Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          Ye/7P0BEj6MLYLjIvYHE3K3HAhzuNFpGEriQFFgwkRE=
Subject key identifier:   49:CF:6B:E4:68:51:03:67:72:A5:FD:2C:25:75:95:55:90:93:DC:94
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       019D27A88D68B0D4F4F28BD953C35A661CFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          0A40
Signing time:             Thu 26 Mar 2026 01:00:50 +0000
Manifest this update:     Thu 26 Mar 2026 01:00:50 +0000
Manifest next update:     Fri 27 Mar 2026 01:00:50 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: qQ7ONgPciiDYYkuTMXTFw515V0mP+fdz8UkRn19/uo4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:a8:8d:68:b0:d4:f4:f2:8b:d9:53:c3:5a:66:1c:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Mar 26 01:00:50 2026 GMT
            Not After : Mar 27 01:00:50 2026 GMT
        Subject: CN=49cf6be46851036772a5fd2c257595559093dc94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:67:5b:63:d5:aa:d3:c4:9a:76:0e:8b:4e:cd:
                    1d:9e:aa:d7:3c:bf:b6:3d:ac:09:2b:74:3b:4e:4f:
                    09:f2:22:59:1e:7b:07:da:85:f9:97:90:f5:98:74:
                    7e:b4:93:e4:4e:0d:a7:c8:19:4c:3b:be:52:16:c0:
                    27:c5:8a:a6:10:16:e4:9f:41:e3:48:78:1b:f7:76:
                    d8:9a:ed:1b:6a:76:b7:fe:0d:c9:92:5b:f0:f7:0e:
                    a0:8c:1b:68:57:e3:50:d2:7c:73:f5:6d:f2:28:dd:
                    79:bb:0a:34:54:3b:34:a6:5c:44:d0:c1:0a:e9:c2:
                    8d:93:70:ce:84:dc:39:d1:67:74:e5:f2:a7:29:99:
                    9c:75:44:ed:63:8d:fa:6d:1c:5b:74:46:76:0b:a4:
                    a1:b4:57:e1:c4:46:6f:6a:5b:c7:67:9d:4c:de:1a:
                    bc:b1:7f:b7:ef:4f:c4:0e:28:30:5a:d1:57:d6:8c:
                    8a:a6:5b:96:45:46:af:6e:15:d1:3a:64:12:fd:be:
                    81:c4:f6:b3:6a:d2:eb:e9:49:33:a7:f2:e3:e5:f2:
                    f6:f1:be:20:ed:59:3e:4c:fa:18:ff:80:c5:34:4f:
                    21:72:30:73:e9:89:45:46:b0:c0:67:d1:00:12:22:
                    ca:4c:d4:aa:a6:3a:aa:30:b6:59:38:99:bd:9b:f3:
                    c8:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:CF:6B:E4:68:51:03:67:72:A5:FD:2C:25:75:95:55:90:93:DC:94
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:95:38:72:f0:1b:56:41:e0:cb:21:58:ac:2d:c5:8f:6f:77:
         fb:fc:65:6c:07:fd:c5:1f:a7:43:5a:46:03:13:c3:f7:01:96:
         6d:e2:e0:64:73:9c:82:37:39:3e:45:1b:5b:8d:bd:ed:3e:2f:
         ba:39:f8:5c:08:ef:00:91:de:53:b3:ff:86:1a:3a:03:da:42:
         2c:71:b7:78:97:ff:ba:f9:72:8b:85:5d:59:50:f5:e6:c3:d6:
         14:c3:cc:e3:f9:fd:75:2e:07:27:b9:ef:2d:de:7e:2b:f8:71:
         17:5a:94:eb:e7:5e:99:13:9d:c4:d8:04:5e:ee:05:0e:94:2b:
         33:3b:a0:c3:cf:57:44:fc:5a:99:f2:dc:75:96:ca:d0:80:22:
         e4:1f:29:b0:50:e5:9e:22:85:d2:48:9b:18:b6:a5:a2:e5:71:
         50:ba:74:c0:7d:52:1d:68:fd:62:4e:30:89:75:6b:6b:00:38:
         64:6d:b3:be:a6:4b:e1:69:0e:76:85:4b:6f:c8:73:49:ec:bd:
         dd:a1:d5:01:e4:f5:44:c2:08:18:c6:c6:e8:37:2e:70:57:4e:
         da:fd:e6:b9:14:7e:83:59:ff:ab:8a:ae:d6:bb:05:75:4d:ea:
         7a:d9:00:12:77:60:5f:55:20:16:68:52:95:82:26:58:72:1f:
         89:67:3e:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqI1osNT08ovZU8NaZhz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjYwMzI2MDEwMDUwWhcNMjYwMzI3MDEwMDUwWjAzMTEwLwYDVQQD
Eyg0OWNmNmJlNDY4NTEwMzY3NzJhNWZkMmMyNTc1OTU1NTkwOTNkYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGdbY9Wq08Sadg6LTs0dnqrXPL+2
PawJK3Q7Tk8J8iJZHnsH2oX5l5D1mHR+tJPkTg2nyBlMO75SFsAnxYqmEBbkn0Hj
SHgb93bYmu0bana3/g3Jklvw9w6gjBtoV+NQ0nxz9W3yKN15uwo0VDs0plxE0MEK
6cKNk3DOhNw50Wd05fKnKZmcdUTtY436bRxbdEZ2C6ShtFfhxEZvalvHZ51M3hq8
sX+370/EDigwWtFX1oyKpluWRUavbhXROmQS/b6BxPazatLr6Ukzp/Lj5fL28b4g
7Vk+TPoY/4DFNE8hcjBz6YlFRrDAZ9EAEiLKTNSqpjqqMLZZOJm9m/PI8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnPa+RoUQNncqX9LCV1lVWQk9yUMB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJU4cvAb
VkHgyyFYrC3Fj293+/xlbAf9xR+nQ1pGAxPD9wGWbeLgZHOcgjc5PkUbW4297T4v
ujn4XAjvAJHeU7P/hho6A9pCLHG3eJf/uvlyi4VdWVD15sPWFMPM4/n9dS4HJ7nv
Ld5+K/hxF1qU6+demROdxNgEXu4FDpQrMzugw89XRPxamfLcdZbK0IAi5B8psFDl
niKF0kibGLalouVxULp0wH1SHWj9Yk4wiXVrawA4ZG2zvqZL4WkOdoVLb8hzSey9
3aHVAeT1RMIIGMbG6DcucFdO2v3muRR+g1n/q4qu1rsFdU3qetkAEndgX1UgFmhS
lYImWHIfiWc+MQ==
-----END CERTIFICATE-----