Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          Wy5Iry+bTCsHatYAfH1NbQSupvd93NjCo6hpVujpdnc=
Subject key identifier:   76:6A:AD:2D:B9:F2:7F:3A:54:8B:83:F2:7E:99:10:F9:D9:3D:EA:03
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       019D28F2AE3329165B83EAD5067037C904BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          159D
Signing time:             Thu 26 Mar 2026 07:01:26 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:26 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:26 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: ouSUZti2GfisxlKt2Gd65H4yAjminuemu5ek2dbq8PE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:ae:33:29:16:5b:83:ea:d5:06:70:37:c9:04:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Mar 26 07:01:26 2026 GMT
            Not After : Mar 27 07:01:26 2026 GMT
        Subject: CN=766aad2db9f27f3a548b83f27e9910f9d93dea03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:d7:30:0e:ea:27:3b:ba:65:1a:e6:01:b6:63:
                    78:ae:32:5d:4b:35:3b:73:4d:8b:2a:39:2b:8f:36:
                    59:ca:6e:7a:e2:a7:d3:4c:63:ac:57:d0:e4:c1:e0:
                    ca:98:24:9d:0c:ff:9a:09:94:ae:fd:5c:13:40:13:
                    31:74:d7:6b:2a:49:fa:e0:23:b6:00:36:64:1d:fe:
                    c2:10:81:34:a9:1c:92:83:92:fd:13:b5:66:89:44:
                    4f:3a:0c:41:ca:fa:33:f1:9d:31:8d:a7:fc:ac:d1:
                    16:99:96:1b:d1:a8:03:6f:92:02:0c:bb:73:84:1f:
                    14:a4:b1:17:aa:43:7a:42:c8:86:c6:be:5b:52:9a:
                    f8:6c:f8:3a:a6:83:c1:57:a7:9e:20:04:8f:4a:d0:
                    64:a3:85:85:84:9a:41:91:86:26:9b:a5:46:c2:52:
                    54:82:c4:ef:43:95:cf:cf:ea:b0:76:cb:c2:1b:e9:
                    f4:c1:66:84:df:60:3b:4b:cf:12:e7:cb:ea:ba:58:
                    bb:02:8c:fb:b9:9d:ab:26:69:0f:a3:44:5d:5f:b2:
                    f5:74:f5:e2:52:f7:49:2a:e1:03:3d:52:09:94:33:
                    00:b4:55:b0:26:d1:39:1d:5f:b6:e0:ba:7f:93:a3:
                    c9:9b:a5:93:40:15:b8:be:91:cc:fc:0d:a6:36:0b:
                    49:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:6A:AD:2D:B9:F2:7F:3A:54:8B:83:F2:7E:99:10:F9:D9:3D:EA:03
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:15:b8:e6:9e:05:ed:c5:fc:52:ea:d9:0e:5a:55:2c:e5:23:
         c9:00:4f:6b:8b:f9:4b:ec:e2:8f:1f:0c:b6:c2:80:b0:20:36:
         32:b9:24:bc:00:f2:78:13:5d:41:0f:54:d4:49:fd:40:1a:8c:
         7e:45:23:f2:c2:36:08:9b:e3:8b:34:3a:94:71:23:05:9d:33:
         53:fc:50:af:b9:97:07:73:e4:b6:cf:a0:f3:47:12:db:4c:47:
         12:00:26:45:4f:70:3b:d4:63:0e:64:28:61:96:3f:d8:01:c4:
         56:4e:e5:c6:f4:46:e9:13:c8:54:2b:e2:45:af:ba:53:75:33:
         92:59:d9:d6:02:c3:cb:8c:90:8c:36:a5:ae:81:f4:f6:f8:c6:
         7f:7a:db:1a:84:2f:76:03:e8:53:69:b0:8e:6f:4e:eb:a5:c5:
         92:92:c8:28:46:6a:c8:42:59:2c:f1:8e:ea:a9:e4:06:3e:25:
         83:1f:0f:95:4e:d5:c8:b4:b8:84:1e:54:40:4b:29:d7:6c:63:
         85:0e:53:57:34:b9:24:e1:5f:ce:8d:d0:b1:08:74:0a:33:3d:
         24:cc:43:fa:dc:6b:e7:14:e1:e4:db:42:bb:b8:6e:5e:d5:f5:
         0c:38:61:ad:a2:da:4d:c3:55:2d:4a:42:1a:7d:22:76:8d:44:
         c0:55:05:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8q4zKRZbg+rVBnA3yQS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjYwMzI2MDcwMTI2WhcNMjYwMzI3MDcwMTI2WjAzMTEwLwYDVQQD
Eyg3NjZhYWQyZGI5ZjI3ZjNhNTQ4YjgzZjI3ZTk5MTBmOWQ5M2RlYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dcwDuonO7plGuYBtmN4rjJdSzU7
c02LKjkrjzZZym564qfTTGOsV9DkweDKmCSdDP+aCZSu/VwTQBMxdNdrKkn64CO2
ADZkHf7CEIE0qRySg5L9E7VmiURPOgxByvoz8Z0xjaf8rNEWmZYb0agDb5ICDLtz
hB8UpLEXqkN6QsiGxr5bUpr4bPg6poPBV6eeIASPStBko4WFhJpBkYYmm6VGwlJU
gsTvQ5XPz+qwdsvCG+n0wWaE32A7S88S58vquli7Aoz7uZ2rJmkPo0RdX7L1dPXi
UvdJKuEDPVIJlDMAtFWwJtE5HV+24Lp/k6PJm6WTQBW4vpHM/A2mNgtJFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZqrS258n86VIuD8n6ZEPnZPeoDMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArBW45p4F
7cX8UurZDlpVLOUjyQBPa4v5S+zijx8MtsKAsCA2MrkkvADyeBNdQQ9U1En9QBqM
fkUj8sI2CJvjizQ6lHEjBZ0zU/xQr7mXB3Pkts+g80cS20xHEgAmRU9wO9RjDmQo
YZY/2AHEVk7lxvRG6RPIVCviRa+6U3UzklnZ1gLDy4yQjDalroH09vjGf3rbGoQv
dgPoU2mwjm9O66XFkpLIKEZqyEJZLPGO6qnkBj4lgx8PlU7VyLS4hB5UQEsp12xj
hQ5TVzS5JOFfzo3QsQh0CjM9JMxD+txr5xTh5NtCu7huXtX1DDhhraLaTcNVLUpC
Gn0ido1EwFUF7g==
-----END CERTIFICATE-----