Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
File:                     kWV5napb3fL1Nt2BtybPrtDmCFs.mft (raw, json)
Hash identifier:          J8unCRQ5jx4XrvWdUWzPUpRPQbH+7Fa8AaCY6jOb5To=
Subject key identifier:   55:E2:A5:61:47:88:23:2B:08:3A:1E:A8:07:E5:32:B8:86:14:36:AC
Authority key identifier: 91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B
Certificate issuer:       /CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
Certificate serial:       019D28F2450B4137FCA7F24A55383D5CE1B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
Manifest number:          0300
Signing time:             Thu 26 Mar 2026 07:00:59 +0000
Manifest this update:     Thu 26 Mar 2026 07:00:59 +0000
Manifest next update:     Fri 27 Mar 2026 07:00:59 +0000
Files and hashes:         1: kWV5napb3fL1Nt2BtybPrtDmCFs.crl (hash: kuGFFDpuz3W+XebkzJVeq64Qj6OWtxl6RKdmw78IqKs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:45:0b:41:37:fc:a7:f2:4a:55:38:3d:5c:e1:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
        Validity
            Not Before: Mar 26 07:00:59 2026 GMT
            Not After : Mar 27 07:00:59 2026 GMT
        Subject: CN=55e2a5614788232b083a1ea807e532b8861436ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d0:b4:37:63:bb:7c:96:cc:3d:b4:7f:32:c8:
                    fb:3f:ce:cd:d8:13:6b:69:73:69:16:c1:6b:8e:5e:
                    26:8e:3b:64:39:a2:73:dd:d4:19:28:5f:86:52:46:
                    24:7c:25:9d:48:60:d0:06:c0:be:dd:ff:41:5b:fa:
                    34:cb:48:7c:a8:35:c8:85:fe:0e:c7:c3:3b:ee:5d:
                    c2:fb:1f:de:91:81:4b:d0:13:82:c3:19:97:fd:4f:
                    f7:01:32:97:36:b0:c1:e5:7a:28:54:58:8d:cd:24:
                    d3:f2:79:d1:f9:f4:4b:b5:01:6f:04:80:79:28:60:
                    6a:0b:5b:09:9a:bf:b6:28:2d:65:ac:04:2c:2d:4a:
                    18:96:24:92:e3:13:f9:b0:ea:dd:02:3d:0a:d1:d4:
                    ab:36:8b:c1:5a:4e:55:a7:cb:5e:22:6b:33:bf:0a:
                    49:78:a8:8e:76:90:5b:5b:1b:d7:a5:a2:c2:d5:5b:
                    a1:92:ad:b1:e6:f7:7f:66:b3:5c:14:33:04:c6:69:
                    26:b4:bc:4b:1a:6e:45:ea:1d:d1:d1:71:ad:40:70:
                    df:72:63:ff:2a:18:ea:aa:8e:f0:ea:21:71:0d:85:
                    55:2c:28:5f:dd:d4:7c:3b:6f:4d:ce:65:ca:2d:8c:
                    8e:8e:f0:30:e9:eb:4c:b6:65:90:c1:82:96:31:8c:
                    ba:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:E2:A5:61:47:88:23:2B:08:3A:1E:A8:07:E5:32:B8:86:14:36:AC
            X509v3 Authority Key Identifier:
                keyid:91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:a9:bb:91:ef:ef:d2:fb:13:13:0d:71:cf:7b:57:85:1f:5c:
         e6:6e:7c:18:61:34:e3:fe:c7:5c:38:f7:49:30:c8:6c:d2:96:
         15:70:e5:52:8b:46:83:f1:7c:65:f3:3d:7a:44:b1:c6:68:3b:
         df:e3:b7:1b:45:87:76:d2:6b:c3:7e:ec:87:57:89:e8:c1:af:
         83:03:1a:53:b2:cf:b2:7e:55:b9:c8:48:fc:2c:a4:75:39:4b:
         d9:39:70:7a:13:b1:44:21:d8:56:cb:b4:4c:70:41:78:e6:4a:
         ea:1a:7e:f1:c6:4d:82:69:30:7d:38:b0:2f:43:9a:34:98:68:
         f5:9a:63:99:27:40:36:91:93:0f:8a:e9:90:44:4d:22:95:98:
         af:b1:51:8d:18:86:ca:70:36:29:07:4b:56:14:81:11:88:0c:
         0d:dd:ae:72:59:76:78:34:aa:fc:38:98:54:3f:95:13:08:3b:
         1c:42:b1:d2:56:ef:76:d3:89:95:25:d3:06:b2:4c:8a:c3:a5:
         38:06:53:63:76:1f:05:5d:3e:1a:c4:90:b6:b5:99:d8:55:83:
         44:a9:64:ab:67:31:fb:1b:b2:f2:76:f9:87:75:41:ec:d8:5e:
         0e:58:a0:cd:d6:9c:a4:8a:d3:71:8c:0a:13:a5:55:f2:d1:54:
         78:2f:31:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8kULQTf8p/JKVTg9XOGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjU3OTlkYWE1YmRkZjJmNTM2ZGQ4MWI3MjZjZmFlZDBl
NjA4NWIwHhcNMjYwMzI2MDcwMDU5WhcNMjYwMzI3MDcwMDU5WjAzMTEwLwYDVQQD
Eyg1NWUyYTU2MTQ3ODgyMzJiMDgzYTFlYTgwN2U1MzJiODg2MTQzNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztC0N2O7fJbMPbR/Msj7P87N2BNr
aXNpFsFrjl4mjjtkOaJz3dQZKF+GUkYkfCWdSGDQBsC+3f9BW/o0y0h8qDXIhf4O
x8M77l3C+x/ekYFL0BOCwxmX/U/3ATKXNrDB5XooVFiNzSTT8nnR+fRLtQFvBIB5
KGBqC1sJmr+2KC1lrAQsLUoYliSS4xP5sOrdAj0K0dSrNovBWk5Vp8teImszvwpJ
eKiOdpBbWxvXpaLC1Vuhkq2x5vd/ZrNcFDMExmkmtLxLGm5F6h3R0XGtQHDfcmP/
Khjqqo7w6iFxDYVVLChf3dR8O29NzmXKLYyOjvAw6etMtmWQwYKWMYy6KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXipWFHiCMrCDoeqAflMriGFDasMB8GA1UdIwQY
MBaAFJFleZ2qW93y9Tbdgbcmz67Q5ghbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEt
ZWExN2RhMjI4NGZmLzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEtZWExN2RhMjI4NGZm
LzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANam7ke/v
0vsTEw1xz3tXhR9c5m58GGE04/7HXDj3STDIbNKWFXDlUotGg/F8ZfM9ekSxxmg7
3+O3G0WHdtJrw37sh1eJ6MGvgwMaU7LPsn5VuchI/CykdTlL2TlwehOxRCHYVsu0
THBBeOZK6hp+8cZNgmkwfTiwL0OaNJho9ZpjmSdANpGTD4rpkERNIpWYr7FRjRiG
ynA2KQdLVhSBEYgMDd2ucll2eDSq/DiYVD+VEwg7HEKx0lbvdtOJlSXTBrJMisOl
OAZTY3YfBV0+GsSQtrWZ2FWDRKlkq2cx+xuy8nb5h3VB7NheDligzdacpIrTcYwK
E6VV8tFUeC8x2A==
-----END CERTIFICATE-----