Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
File:                     tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft (raw, json)
Hash identifier:          4YQ9bJvrguk9YCNIUNp6PPlsL1q8ErSjr7pBiyNOZO8=
Subject key identifier:   CC:17:D5:9E:3C:AC:96:A4:E3:2D:3A:F8:FA:83:B1:B5:34:86:B7:7D
Authority key identifier: B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31
Certificate issuer:       /CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
Certificate serial:       019D27047555785673B6A96B93EC36227FDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
Manifest number:          033A
Signing time:             Wed 25 Mar 2026 22:01:36 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:36 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:36 +0000
Files and hashes:         1: tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl (hash: D4FuvR7E4I5z4WXQPmfd4DFKbXs9fxk26BWPGdtlr3U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:75:55:78:56:73:b6:a9:6b:93:ec:36:22:7f:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31
        Validity
            Not Before: Mar 25 22:01:36 2026 GMT
            Not After : Mar 26 22:01:36 2026 GMT
        Subject: CN=cc17d59e3cac96a4e32d3af8fa83b1b53486b77d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b1:da:db:a6:f5:79:2b:25:b7:dd:fa:68:1c:
                    36:2f:0d:fa:28:cd:a7:a8:fa:5f:74:6a:5f:c5:88:
                    71:60:93:73:60:9e:34:d3:3b:4c:2e:92:ef:df:bd:
                    d0:50:94:50:e1:cf:27:63:ba:0b:15:d5:40:ec:85:
                    97:52:65:80:45:92:04:d4:cd:08:59:03:f1:8e:45:
                    24:75:83:07:37:b3:bd:a6:e4:92:0d:da:30:0e:4e:
                    57:58:32:f8:96:c3:e2:17:a3:01:fd:6f:ad:09:87:
                    31:e5:a4:db:af:da:22:fb:6a:de:1c:a4:af:4d:bd:
                    13:56:27:f2:6b:7d:73:0e:66:63:53:e5:ce:45:dc:
                    32:cb:05:e3:31:9b:7d:ae:cf:e9:23:e4:82:2d:f1:
                    3c:e0:30:20:56:bb:dc:3e:66:78:4a:77:f0:3e:c2:
                    2b:95:78:0c:91:97:c6:9f:02:40:e4:ef:ed:bd:72:
                    8a:7d:32:64:05:39:14:3f:59:9a:7d:5f:71:3f:6e:
                    76:d1:d3:a9:f2:4f:fe:cc:19:1a:32:11:5c:34:31:
                    b7:72:34:77:07:88:f9:04:1b:0e:35:93:a9:07:07:
                    c2:a0:5b:fd:b9:0f:4c:e2:41:16:31:9e:1c:63:0d:
                    4a:7a:00:80:1a:f4:09:47:4f:e9:59:df:06:5a:27:
                    24:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:17:D5:9E:3C:AC:96:A4:E3:2D:3A:F8:FA:83:B1:B5:34:86:B7:7D
            X509v3 Authority Key Identifier:
                keyid:B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:bc:b0:3a:be:4f:30:4e:8e:a6:21:e8:ae:fc:dc:ae:e2:a9:
         1a:db:3e:9f:8a:13:2b:a0:3b:cd:82:74:7a:f4:58:c2:42:fb:
         22:82:ea:16:3c:cb:2a:fa:3f:19:0e:72:5e:54:89:12:04:60:
         20:29:8a:34:0d:89:89:b7:d3:f0:e7:ad:0c:91:ed:a7:e9:08:
         1c:90:0a:c0:31:0b:08:3f:c7:bc:5f:ca:f0:14:59:cd:a2:a6:
         28:ba:a2:52:52:49:3c:57:58:5c:b6:eb:8e:52:43:c3:e8:f3:
         4a:15:f8:78:e1:58:f4:a3:65:1e:03:2c:6d:00:88:ef:e9:26:
         8a:0e:cc:59:0b:26:21:f9:4e:de:e0:9c:86:13:5a:ee:c8:9f:
         3c:bf:25:6c:e5:6f:57:01:8a:3b:dc:11:d2:63:52:27:c5:ae:
         29:a5:93:f9:20:30:81:fc:4f:77:e8:8f:af:83:56:49:2f:76:
         29:5b:7d:59:bb:60:39:58:7c:87:58:36:5f:06:e1:85:1c:de:
         c2:df:fc:65:dc:82:32:dd:3f:41:d8:5f:86:6a:d5:82:0d:b1:
         8a:93:3e:90:c8:02:db:e4:96:96:6f:27:b8:ac:02:44:97:b1:
         f1:36:bf:0e:b0:fd:1f:c1:ab:0d:72:73:13:fa:5d:eb:a2:f9:
         1b:dc:cc:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBHVVeFZztqlrk+w2In/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTZjMjA3NDI4MjIyZjYzZmM5Y2JhODM5ZDBkYmQ5YTY5
NTBiMzEwHhcNMjYwMzI1MjIwMTM2WhcNMjYwMzI2MjIwMTM2WjAzMTEwLwYDVQQD
EyhjYzE3ZDU5ZTNjYWM5NmE0ZTMyZDNhZjhmYTgzYjFiNTM0ODZiNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprHa26b1eSslt936aBw2Lw36KM2n
qPpfdGpfxYhxYJNzYJ400ztMLpLv373QUJRQ4c8nY7oLFdVA7IWXUmWARZIE1M0I
WQPxjkUkdYMHN7O9puSSDdowDk5XWDL4lsPiF6MB/W+tCYcx5aTbr9oi+2reHKSv
Tb0TVifya31zDmZjU+XORdwyywXjMZt9rs/pI+SCLfE84DAgVrvcPmZ4SnfwPsIr
lXgMkZfGnwJA5O/tvXKKfTJkBTkUP1mafV9xP2520dOp8k/+zBkaMhFcNDG3cjR3
B4j5BBsONZOpBwfCoFv9uQ9M4kEWMZ4cYw1KegCAGvQJR0/pWd8GWickbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwX1Z48rJak4y06+PqDsbU0hrd9MB8GA1UdIwQY
MBaAFLSmwgdCgiL2P8nLqDnQ29mmlQsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUt
ODRhYmNmYmNkZjVlLzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUtODRhYmNmYmNkZjVl
LzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASrywOr5P
ME6OpiHorvzcruKpGts+n4oTK6A7zYJ0evRYwkL7IoLqFjzLKvo/GQ5yXlSJEgRg
ICmKNA2JibfT8OetDJHtp+kIHJAKwDELCD/HvF/K8BRZzaKmKLqiUlJJPFdYXLbr
jlJDw+jzShX4eOFY9KNlHgMsbQCI7+kmig7MWQsmIflO3uCchhNa7sifPL8lbOVv
VwGKO9wR0mNSJ8WuKaWT+SAwgfxPd+iPr4NWSS92KVt9WbtgOVh8h1g2XwbhhRze
wt/8ZdyCMt0/QdhfhmrVgg2xipM+kMgC2+SWlm8nuKwCRJex8Ta/DrD9H8GrDXJz
E/pd66L5G9zMvA==
-----END CERTIFICATE-----