Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
File:                     z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft (raw, json)
Hash identifier:          3dVit7VBqzr69ZGdL0e6H40X+qQDrNf5PaWWxN741NM=
Subject key identifier:   80:38:59:DA:87:8C:15:6C:F1:0D:BF:91:61:48:D3:A5:0A:E3:0A:C2
Authority key identifier: CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49
Certificate issuer:       /CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
Certificate serial:       019D2AE0DC235DE442B499716A2C05110985
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 16:01:12 +0000
Manifest this update:     Thu 26 Mar 2026 16:01:12 +0000
Manifest next update:     Fri 27 Mar 2026 16:01:12 +0000
Files and hashes:         1: z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl (hash: C43fN3Lap0rEPjxqV9wxGY1jiyyMppGM8H6RA4sNh7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:e0:dc:23:5d:e4:42:b4:99:71:6a:2c:05:11:09:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649
        Validity
            Not Before: Mar 26 16:01:12 2026 GMT
            Not After : Mar 27 16:01:12 2026 GMT
        Subject: CN=803859da878c156cf10dbf916148d3a50ae30ac2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1c:03:81:eb:7d:d4:a2:2b:75:19:83:37:e1:
                    26:06:dd:e5:07:25:aa:9f:ce:e4:64:d0:4f:71:1c:
                    9a:28:a1:91:36:f9:c8:00:f5:53:40:ae:ea:b2:6a:
                    eb:ca:8e:12:af:ce:a2:f9:42:df:16:63:d1:1a:9f:
                    4a:b2:9b:43:79:4f:96:9b:28:29:9f:a2:34:e8:64:
                    c0:ac:46:c5:0c:4c:09:94:32:29:74:e8:7d:a8:3c:
                    56:22:53:e2:09:d4:9f:36:0c:a9:06:59:a2:91:63:
                    30:98:a4:b7:62:d8:67:b9:d1:4f:3c:8a:ce:39:b4:
                    b7:4d:2d:43:83:fc:bb:2b:5e:ad:00:31:56:e0:1f:
                    23:29:ec:c2:8e:c9:59:da:69:80:e4:aa:d7:ce:97:
                    76:52:5c:61:fc:0a:c5:7a:78:d5:4a:e4:23:72:9b:
                    4c:10:e7:65:cb:a5:19:be:e0:c8:28:04:02:04:3a:
                    30:40:cf:95:35:de:77:fe:51:85:0f:55:61:ab:4c:
                    ee:60:ff:4c:89:fb:c7:16:e3:26:0e:88:e6:0e:9e:
                    b3:12:74:ca:89:2e:dd:7c:b8:1b:f7:29:c7:c0:90:
                    dc:e5:6d:5b:94:99:8c:cb:8d:51:f7:31:f8:df:be:
                    0e:2e:9a:dc:4e:0b:5e:5d:94:14:4f:53:55:60:73:
                    08:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:38:59:DA:87:8C:15:6C:F1:0D:BF:91:61:48:D3:A5:0A:E3:0A:C2
            X509v3 Authority Key Identifier:
                keyid:CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:0d:07:11:dc:75:19:cf:b5:dd:9c:6c:15:91:87:52:49:c9:
         6c:94:02:5e:a3:d1:ae:e3:35:27:fc:1f:42:59:56:26:d2:3a:
         89:9c:56:d0:39:d7:da:9b:11:f3:93:49:b4:92:3c:ee:16:06:
         a8:23:31:1d:67:85:ca:49:59:ad:e7:15:52:29:27:ef:b2:de:
         23:14:dd:57:a1:98:68:2f:b2:2a:8d:b6:43:8f:50:01:8a:0e:
         25:7d:f0:d6:dd:6e:79:58:a8:04:be:59:26:81:34:8d:57:05:
         67:0c:f5:9f:0b:e8:7f:ca:37:e2:c4:57:37:fd:16:bc:08:71:
         1f:86:d9:9f:ba:da:d8:07:f7:c6:22:d1:f1:0c:d8:a0:e0:f4:
         18:65:51:6b:6a:5e:93:64:3c:61:b1:74:7f:3c:e0:e7:64:07:
         74:87:ea:84:49:0c:50:ef:80:be:ad:a4:8d:b8:ed:e6:2a:5d:
         72:3d:1d:0b:35:04:00:f3:49:82:86:1e:67:36:ea:6e:ce:ec:
         d3:43:01:fe:e4:a4:e8:62:d5:b2:f5:da:57:7f:7f:2b:84:93:
         7e:b6:b5:cd:e9:1a:10:a4:7f:85:36:a2:fb:3e:a9:ed:23:1b:
         f3:72:db:a3:8b:e3:e8:17:94:79:59:3d:2d:7d:42:1d:db:92:
         5d:65:70:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0q4NwjXeRCtJlxaiwFEQmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTVjZWMxNDNhMmFmMWVkMWMyZDk5Njk2ZjFmMTY4N2Y0
NTg2NDkwHhcNMjYwMzI2MTYwMTEyWhcNMjYwMzI3MTYwMTEyWjAzMTEwLwYDVQQD
Eyg4MDM4NTlkYTg3OGMxNTZjZjEwZGJmOTE2MTQ4ZDNhNTBhZTMwYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxwDget91KIrdRmDN+EmBt3lByWq
n87kZNBPcRyaKKGRNvnIAPVTQK7qsmrryo4Sr86i+ULfFmPRGp9KsptDeU+Wmygp
n6I06GTArEbFDEwJlDIpdOh9qDxWIlPiCdSfNgypBlmikWMwmKS3YthnudFPPIrO
ObS3TS1Dg/y7K16tADFW4B8jKezCjslZ2mmA5KrXzpd2Ulxh/ArFenjVSuQjcptM
EOdly6UZvuDIKAQCBDowQM+VNd53/lGFD1Vhq0zuYP9MifvHFuMmDojmDp6zEnTK
iS7dfLgb9ynHwJDc5W1blJmMy41R9zH4374OLprcTgteXZQUT1NVYHMI7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIA4WdqHjBVs8Q2/kWFI06UK4wrCMB8GA1UdIwQY
MBaAFM+lzsFDoq8e0cLZlpbx8Wh/RYZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYt
NGM1ODJjMjhmYmEzLzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYtNGM1ODJjMjhmYmEz
LzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApA0HEdx1
Gc+13ZxsFZGHUknJbJQCXqPRruM1J/wfQllWJtI6iZxW0DnX2psR85NJtJI87hYG
qCMxHWeFyklZrecVUikn77LeIxTdV6GYaC+yKo22Q49QAYoOJX3w1t1ueVioBL5Z
JoE0jVcFZwz1nwvof8o34sRXN/0WvAhxH4bZn7ra2Af3xiLR8QzYoOD0GGVRa2pe
k2Q8YbF0fzzg52QHdIfqhEkMUO+Avq2kjbjt5ipdcj0dCzUEAPNJgoYeZzbqbs7s
00MB/uSk6GLVsvXaV39/K4STfra1zekaEKR/hTai+z6p7SMb83Lbo4vj6BeUeVk9
LX1CHduSXWVwCQ==
-----END CERTIFICATE-----