Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          3VwbCqcPi8At8NuwMvFUYyOoBNFq/B6Q6oHs9if/nlY=
Subject key identifier:   52:26:02:45:55:69:DD:99:07:6E:41:D9:C4:E9:AE:C6:12:61:CA:E9
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       019D28F316711AB8324BA9BDA28BD5ED6192
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          0593
Signing time:             Thu 26 Mar 2026 07:01:52 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:52 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:52 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: JFktAwiwOilvqZvZ76LsXaxjBvCSzk+Ttu4F9xZ0Ql0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f3:16:71:1a:b8:32:4b:a9:bd:a2:8b:d5:ed:61:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Mar 26 07:01:52 2026 GMT
            Not After : Mar 27 07:01:52 2026 GMT
        Subject: CN=522602455569dd99076e41d9c4e9aec61261cae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:85:08:d4:0f:f6:14:52:7a:4f:9d:1e:94:65:
                    1e:3a:e8:b9:b0:b2:d6:6b:8e:bf:33:41:a1:b9:2f:
                    27:e3:41:1f:3c:ad:3e:8a:15:47:e0:70:89:25:4e:
                    a4:b3:55:ea:48:d8:16:f7:0d:e6:dd:e5:3a:b3:b4:
                    5a:2f:44:1c:0b:3c:3d:de:cf:70:ec:ad:48:ff:d4:
                    62:e0:91:ab:7e:d8:8a:ab:e7:4f:99:cc:48:d3:b1:
                    ce:6a:a4:66:fb:63:7a:43:5d:f9:f3:91:44:0c:83:
                    8b:08:f8:0d:94:62:f2:4c:66:bb:04:45:c4:e5:5c:
                    77:2e:5f:10:69:7b:76:9f:ab:80:24:ac:2a:d7:34:
                    f1:ad:04:70:74:cd:69:72:98:01:15:6f:01:6d:4e:
                    96:ee:75:fa:2c:4d:f9:b1:26:dd:64:1d:b1:f3:fb:
                    b1:8a:62:4d:3f:78:a3:21:15:12:a8:b8:64:c7:29:
                    49:23:17:8d:d0:4d:70:5d:f5:5f:69:f5:26:4f:bd:
                    26:9c:c1:7b:e5:82:12:c7:92:b6:34:0f:7f:55:4c:
                    dd:74:ff:1a:e7:b2:fe:82:09:57:cd:b2:9f:e8:be:
                    8c:0e:d6:3e:0d:73:12:76:4c:30:a5:7b:7d:fc:2e:
                    30:05:d0:08:c8:87:22:e9:f1:2a:7b:dd:7f:ab:d0:
                    53:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:26:02:45:55:69:DD:99:07:6E:41:D9:C4:E9:AE:C6:12:61:CA:E9
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:4e:6b:e5:eb:f3:3b:3e:23:35:53:21:1a:af:0c:dd:a9:2f:
         5f:24:7f:49:4e:6c:24:4b:9c:6d:41:af:91:c7:84:3e:99:93:
         35:d0:6c:86:3c:af:2a:64:fc:0f:31:d5:cc:f2:28:b6:4b:de:
         21:59:8a:a2:2d:b8:43:37:6d:fa:96:dd:46:bc:01:7a:37:26:
         09:b1:ac:7c:2e:b2:0d:30:6f:f1:03:e2:1c:a1:a7:27:a8:7f:
         3e:17:56:7f:a5:9b:26:f9:75:76:51:ca:aa:6b:d7:b9:90:59:
         f9:99:8b:56:84:8f:d6:a2:b7:b7:f4:ff:c6:ae:a2:01:bf:6a:
         42:8c:cb:2f:2f:d5:8f:cc:a3:63:62:6c:90:e9:8a:9a:71:09:
         64:99:6e:5e:96:91:df:2f:1c:a6:f2:00:ba:ec:fc:0d:3a:f9:
         64:11:ad:e9:4c:d5:98:37:b3:9b:fc:36:46:d6:34:fd:c5:65:
         92:fa:65:0b:ce:d9:49:fc:43:85:a3:0d:1f:55:11:97:00:c8:
         e9:c5:62:7f:0b:e9:f1:79:5d:d6:e4:c6:cc:46:4a:c7:44:4c:
         40:05:d7:7b:bd:1c:4b:76:55:82:36:dd:07:e7:8a:13:eb:1f:
         43:56:1e:fe:b8:b7:97:d6:20:80:a0:2b:6a:d1:85:44:b4:35:
         07:55:38:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8xZxGrgyS6m9oovV7WGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjYwMzI2MDcwMTUyWhcNMjYwMzI3MDcwMTUyWjAzMTEwLwYDVQQD
Eyg1MjI2MDI0NTU1NjlkZDk5MDc2ZTQxZDljNGU5YWVjNjEyNjFjYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIUI1A/2FFJ6T50elGUeOui5sLLW
a46/M0GhuS8n40EfPK0+ihVH4HCJJU6ks1XqSNgW9w3m3eU6s7RaL0QcCzw93s9w
7K1I/9Ri4JGrftiKq+dPmcxI07HOaqRm+2N6Q13585FEDIOLCPgNlGLyTGa7BEXE
5Vx3Ll8QaXt2n6uAJKwq1zTxrQRwdM1pcpgBFW8BbU6W7nX6LE35sSbdZB2x8/ux
imJNP3ijIRUSqLhkxylJIxeN0E1wXfVfafUmT70mnMF75YISx5K2NA9/VUzddP8a
57L+gglXzbKf6L6MDtY+DXMSdkwwpXt9/C4wBdAIyIci6fEqe91/q9BTJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFImAkVVad2ZB25B2cTprsYSYcrpMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZU5r5evz
Oz4jNVMhGq8M3akvXyR/SU5sJEucbUGvkceEPpmTNdBshjyvKmT8DzHVzPIotkve
IVmKoi24Qzdt+pbdRrwBejcmCbGsfC6yDTBv8QPiHKGnJ6h/PhdWf6WbJvl1dlHK
qmvXuZBZ+ZmLVoSP1qK3t/T/xq6iAb9qQozLLy/Vj8yjY2JskOmKmnEJZJluXpaR
3y8cpvIAuuz8DTr5ZBGt6UzVmDezm/w2RtY0/cVlkvplC87ZSfxDhaMNH1URlwDI
6cVifwvp8Xld1uTGzEZKx0RMQAXXe70cS3ZVgjbdB+eKE+sfQ1Ye/ri3l9YggKAr
atGFRLQ1B1U4jg==
-----END CERTIFICATE-----