Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
File:                     2V_Z-7sug4agu3amyEH8aKfD65g.mft (raw, json)
Hash identifier:          0kzWa9MoylUZbFgtonUqN0hEiP6MRrl12PUitS3XxX8=
Subject key identifier:   75:FC:E7:0B:46:58:47:DD:32:73:D6:30:EF:92:B8:97:8B:4C:20:B4
Authority key identifier: D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98
Certificate issuer:       /CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
Certificate serial:       019D2628726EAB788BDFDE08D73C6ACD65E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
Manifest number:          04D7
Signing time:             Wed 25 Mar 2026 18:01:18 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:18 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:18 +0000
Files and hashes:         1: 2V_Z-7sug4agu3amyEH8aKfD65g.crl (hash: PZ3ofI3bL2jEtjwt0arBNyKe75PvOoxelCpJx65LmxY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 18:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:72:6e:ab:78:8b:df:de:08:d7:3c:6a:cd:65:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d95fd9fbbb2e8386a0bb76a6c841fc68a7c3eb98
        Validity
            Not Before: Mar 25 18:01:18 2026 GMT
            Not After : Mar 26 18:01:18 2026 GMT
        Subject: CN=75fce70b465847dd3273d630ef92b8978b4c20b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c2:96:be:15:6a:01:b6:c5:43:32:9a:12:8d:
                    4f:7b:be:c8:aa:64:60:df:f9:b5:8a:1a:7f:f2:fc:
                    26:9d:eb:76:bb:28:40:52:89:6f:c3:e0:21:f0:24:
                    6f:85:94:f3:31:51:9f:92:83:82:f0:72:06:d3:c6:
                    f1:22:f5:2e:af:86:c0:7d:3f:d8:bf:1c:4d:1e:3c:
                    e1:83:7f:98:09:16:83:15:60:cd:2c:ed:85:a5:b0:
                    98:f3:88:7b:0d:79:1c:e8:ce:b6:73:d5:9c:5f:54:
                    5f:5f:46:5b:2a:55:fa:0e:fd:ef:44:2f:01:69:4e:
                    54:0a:2c:30:5d:14:3a:94:78:df:19:b0:3c:90:c4:
                    fe:c5:00:12:6a:bf:40:5e:65:92:32:5f:c9:a2:e7:
                    b2:a8:39:25:03:f7:86:c3:24:5e:9f:28:7a:53:fc:
                    3b:63:e7:70:5f:ea:d2:24:47:ec:87:3d:12:52:3c:
                    2e:77:3a:75:b7:7c:ab:8c:2c:f8:2f:98:5c:a3:5d:
                    4e:7c:9a:59:e3:6f:5f:30:64:59:f7:ce:47:49:db:
                    de:4f:43:72:d5:c3:11:6d:42:0a:d5:e3:45:d3:87:
                    63:09:af:2c:6a:d2:de:3c:3f:95:4f:4b:09:93:09:
                    c9:d8:5e:d2:c4:66:f5:a1:cc:14:06:55:fd:27:6a:
                    4d:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:FC:E7:0B:46:58:47:DD:32:73:D6:30:EF:92:B8:97:8B:4C:20:B4
            X509v3 Authority Key Identifier:
                keyid:D9:5F:D9:FB:BB:2E:83:86:A0:BB:76:A6:C8:41:FC:68:A7:C3:EB:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2V_Z-7sug4agu3amyEH8aKfD65g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3220c-4d66-4d4c-9358-320df2eb0fd2/1/2V_Z-7sug4agu3amyEH8aKfD65g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:67:93:fd:5c:b3:f8:5a:80:42:c7:18:ef:9a:74:8d:93:cf:
         d1:c7:66:05:ee:15:54:c0:ff:db:52:ea:9c:1e:c3:69:91:e4:
         95:3c:f5:95:ea:71:96:24:16:8d:99:fc:f5:e0:2a:4f:13:40:
         d1:9b:ac:a3:2f:01:aa:96:63:34:c6:1a:15:18:15:74:91:34:
         5d:cd:0c:29:93:c8:87:7c:fb:96:1f:42:c0:c0:2d:43:46:cb:
         56:81:ac:b8:e7:a7:27:ab:4d:78:41:b6:10:ca:f7:c2:ce:6d:
         1c:8d:0e:e6:74:29:66:0a:ac:47:3d:24:df:69:6e:fc:a9:11:
         f7:ed:46:38:c3:01:f5:87:2c:61:ad:71:35:cb:66:a9:47:0f:
         b8:8a:c1:77:20:6a:f4:2b:09:50:40:36:46:88:40:a4:cf:54:
         32:d2:8f:8c:34:7e:33:c2:7b:cc:f9:f0:96:ec:bf:79:26:fa:
         0b:55:f5:c3:2a:d0:37:fe:34:88:34:3d:dd:f0:c5:08:ee:9c:
         3b:1f:ca:34:f0:02:ce:be:f1:ed:ff:81:75:73:43:ff:dd:dc:
         c6:bc:30:59:cc:e2:bc:da:a5:09:fa:e3:38:f4:1f:ef:d3:ea:
         57:c6:c2:06:33:0c:61:c4:0b:42:8e:bb:5a:be:f9:24:3b:0b:
         d7:b1:c8:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKHJuq3iL394I1zxqzWXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWZkOWZiYmIyZTgzODZhMGJiNzZhNmM4NDFmYzY4YTdj
M2ViOTgwHhcNMjYwMzI1MTgwMTE4WhcNMjYwMzI2MTgwMTE4WjAzMTEwLwYDVQQD
Eyg3NWZjZTcwYjQ2NTg0N2RkMzI3M2Q2MzBlZjkyYjg5NzhiNGMyMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssKWvhVqAbbFQzKaEo1Pe77IqmRg
3/m1ihp/8vwmnet2uyhAUolvw+Ah8CRvhZTzMVGfkoOC8HIG08bxIvUur4bAfT/Y
vxxNHjzhg3+YCRaDFWDNLO2FpbCY84h7DXkc6M62c9WcX1RfX0ZbKlX6Dv3vRC8B
aU5UCiwwXRQ6lHjfGbA8kMT+xQASar9AXmWSMl/JoueyqDklA/eGwyRenyh6U/w7
Y+dwX+rSJEfshz0SUjwudzp1t3yrjCz4L5hco11OfJpZ429fMGRZ985HSdveT0Ny
1cMRbUIK1eNF04djCa8satLePD+VT0sJkwnJ2F7SxGb1ocwUBlX9J2pN9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHX85wtGWEfdMnPWMO+SuJeLTCC0MB8GA1UdIwQY
MBaAFNlf2fu7LoOGoLt2pshB/Ginw+uYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgt
MzIwZGYyZWIwZmQyLzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kMzIyMGMtNGQ2Ni00ZDRjLTkzNTgtMzIwZGYyZWIwZmQy
LzEvMlZfWi03c3VnNGFndTNhbXlFSDhhS2ZENjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiWeT/Vyz
+FqAQscY75p0jZPP0cdmBe4VVMD/21LqnB7DaZHklTz1lepxliQWjZn89eAqTxNA
0Zusoy8BqpZjNMYaFRgVdJE0Xc0MKZPIh3z7lh9CwMAtQ0bLVoGsuOenJ6tNeEG2
EMr3ws5tHI0O5nQpZgqsRz0k32lu/KkR9+1GOMMB9YcsYa1xNctmqUcPuIrBdyBq
9CsJUEA2RohApM9UMtKPjDR+M8J7zPnwluy/eSb6C1X1wyrQN/40iDQ93fDFCO6c
Ox/KNPACzr7x7f+BdXND/93cxrwwWczivNqlCfrjOPQf79PqV8bCBjMMYcQLQo67
Wr75JDsL17HIjQ==
-----END CERTIFICATE-----