c:69:9d:21:6f:17:e4:5b:2d:7d:1a:
         be:7f:38:7d:2e:c5:5e:8e:c7:a9:03:01:9a:c0:2a:28:f9:0b:
         66:79:f9:19:98:b9:f0:0b:0e:8c:ea:18:11:c9:4d:51:64:c6:
         8e:f9:01:c4:93:68:72:4f:f6:9a:d8:3b:23:38:fc:f0:cf:51:
         c9:68:52:ad:f8:a8:8c:f0:e1:54:bd:37:b0:41:20:ad:26:be:
         f3:ca:21:91:97:cb:58:a2:62:81:fe:1f:d3:73:c0:95:d7:21:
         86:84:8e:cb:30:83:86:49:57:2e:ba:7e:0c:d8:44:fc:52:56:
         47:bb:a5:47:bc:4c:0d:9b:44:44:3a:66:87:08:15:c7:95:5a:
         6d:b2:b6:94:62:cf:e0:07:a1:94:23:b2:fa:93:f6:a4:74:0c:
         0a:53:1e:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mliBYgYTEoQ1dVkRsRdOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTk1NTVlYzIzMjgyNmM3ZGQ2ZDlhOTI2YjUzNjAyODM3
OTQ5ZjYwHhcNMjYwMzI1MjAwMTA2WhcNMjYwMzI2MjAwMTA2WjAzMTEwLwYDVQQD
EyhkOTU0M2NmNzY1NmE0NzE2NGY4M2NkMWFiYWVkYzUxYjViNzNhNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2nef0FrLYw34IFAVmLdiruTO1ne
RL5G7Kdrwr2H+G1KLwvt9KQ8m5GtYeSUH9nF+uP0zIZWv9AAPTo3TG+dhveAlN+S
1uX57uNz/Xw92jDKqTsEdhn2aLF+RGlCHUjkFmMdAJHk9Fsr6rbiRv9GLvvFEyn3
AhjVpqKOy01dC4B6EchpwF+qcE/StNpCiIf26nOo/zRENGEYFrSwpbxCHDwss190
Uw/yFgI1CWk/4Hh4QdpxanRz1C2QXZsK7akfAqL/in1JXWwRhtQCXsR4CJuq6DHF
j034AfjoUj1Q20TmPcf6GIVEg8wvyPIK/1gicZI06CDkohoV3Oi/t04uSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNlUPPdlakcWT4PNGrrtxRtbc6SUMB8GA1UdIwQY
MBaAFDxZVV7CMoJsfdbZqSa1NgKDeUn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUt
OTViMTM3M2M1Mzk5LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iYTk0MDQtNzhmMy00OTM1LTllMmUtOTViMTM3M2M1Mzk5
LzEvUEZsVlhzSXlnbXg5MXRtcEpyVTJBb041U2ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9Wl0hd7
9gyFGQkFu0hoD0SsIBFdZz9bt3IJgPmUz2PgXqv819MSqBy6gakJwF+uDIqVJx/V
h99k/9SA6l5Vx3wOg0uKk3AGbSPfPU4EWhneswbHdqjOcmEg0b1mHhj0AyxpnSFv
F+RbLX0avn84fS7FXo7HqQMBmsAqKPkLZnn5GZi58AsOjOoYEclNUWTGjvkBxJNo
ck/2mtg7Izj88M9RyWhSrfiojPDhVL03sEEgrSa+88ohkZfLWKJigf4f03PAldch
hoSOyzCDhklXLrp+DNhE/FJWR7ulR7xMDZtERDpmhwgVx5VabbK2lGLP4AehlCOy
+pP2pHQMClMe9w==
-----END CERTIFICATE-----