Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          SeR44yCxtN9sJfuE5Yl7zfc+1krrrmUD0ObB0/3m+wE=
Subject key identifier:   92:6D:DD:D6:29:2F:BD:33:54:C8:DA:3E:F0:01:D9:ED:42:5A:9C:ED
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       019D265F8C1F97C243FFF3B10DD02F02CA17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          1516
Signing time:             Wed 25 Mar 2026 19:01:29 +0000
Manifest this update:     Wed 25 Mar 2026 19:01:29 +0000
Manifest next update:     Thu 26 Mar 2026 19:01:29 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: REki6lc+IkkQVKojVb2jQDBKHeBNo3mPwjJ3VilSaa4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 19:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:5f:8c:1f:97:c2:43:ff:f3:b1:0d:d0:2f:02:ca:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Mar 25 19:01:29 2026 GMT
            Not After : Mar 26 19:01:29 2026 GMT
        Subject: CN=926dddd6292fbd3354c8da3ef001d9ed425a9ced
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:be:25:d7:29:70:99:46:ef:9d:c0:56:2a:02:
                    9d:61:35:7a:e5:80:a4:9a:0e:67:d5:7b:dd:35:b7:
                    f6:40:9d:e9:a2:80:c2:5d:4e:a6:33:e1:af:41:66:
                    51:b0:ea:c1:a3:82:e5:97:db:ac:d0:39:8d:23:db:
                    a6:83:39:b6:c6:b1:da:7b:86:c3:46:d6:35:48:f1:
                    fd:95:7d:bc:49:de:e6:86:23:14:34:d1:de:89:bf:
                    ff:8b:d5:dd:a8:a4:66:d2:ea:c2:33:e4:19:53:ff:
                    a1:8c:95:68:59:30:2a:8f:1b:53:76:c9:30:c2:b8:
                    b3:c2:dc:1e:ab:57:b3:66:c9:6f:f6:ba:d9:43:47:
                    20:41:7a:4b:90:ee:6a:fb:c6:b9:ff:2f:84:76:4c:
                    56:34:b6:77:03:8b:41:8b:c8:78:32:65:a6:1a:dd:
                    0f:03:92:51:d5:6a:2f:3c:74:a0:90:8b:9a:8f:fe:
                    e7:93:12:16:69:02:ab:cc:07:9f:b2:27:88:e4:0d:
                    ad:73:06:b2:b6:74:22:da:57:cf:eb:b2:38:d7:ed:
                    3c:eb:88:8e:56:5c:7b:72:00:cb:bb:d1:81:e7:f2:
                    ab:8d:80:81:6a:60:7e:76:a4:3d:8f:3e:35:dc:99:
                    be:7e:2b:ac:47:e8:25:36:ed:14:59:64:c0:0b:f1:
                    cb:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:6D:DD:D6:29:2F:BD:33:54:C8:DA:3E:F0:01:D9:ED:42:5A:9C:ED
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:01:0a:7e:3a:63:ae:cc:94:b8:6b:b0:42:23:b2:de:da:2d:
         bb:19:ec:42:89:1e:4d:32:b4:2f:69:14:38:d1:53:c5:15:79:
         1d:40:50:83:32:68:15:71:c6:67:41:96:d1:b1:f5:0b:e0:53:
         73:1b:1c:2f:eb:ce:cb:e2:e3:76:ed:72:15:94:8a:17:14:0d:
         01:df:04:0b:49:a0:5b:64:dc:50:50:e2:ac:69:6c:1e:b9:aa:
         75:dd:9d:a7:96:2c:24:e9:9b:10:b7:ce:c9:b2:07:9a:ca:0a:
         0f:e0:fb:81:fd:00:e4:b1:be:f6:52:7d:19:0e:77:f2:40:db:
         d3:ae:90:7f:41:05:d9:b1:53:0e:6b:e8:0d:34:5c:86:66:3a:
         97:ec:a7:80:63:ff:e7:6c:ea:9a:c5:bc:4e:fc:7a:5c:83:cf:
         fb:e1:7b:51:0d:a1:c4:6a:b9:7e:33:cd:ff:af:0d:2c:7d:e5:
         45:2b:87:d9:d3:01:26:0b:08:e8:02:ce:e5:ee:84:c8:c9:d4:
         d3:4b:7c:72:0d:e9:6b:7d:e0:8d:b2:d9:37:fe:b3:d1:c3:3d:
         73:32:5f:5a:18:ad:1f:4e:93:c1:30:50:bf:c4:40:02:9e:f9:
         e7:31:0b:c7:ad:df:15:04:d6:b0:c1:17:68:9e:ce:49:bc:f2:
         3e:82:48:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mX4wfl8JD//OxDdAvAsoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjYwMzI1MTkwMTI5WhcNMjYwMzI2MTkwMTI5WjAzMTEwLwYDVQQD
Eyg5MjZkZGRkNjI5MmZiZDMzNTRjOGRhM2VmMDAxZDllZDQyNWE5Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb4l1ylwmUbvncBWKgKdYTV65YCk
mg5n1XvdNbf2QJ3pooDCXU6mM+GvQWZRsOrBo4Lll9us0DmNI9umgzm2xrHae4bD
RtY1SPH9lX28Sd7mhiMUNNHeib//i9XdqKRm0urCM+QZU/+hjJVoWTAqjxtTdskw
wrizwtweq1ezZslv9rrZQ0cgQXpLkO5q+8a5/y+EdkxWNLZ3A4tBi8h4MmWmGt0P
A5JR1WovPHSgkIuaj/7nkxIWaQKrzAefsieI5A2tcwaytnQi2lfP67I41+0864iO
Vlx7cgDLu9GB5/KrjYCBamB+dqQ9jz413Jm+fiusR+glNu0UWWTAC/HL2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJJt3dYpL70zVMjaPvAB2e1CWpztMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlgEKfjpj
rsyUuGuwQiOy3totuxnsQokeTTK0L2kUONFTxRV5HUBQgzJoFXHGZ0GW0bH1C+BT
cxscL+vOy+Ljdu1yFZSKFxQNAd8EC0mgW2TcUFDirGlsHrmqdd2dp5YsJOmbELfO
ybIHmsoKD+D7gf0A5LG+9lJ9GQ538kDb066Qf0EF2bFTDmvoDTRchmY6l+yngGP/
52zqmsW8Tvx6XIPP++F7UQ2hxGq5fjPN/68NLH3lRSuH2dMBJgsI6ALO5e6EyMnU
00t8cg3pa33gjbLZN/6z0cM9czJfWhitH06TwTBQv8RAAp755zELx63fFQTWsMEX
aJ7OSbzyPoJIZg==
-----END CERTIFICATE-----