Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
File:                     1lcpIU0Paz-lGho4A32rjeSOBVg.mft (raw, json)
Hash identifier:          MdMkCkecpxDCuRbmBwxHKN5l2c3T6w4AizUFUfb9/cw=
Subject key identifier:   2F:90:BB:F8:D8:54:19:17:1B:9D:A1:DF:5B:D4:96:29:7C:46:D0:0A
Authority key identifier: D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58
Certificate issuer:       /CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
Certificate serial:       019D2997A07EDD43D34DFF24C6869E03F853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
Manifest number:          08E8
Signing time:             Thu 26 Mar 2026 10:01:35 +0000
Manifest this update:     Thu 26 Mar 2026 10:01:35 +0000
Manifest next update:     Fri 27 Mar 2026 10:01:35 +0000
Files and hashes:         1: 1lcpIU0Paz-lGho4A32rjeSOBVg.crl (hash: t8Hh5empIizh+u6ity+vvkeve8d7Yd1VVE4gRdggAeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:97:a0:7e:dd:43:d3:4d:ff:24:c6:86:9e:03:f8:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d65729214d0f6b3fa51a1a38037dab8de48e0558
        Validity
            Not Before: Mar 26 10:01:35 2026 GMT
            Not After : Mar 27 10:01:35 2026 GMT
        Subject: CN=2f90bbf8d85419171b9da1df5bd496297c46d00a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:b1:55:46:a4:0a:3b:40:53:12:51:60:52:cd:
                    15:e6:c7:9d:b7:9a:e5:ec:ce:b2:9c:c2:89:f3:d4:
                    13:bb:e4:98:b8:51:af:93:38:ec:b3:e5:0c:c1:fb:
                    a6:81:86:df:a1:d4:45:ef:1a:9a:14:d5:d3:02:f8:
                    ef:c5:e3:e4:c9:15:ba:ad:28:f3:23:12:61:da:c5:
                    97:fe:c5:84:09:38:69:86:e9:09:c6:22:31:36:42:
                    61:2e:fd:5a:dd:53:22:33:c3:f3:90:e9:c5:12:bb:
                    1d:ce:76:78:1c:c8:2b:14:64:7b:ff:00:3c:cb:1b:
                    24:3a:5d:3d:e1:97:6d:03:45:09:d0:1a:f6:8c:30:
                    dd:d5:f8:9a:ba:4a:64:fe:34:7c:05:6d:25:a9:d7:
                    f6:73:5c:63:22:8b:68:17:53:53:88:6e:a7:dc:73:
                    22:b2:0b:11:a5:8f:f6:34:6d:59:45:ea:6a:b9:89:
                    7c:fc:65:5b:67:7d:30:f9:c6:0b:a3:21:86:89:7f:
                    e0:5f:96:5c:9f:69:34:f2:ad:65:8c:16:a6:0c:90:
                    50:d1:f0:53:4a:2f:f5:cc:09:67:ad:b0:5b:79:b9:
                    51:af:bf:46:0d:3b:6a:df:1f:3e:79:ba:76:2d:81:
                    76:75:f6:2b:a2:a2:ae:1f:f8:3e:cf:74:24:54:61:
                    c2:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:90:BB:F8:D8:54:19:17:1B:9D:A1:DF:5B:D4:96:29:7C:46:D0:0A
            X509v3 Authority Key Identifier:
                keyid:D6:57:29:21:4D:0F:6B:3F:A5:1A:1A:38:03:7D:AB:8D:E4:8E:05:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1lcpIU0Paz-lGho4A32rjeSOBVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/085bd3-c34f-48cf-9a73-ec43fd6c227a/1/1lcpIU0Paz-lGho4A32rjeSOBVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:a0:8b:30:63:59:cf:88:e1:d0:83:09:42:41:96:25:c8:25:
         7a:4e:c2:ce:f5:34:8c:2e:e6:a7:55:a8:84:5c:d8:2a:2b:0c:
         46:ad:9d:d6:5d:d9:81:ec:ba:b0:0f:ed:a4:01:83:e4:2c:0b:
         34:22:87:4c:62:f0:4d:b8:49:f6:bb:5b:34:5f:bf:56:75:52:
         25:6b:5d:e4:27:e6:a5:a2:cc:13:12:bd:49:fd:61:7e:6d:50:
         59:8c:9e:72:b1:b6:c6:da:3d:75:dc:84:fd:fc:3f:de:c8:a2:
         88:72:11:c0:16:c8:70:68:de:b1:45:8b:62:94:52:75:96:e7:
         08:aa:70:28:20:48:9d:54:f0:82:88:4e:5c:ae:84:98:cb:04:
         31:8a:7d:59:27:15:67:a5:9e:e0:40:97:ca:69:56:08:79:c6:
         7b:2e:6a:01:9c:6c:a0:0f:02:1b:f2:3b:ab:92:ab:45:3f:f0:
         7d:96:66:49:da:3f:10:1e:16:0e:14:b6:99:69:9b:d3:8e:81:
         e0:bc:3d:4a:30:51:e2:07:c5:71:3a:73:aa:62:b6:08:56:17:
         42:00:98:ee:4f:14:a1:a0:18:8e:37:2c:1f:20:ef:59:4f:03:
         51:3d:23:4f:1d:67:fd:32:67:0c:37:59:d9:36:6c:7c:53:c2:
         16:a8:3f:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pl6B+3UPTTf8kxoaeA/hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NTcyOTIxNGQwZjZiM2ZhNTFhMWEzODAzN2RhYjhkZTQ4
ZTA1NTgwHhcNMjYwMzI2MTAwMTM1WhcNMjYwMzI3MTAwMTM1WjAzMTEwLwYDVQQD
EygyZjkwYmJmOGQ4NTQxOTE3MWI5ZGExZGY1YmQ0OTYyOTdjNDZkMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbFVRqQKO0BTElFgUs0V5sedt5rl
7M6ynMKJ89QTu+SYuFGvkzjss+UMwfumgYbfodRF7xqaFNXTAvjvxePkyRW6rSjz
IxJh2sWX/sWECThphukJxiIxNkJhLv1a3VMiM8PzkOnFErsdznZ4HMgrFGR7/wA8
yxskOl094ZdtA0UJ0Br2jDDd1fiaukpk/jR8BW0lqdf2c1xjIotoF1NTiG6n3HMi
sgsRpY/2NG1ZRepquYl8/GVbZ30w+cYLoyGGiX/gX5Zcn2k08q1ljBamDJBQ0fBT
Si/1zAlnrbBbeblRr79GDTtq3x8+ebp2LYF2dfYroqKuH/g+z3QkVGHC6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+Qu/jYVBkXG52h31vUlil8RtAKMB8GA1UdIwQY
MBaAFNZXKSFND2s/pRoaOAN9q43kjgVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMt
ZWM0M2ZkNmMyMjdhLzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wODViZDMtYzM0Zi00OGNmLTlhNzMtZWM0M2ZkNmMyMjdh
LzEvMWxjcElVMFBhei1sR2hvNEEzMnJqZVNPQlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo6CLMGNZ
z4jh0IMJQkGWJcglek7CzvU0jC7mp1WohFzYKisMRq2d1l3Zgey6sA/tpAGD5CwL
NCKHTGLwTbhJ9rtbNF+/VnVSJWtd5CfmpaLMExK9Sf1hfm1QWYyecrG2xto9ddyE
/fw/3siiiHIRwBbIcGjesUWLYpRSdZbnCKpwKCBInVTwgohOXK6EmMsEMYp9WScV
Z6We4ECXymlWCHnGey5qAZxsoA8CG/I7q5KrRT/wfZZmSdo/EB4WDhS2mWmb046B
4Lw9SjBR4gfFcTpzqmK2CFYXQgCY7k8UoaAYjjcsHyDvWU8DUT0jTx1n/TJnDDdZ
2TZsfFPCFqg/Nw==
-----END CERTIFICATE-----