Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a67af-893d-4a16-9b5d-d369de30123d/1/lRA3CHxvfGzzPIDGzNS_RdjpPDg.mft
File:                     lRA3CHxvfGzzPIDGzNS_RdjpPDg.mft (raw, json)
Hash identifier:          TtrGWAIaFVURzKLQds3ovVIRROQM+21n3Gv5NEq1vuo=
Subject key identifier:   E5:7D:6A:F7:33:A2:5D:B6:27:95:DB:94:DE:54:7F:C7:28:22:FE:5F
Authority key identifier: 95:10:37:08:7C:6F:7C:6C:F3:3C:80:C6:CC:D4:BF:45:D8:E9:3C:38
Certificate issuer:       /CN=951037087c6f7c6cf33c80c6ccd4bf45d8e93c38
Certificate serial:       019D322BF442E4F01C0C357CC76AD068EFC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lRA3CHxvfGzzPIDGzNS_RdjpPDg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/2a67af-893d-4a16-9b5d-d369de30123d/1/lRA3CHxvfGzzPIDGzNS_RdjpPDg.mft
Manifest number:          86
Signing time:             Sat 28 Mar 2026 02:00:34 +0000
Manifest this update:     Sat 28 Mar 2026 02:00:34 +0000
Manifest next update:     Sun 29 Mar 2026 02:00:34 +0000
Files and hashes:         1: lRA3CHxvfGzzPIDGzNS_RdjpPDg.crl (hash: MR9A5Cs4f3FBEDvHdeo/xxuDimuK2m47rSmmg59A+x4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/2a67af-893d-4a16-9b5d-d369de30123d/1/lRA3CHxvfGzzPIDGzNS_RdjpPDg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/2a67af-893d-4a16-9b5d-d369de30123d/1/lRA3CHxvfGzzPIDGzNS_RdjpPDg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lRA3CHxvfGzzPIDGzNS_RdjpPDg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:2b:f4:42:e4:f0:1c:0c:35:7c:c7:6a:d0:68:ef:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=951037087c6f7c6cf33c80c6ccd4bf45d8e93c38
        Validity
            Not Before: Mar 28 02:00:34 2026 GMT
            Not After : Mar 29 02:00:34 2026 GMT
        Subject: CN=e57d6af733a25db62795db94de547fc72822fe5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bf:b0:f2:84:bf:1a:43:1c:03:e5:27:e3:df:
                    c1:91:eb:13:f5:2d:fb:9c:dc:97:c3:4a:89:45:01:
                    54:f1:ce:4b:23:6c:99:3e:23:f0:ab:d2:73:2c:ac:
                    56:f5:eb:a3:b8:d7:a1:e5:13:3c:1c:a2:89:a8:ae:
                    81:80:e0:a4:ef:e2:ff:af:ca:c0:c7:2e:9c:a1:a2:
                    e6:77:43:72:ef:4e:70:5e:0f:3a:a7:09:84:ac:40:
                    83:0c:d7:fd:2f:aa:25:04:6d:0e:38:09:fe:b1:7e:
                    ab:c2:b7:5b:0c:a7:f3:bb:cf:5c:a8:1f:18:bf:a8:
                    0f:e8:23:2d:4f:ec:92:76:82:d3:cc:fb:4c:bb:45:
                    cb:4a:1d:02:f0:f5:30:53:b8:66:7e:6c:2a:0f:32:
                    e9:d8:a2:ce:98:e4:76:5d:08:80:23:bb:6d:e3:9a:
                    4d:7d:73:dc:d7:a9:ca:2e:c8:96:35:73:13:d2:d1:
                    f0:7c:78:bd:40:96:cb:47:64:56:ae:ef:c7:9b:56:
                    22:cb:59:f4:8d:e3:2b:68:b5:1a:b4:54:f4:21:52:
                    c3:91:4b:1e:56:6e:7c:75:6f:dd:16:9a:69:4f:76:
                    17:45:69:02:cf:e8:a3:ce:22:2e:54:35:cd:56:67:
                    4c:d7:17:54:90:b8:de:25:7c:56:63:92:cc:c7:f7:
                    bb:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:7D:6A:F7:33:A2:5D:B6:27:95:DB:94:DE:54:7F:C7:28:22:FE:5F
            X509v3 Authority Key Identifier:
                keyid:95:10:37:08:7C:6F:7C:6C:F3:3C:80:C6:CC:D4:BF:45:D8:E9:3C:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRA3CHxvfGzzPIDGzNS_RdjpPDg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a67af-893d-4a16-9b5d-d369de30123d/1/lRA3CHxvfGzzPIDGzNS_RdjpPDg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a67af-893d-4a16-9b5d-d369de30123d/1/lRA3CHxvfGzzPIDGzNS_RdjpPDg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:23:02:ef:1a:cf:8e:81:7f:a7:59:a1:d4:36:13:a6:35:02:
         cf:de:a8:76:3b:e0:a0:de:d2:97:ec:e0:7c:3b:e3:bc:03:0f:
         f1:f0:50:83:a7:52:1a:69:a5:1d:76:8a:d7:b0:7c:29:01:55:
         52:f8:82:aa:57:e0:04:db:88:10:ab:a2:c0:9e:42:65:77:22:
         a4:2a:e5:08:60:ef:00:2d:32:46:11:e5:c8:cd:a8:65:45:6b:
         bb:7d:b3:c2:ba:b2:5e:73:3c:12:a6:65:19:f6:52:c3:5e:be:
         1e:19:93:9f:6a:33:8a:5d:aa:c0:f4:37:4d:69:8b:53:76:91:
         bb:53:25:bf:e7:a2:1e:d2:93:a0:dd:68:f2:48:37:ed:6c:e3:
         09:6b:ca:05:df:58:96:cf:a2:22:e4:3a:6d:78:77:1d:6b:16:
         a3:76:7a:87:84:d1:90:da:ba:94:73:1d:f8:d1:cd:99:93:ab:
         a0:e4:46:df:a1:34:7e:97:2a:04:32:c6:0e:4b:b3:fc:a0:75:
         45:e6:72:4d:4b:fb:9c:5b:4f:ff:32:0e:d5:a6:0e:64:5f:76:
         79:30:62:39:8b:15:7c:fc:8c:b3:43:3f:31:56:82:ca:7f:06:
         c6:ff:b4:89:58:77:9c:4a:1f:f7:b0:59:8c:1b:e7:b9:cf:85:
         d0:67:c0:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yK/RC5PAcDDV8x2rQaO/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTAzNzA4N2M2ZjdjNmNmMzNjODBjNmNjZDRiZjQ1ZDhl
OTNjMzgwHhcNMjYwMzI4MDIwMDM0WhcNMjYwMzI5MDIwMDM0WjAzMTEwLwYDVQQD
EyhlNTdkNmFmNzMzYTI1ZGI2Mjc5NWRiOTRkZTU0N2ZjNzI4MjJmZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur+w8oS/GkMcA+Un49/BkesT9S37
nNyXw0qJRQFU8c5LI2yZPiPwq9JzLKxW9eujuNeh5RM8HKKJqK6BgOCk7+L/r8rA
xy6coaLmd0Ny705wXg86pwmErECDDNf9L6olBG0OOAn+sX6rwrdbDKfzu89cqB8Y
v6gP6CMtT+ySdoLTzPtMu0XLSh0C8PUwU7hmfmwqDzLp2KLOmOR2XQiAI7tt45pN
fXPc16nKLsiWNXMT0tHwfHi9QJbLR2RWru/Hm1Yiy1n0jeMraLUatFT0IVLDkUse
Vm58dW/dFpppT3YXRWkCz+ijziIuVDXNVmdM1xdUkLjeJXxWY5LMx/e7LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOV9avczol22J5XblN5Uf8coIv5fMB8GA1UdIwQY
MBaAFJUQNwh8b3xs8zyAxszUv0XY6Tw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJBM0NIeHZmR3p6UElER3pOU19SZGpwUERnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTY3YWYtODkzZC00YTE2LTliNWQt
ZDM2OWRlMzAxMjNkLzEvbFJBM0NIeHZmR3p6UElER3pOU19SZGpwUERnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yYTY3YWYtODkzZC00YTE2LTliNWQtZDM2OWRlMzAxMjNk
LzEvbFJBM0NIeHZmR3p6UElER3pOU19SZGpwUERnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoCMC7xrP
joF/p1mh1DYTpjUCz96odjvgoN7Sl+zgfDvjvAMP8fBQg6dSGmmlHXaK17B8KQFV
UviCqlfgBNuIEKuiwJ5CZXcipCrlCGDvAC0yRhHlyM2oZUVru32zwrqyXnM8EqZl
GfZSw16+HhmTn2ozil2qwPQ3TWmLU3aRu1Mlv+eiHtKToN1o8kg37WzjCWvKBd9Y
ls+iIuQ6bXh3HWsWo3Z6h4TRkNq6lHMd+NHNmZOroORG36E0fpcqBDLGDkuz/KB1
ReZyTUv7nFtP/zIO1aYOZF92eTBiOYsVfPyMs0M/MVaCyn8Gxv+0iVh3nEof97BZ
jBvnuc+F0GfAmA==
-----END CERTIFICATE-----