Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
File:                     dnECLoKiznV3Drwajw1F9E8scxY.mft (raw, json)
Hash identifier:          T+OFnnLEMzAIIkXft/ZM8FCc0DM4Urj2gZV83k6xBf8=
Subject key identifier:   25:44:AB:1A:40:97:4A:05:48:D4:21:BD:A5:B7:C7:4A:B0:9B:87:AC
Authority key identifier: 76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16
Certificate issuer:       /CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
Certificate serial:       019D2703DF7C2CDE6C282CDC43AF288EA607
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
Manifest number:          1883
Signing time:             Wed 25 Mar 2026 22:00:58 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:58 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:58 +0000
Files and hashes:         1: dnECLoKiznV3Drwajw1F9E8scxY.crl (hash: BiwklRKgTTEmtHsVHT3Q0o/SxiWB1GrWbhvG8vaKFu8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:df:7c:2c:de:6c:28:2c:dc:43:af:28:8e:a6:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7671022e82a2ce75770ebc1a8f0d45f44f2c7316
        Validity
            Not Before: Mar 25 22:00:58 2026 GMT
            Not After : Mar 26 22:00:58 2026 GMT
        Subject: CN=2544ab1a40974a0548d421bda5b7c74ab09b87ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:79:c9:16:d3:3d:38:ce:a8:9a:a1:4b:7a:ab:
                    6d:ef:c6:bc:0e:f5:af:e0:c7:ad:b7:ff:91:d1:b9:
                    d0:e7:8d:a6:da:27:68:5d:56:11:f0:4a:09:13:78:
                    d2:5d:78:89:01:cc:a0:83:6b:00:fe:3f:91:de:92:
                    fb:53:b2:ce:f4:b7:43:58:ec:6c:a9:6f:37:67:bd:
                    15:c4:b6:90:93:74:d5:c9:61:e3:04:c3:35:6c:63:
                    79:2f:5b:05:35:44:e9:fe:f9:ae:f1:b1:b6:3b:61:
                    0c:51:fc:7e:02:67:ec:f6:c8:97:ca:91:24:84:ae:
                    5f:c9:2c:ae:51:a8:33:c0:d0:e6:62:1b:ba:50:f6:
                    6a:c3:73:a0:f1:88:b6:0e:40:4a:59:7f:9d:f7:44:
                    a3:83:f4:73:82:ca:8c:3d:20:05:48:52:79:28:05:
                    e8:71:d4:ff:65:6f:78:79:28:45:df:a3:01:e8:90:
                    2b:af:35:79:c4:f0:0d:28:f1:25:16:c9:51:96:c9:
                    be:60:1a:5c:a4:2e:3e:be:d1:14:bf:2e:91:15:c2:
                    31:07:cb:a6:f4:c7:60:72:6c:d2:86:6b:12:05:25:
                    17:2c:89:64:1c:b5:96:5d:2c:fd:64:4e:cd:56:a4:
                    33:d0:18:9e:8a:c4:73:c1:1e:ce:cd:cd:13:c4:81:
                    49:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:44:AB:1A:40:97:4A:05:48:D4:21:BD:A5:B7:C7:4A:B0:9B:87:AC
            X509v3 Authority Key Identifier:
                keyid:76:71:02:2E:82:A2:CE:75:77:0E:BC:1A:8F:0D:45:F4:4F:2C:73:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnECLoKiznV3Drwajw1F9E8scxY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c2719d-8d77-4686-a2fb-7b4f09785f79/1/dnECLoKiznV3Drwajw1F9E8scxY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:7a:8c:7d:72:11:e2:fc:fe:fb:26:64:6b:a2:15:9b:12:a5:
         21:03:f0:9d:1f:12:6d:d3:51:be:4d:f0:df:76:4e:33:89:74:
         6f:04:09:2f:b6:10:6a:a1:33:df:b8:40:23:df:50:c3:45:eb:
         fe:19:5e:8d:7e:ab:c7:a9:89:65:df:75:5b:84:5a:44:45:b4:
         87:6e:bd:34:8d:a3:4a:c8:07:a0:4f:d0:57:d4:57:78:b2:19:
         0a:48:c6:36:86:23:fd:7c:2c:82:3e:10:94:22:e2:00:6d:9a:
         b7:68:70:de:b8:84:98:a4:ee:58:d6:09:9b:fa:f6:3e:9c:01:
         cf:5d:72:28:ec:6d:06:bc:89:ef:56:16:3b:1d:99:f5:06:5c:
         bd:25:4f:67:9f:b7:57:04:4b:16:da:cb:ec:ab:74:70:db:d1:
         09:20:aa:e2:dd:f1:67:37:e0:27:92:c8:e1:95:51:a6:33:9d:
         75:e3:61:70:38:ad:61:8c:4f:cf:b4:fb:6a:6e:30:26:d5:04:
         4e:a6:fd:f9:34:6d:f7:72:09:99:57:24:8b:97:6a:e5:b3:89:
         69:ab:c5:2d:b8:78:5a:34:f2:47:43:79:22:a7:49:3b:20:17:
         a8:e5:06:94:96:cb:d0:9b:47:11:f0:d2:f7:12:f0:4b:9c:0c:
         26:3e:69:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA998LN5sKCzcQ68ojqYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzEwMjJlODJhMmNlNzU3NzBlYmMxYThmMGQ0NWY0NGYy
YzczMTYwHhcNMjYwMzI1MjIwMDU4WhcNMjYwMzI2MjIwMDU4WjAzMTEwLwYDVQQD
EygyNTQ0YWIxYTQwOTc0YTA1NDhkNDIxYmRhNWI3Yzc0YWIwOWI4N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nnJFtM9OM6omqFLeqtt78a8DvWv
4Mett/+R0bnQ542m2idoXVYR8EoJE3jSXXiJAcygg2sA/j+R3pL7U7LO9LdDWOxs
qW83Z70VxLaQk3TVyWHjBMM1bGN5L1sFNUTp/vmu8bG2O2EMUfx+Amfs9siXypEk
hK5fySyuUagzwNDmYhu6UPZqw3Og8Yi2DkBKWX+d90Sjg/RzgsqMPSAFSFJ5KAXo
cdT/ZW94eShF36MB6JArrzV5xPANKPElFslRlsm+YBpcpC4+vtEUvy6RFcIxB8um
9MdgcmzShmsSBSUXLIlkHLWWXSz9ZE7NVqQz0BieisRzwR7Ozc0TxIFJPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVEqxpAl0oFSNQhvaW3x0qwm4esMB8GA1UdIwQY
MBaAFHZxAi6Cos51dw68Go8NRfRPLHMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmIt
N2I0ZjA5Nzg1Zjc5LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMjcxOWQtOGQ3Ny00Njg2LWEyZmItN2I0ZjA5Nzg1Zjc5
LzEvZG5FQ0xvS2l6blYzRHJ3YWp3MUY5RThzY3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArnqMfXIR
4vz++yZka6IVmxKlIQPwnR8SbdNRvk3w33ZOM4l0bwQJL7YQaqEz37hAI99Qw0Xr
/hlejX6rx6mJZd91W4RaREW0h269NI2jSsgHoE/QV9RXeLIZCkjGNoYj/Xwsgj4Q
lCLiAG2at2hw3riEmKTuWNYJm/r2PpwBz11yKOxtBryJ71YWOx2Z9QZcvSVPZ5+3
VwRLFtrL7Kt0cNvRCSCq4t3xZzfgJ5LI4ZVRpjOddeNhcDitYYxPz7T7am4wJtUE
Tqb9+TRt93IJmVcki5dq5bOJaavFLbh4WjTyR0N5IqdJOyAXqOUGlJbL0JtHEfDS
9xLwS5wMJj5pVA==
-----END CERTIFICATE-----