Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
File:                     RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft (raw, json)
Hash identifier:          SuKkplWpYX65EG7lJoHurqPpRS7U0z7pDwLs2R5dB5I=
Subject key identifier:   38:B9:2B:42:22:F3:22:52:2A:E3:EA:19:BA:47:C1:AE:DB:A8:49:ED
Authority key identifier: 44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83
Certificate issuer:       /CN=44b14b1b3069f50c6e25c8a24afc61711d598583
Certificate serial:       019D273B230829AF07B79624096B7F53738E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
Manifest number:          0345
Signing time:             Wed 25 Mar 2026 23:01:20 +0000
Manifest this update:     Wed 25 Mar 2026 23:01:20 +0000
Manifest next update:     Thu 26 Mar 2026 23:01:20 +0000
Files and hashes:         1: RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl (hash: fkOmhw3Kt3YjPrDwTmQjJwQOmIYOzNqdmiOYlsg40hg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:3b:23:08:29:af:07:b7:96:24:09:6b:7f:53:73:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44b14b1b3069f50c6e25c8a24afc61711d598583
        Validity
            Not Before: Mar 25 23:01:20 2026 GMT
            Not After : Mar 26 23:01:20 2026 GMT
        Subject: CN=38b92b4222f322522ae3ea19ba47c1aedba849ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:70:ce:6d:02:a8:85:5f:27:d9:dd:56:b2:7a:
                    8c:af:73:a1:6a:2a:f8:44:e1:33:66:39:60:25:29:
                    d6:c2:1e:7b:b9:1a:20:dd:94:16:61:3d:32:18:c2:
                    55:64:c8:52:89:de:3c:c0:28:0c:c4:79:d7:02:97:
                    91:f6:3f:80:f8:cf:69:e3:0a:2e:50:92:75:76:96:
                    0b:16:75:66:b9:57:3d:f9:4a:25:8a:ec:59:c4:3f:
                    b0:1d:4d:6a:d0:74:9d:1e:4e:28:3d:46:29:1c:cc:
                    45:9d:9c:8e:7d:ab:95:9d:7f:22:a3:43:40:eb:26:
                    d7:93:72:42:63:72:5b:4d:cf:e4:1d:3c:88:af:7e:
                    8f:e8:8d:55:14:b6:ff:dd:d9:bc:19:f6:18:e6:b0:
                    bd:83:97:ec:d6:69:37:57:ac:a2:9a:8e:be:6f:46:
                    d5:e8:2a:80:bd:8c:f1:7d:de:59:00:f7:a9:1d:d3:
                    88:36:92:7a:02:4a:24:b5:4d:61:d4:2e:9c:4a:17:
                    9f:58:18:45:62:eb:50:c9:af:cb:95:c1:c8:4a:b3:
                    c2:8d:70:cc:98:74:8c:3f:45:c3:de:44:c8:61:c0:
                    a4:92:af:3e:e3:e4:69:7e:12:b2:b2:fc:85:b1:f1:
                    c6:7e:ac:28:7d:99:34:c9:22:87:f7:88:2c:dc:21:
                    49:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B9:2B:42:22:F3:22:52:2A:E3:EA:19:BA:47:C1:AE:DB:A8:49:ED
            X509v3 Authority Key Identifier:
                keyid:44:B1:4B:1B:30:69:F5:0C:6E:25:C8:A2:4A:FC:61:71:1D:59:85:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RLFLGzBp9QxuJciiSvxhcR1ZhYM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cfcac0-69c0-40f3-97ff-acd43456ad92/1/RLFLGzBp9QxuJciiSvxhcR1ZhYM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:76:53:eb:d8:74:27:3a:61:99:95:ff:b2:5e:98:12:64:c4:
         ea:ec:ad:d7:69:1d:35:91:28:60:1c:6d:ff:c8:ee:e1:8e:db:
         f4:06:cb:68:ca:49:e4:d1:e9:43:96:7e:c1:9b:6a:c8:29:47:
         68:98:db:3b:cf:3b:12:1c:0d:55:5f:c2:2e:87:40:6c:56:20:
         79:bd:ef:8c:bc:a7:b0:43:32:cc:bc:4c:2b:cd:35:b0:b4:74:
         18:02:ef:56:08:91:c3:1c:6f:34:51:19:3d:f9:b6:85:c6:91:
         ce:3a:77:dc:c6:e2:44:80:94:ed:36:d8:8d:a4:3c:42:47:fd:
         56:bc:08:99:87:f7:46:40:36:3e:c0:f8:be:60:4d:7d:dc:1e:
         cf:42:54:e2:b0:23:0b:0f:dd:c0:15:4f:2b:02:12:8b:ff:75:
         37:1a:cb:04:05:5d:28:98:12:0c:27:13:1a:a0:ed:82:12:48:
         15:cc:87:a4:e8:ab:d9:64:a0:da:08:50:93:0e:da:b5:8a:5f:
         af:2c:5c:e2:88:93:a1:8a:0c:ba:11:f3:9e:70:54:7f:9c:19:
         51:7c:db:b6:20:6f:62:67:36:55:9b:f7:8b:5f:67:3d:fb:c7:
         88:fa:81:19:62:14:41:0f:8b:2b:06:ab:dd:e7:60:f5:5b:9c:
         bd:b6:03:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOyMIKa8Ht5YkCWt/U3OOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YjE0YjFiMzA2OWY1MGM2ZTI1YzhhMjRhZmM2MTcxMWQ1
OTg1ODMwHhcNMjYwMzI1MjMwMTIwWhcNMjYwMzI2MjMwMTIwWjAzMTEwLwYDVQQD
EygzOGI5MmI0MjIyZjMyMjUyMmFlM2VhMTliYTQ3YzFhZWRiYTg0OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHDObQKohV8n2d1WsnqMr3Ohair4
ROEzZjlgJSnWwh57uRog3ZQWYT0yGMJVZMhSid48wCgMxHnXApeR9j+A+M9p4wou
UJJ1dpYLFnVmuVc9+UoliuxZxD+wHU1q0HSdHk4oPUYpHMxFnZyOfauVnX8io0NA
6ybXk3JCY3JbTc/kHTyIr36P6I1VFLb/3dm8GfYY5rC9g5fs1mk3V6yimo6+b0bV
6CqAvYzxfd5ZAPepHdOINpJ6AkoktU1h1C6cShefWBhFYutQya/LlcHISrPCjXDM
mHSMP0XD3kTIYcCkkq8+4+RpfhKysvyFsfHGfqwofZk0ySKH94gs3CFJdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi5K0Ii8yJSKuPqGbpHwa7bqEntMB8GA1UdIwQY
MBaAFESxSxswafUMbiXIokr8YXEdWYWDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYt
YWNkNDM0NTZhZDkyLzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jZmNhYzAtNjljMC00MGYzLTk3ZmYtYWNkNDM0NTZhZDky
LzEvUkxGTEd6QnA5UXh1SmNpaVN2eGhjUjFaaFlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJXZT69h0
JzphmZX/sl6YEmTE6uyt12kdNZEoYBxt/8ju4Y7b9AbLaMpJ5NHpQ5Z+wZtqyClH
aJjbO887EhwNVV/CLodAbFYgeb3vjLynsEMyzLxMK801sLR0GALvVgiRwxxvNFEZ
Pfm2hcaRzjp33MbiRICU7TbYjaQ8Qkf9VrwImYf3RkA2PsD4vmBNfdwez0JU4rAj
Cw/dwBVPKwISi/91NxrLBAVdKJgSDCcTGqDtghJIFcyHpOir2WSg2ghQkw7atYpf
ryxc4oiToYoMuhHznnBUf5wZUXzbtiBvYmc2VZv3i19nPfvHiPqBGWIUQQ+LKwar
3edg9VucvbYD+A==
-----END CERTIFICATE-----