Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
File:                     2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft (raw, json)
Hash identifier:          If9OuIBs+hRxx8sktW2ZgfFuAjY+ZQCqm7mzp9hMe0c=
Subject key identifier:   D3:9B:1C:88:85:84:97:97:BD:D4:D8:C7:7E:57:1A:78:9E:23:4E:DA
Authority key identifier: D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9
Certificate issuer:       /CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
Certificate serial:       019D27DFF0F2E78D3BA0857F61C867985F5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
Manifest number:          15A8
Signing time:             Thu 26 Mar 2026 02:01:20 +0000
Manifest this update:     Thu 26 Mar 2026 02:01:20 +0000
Manifest next update:     Fri 27 Mar 2026 02:01:20 +0000
Files and hashes:         1: 2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl (hash: E1j4lWu4sdLfn8YZIt+xBe6EJMRe+kgOU2FBf+8ryqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 02:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:df:f0:f2:e7:8d:3b:a0:85:7f:61:c8:67:98:5f:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d98ffa045b35b16dc99419e3e0e6e16e6edb47e9
        Validity
            Not Before: Mar 26 02:01:20 2026 GMT
            Not After : Mar 27 02:01:20 2026 GMT
        Subject: CN=d39b1c8885849797bdd4d8c77e571a789e234eda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:38:d3:98:cf:c5:f4:c0:54:a9:7f:07:58:28:
                    ec:f7:bb:0a:df:af:6a:32:88:d3:21:7d:b9:30:1f:
                    ad:8d:87:6f:09:59:0d:fd:1a:b3:af:c7:4c:ce:0b:
                    c5:2d:69:78:fd:81:8e:5c:b0:62:eb:2c:94:88:b7:
                    e9:c6:df:15:84:0f:34:1a:ef:40:4f:e3:33:4e:c8:
                    06:a1:96:01:6f:a1:68:34:30:7c:bd:15:04:5a:d3:
                    db:ea:49:8c:1f:20:08:0e:b6:43:98:d0:70:86:4a:
                    44:ed:55:fa:e7:47:7a:9a:b0:cb:37:72:89:97:4f:
                    28:f5:c1:80:53:5b:a2:59:51:26:cd:28:74:0f:3c:
                    95:92:88:f7:41:cf:6c:e8:e9:ce:9e:6e:e2:65:11:
                    c7:07:87:fd:0b:d9:42:d9:50:e0:22:95:8d:c2:7a:
                    8c:6a:62:c6:fe:0c:2e:f8:62:53:96:dc:6c:89:fe:
                    66:76:cc:b2:b8:26:ab:2d:57:4c:14:f5:9a:d3:0e:
                    38:52:a9:7e:4f:86:34:6a:a0:0e:ea:b0:ce:c8:f8:
                    d1:2c:08:9f:27:f5:33:e1:40:31:62:15:86:3e:7e:
                    48:96:6b:3d:1d:ef:2f:d1:20:38:bf:98:14:92:19:
                    38:1f:e3:c8:ad:54:7c:cd:81:ad:44:1a:01:95:dc:
                    54:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:9B:1C:88:85:84:97:97:BD:D4:D8:C7:7E:57:1A:78:9E:23:4E:DA
            X509v3 Authority Key Identifier:
                keyid:D9:8F:FA:04:5B:35:B1:6D:C9:94:19:E3:E0:E6:E1:6E:6E:DB:47:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/814115-0993-4a1f-ae10-ee25d2c5b410/1/2Y_6BFs1sW3JlBnj4Obhbm7bR-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d2:e3:fe:9c:8c:fa:2e:31:46:90:59:32:13:d2:d3:2e:26:f2:
         6f:8c:b9:78:cb:93:e5:1f:a6:f4:bd:ed:fa:f1:81:96:95:9d:
         94:39:43:64:39:79:54:a7:02:3a:28:ca:df:7c:9a:5a:17:e1:
         93:5f:80:9f:aa:3f:1c:91:02:dd:83:c0:06:08:a1:69:bb:45:
         a8:08:0b:36:b2:81:c6:47:03:4a:8b:0a:b6:75:d2:a4:3c:34:
         79:dd:23:c8:88:68:0d:9e:3f:17:b6:02:b8:1f:b6:a9:d6:ec:
         41:d4:e3:9c:35:64:78:a3:0c:23:17:d2:04:4f:f4:cd:22:bb:
         aa:2b:cd:c0:e8:4b:a5:fe:ea:f5:4c:b7:10:1f:c3:0c:15:b5:
         24:af:32:90:bf:78:45:c8:58:2a:34:d5:58:45:7f:1f:c7:bf:
         4e:e0:6c:11:46:e0:91:e7:d6:97:04:f8:77:a4:3a:c2:9e:4e:
         fa:7f:ac:39:cc:2a:97:26:ef:e5:3b:1e:89:d8:81:54:be:30:
         ab:39:16:ed:77:47:fe:42:f5:36:ee:41:6d:63:c4:a8:8c:69:
         4b:84:8d:5b:3f:d9:3b:56:b3:99:2a:ba:e8:55:86:25:15:d2:
         59:8c:22:e8:5a:33:99:f0:0e:05:3d:0f:7e:a9:c7:a0:92:e4:
         b8:e2:5b:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0n3/Dy5407oIV/YchnmF9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGZmYTA0NWIzNWIxNmRjOTk0MTllM2UwZTZlMTZlNmVk
YjQ3ZTkwHhcNMjYwMzI2MDIwMTIwWhcNMjYwMzI3MDIwMTIwWjAzMTEwLwYDVQQD
EyhkMzliMWM4ODg1ODQ5Nzk3YmRkNGQ4Yzc3ZTU3MWE3ODllMjM0ZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDjTmM/F9MBUqX8HWCjs97sK369q
MojTIX25MB+tjYdvCVkN/Rqzr8dMzgvFLWl4/YGOXLBi6yyUiLfpxt8VhA80Gu9A
T+MzTsgGoZYBb6FoNDB8vRUEWtPb6kmMHyAIDrZDmNBwhkpE7VX650d6mrDLN3KJ
l08o9cGAU1uiWVEmzSh0DzyVkoj3Qc9s6OnOnm7iZRHHB4f9C9lC2VDgIpWNwnqM
amLG/gwu+GJTltxsif5mdsyyuCarLVdMFPWa0w44Uql+T4Y0aqAO6rDOyPjRLAif
J/Uz4UAxYhWGPn5Ilms9He8v0SA4v5gUkhk4H+PIrVR8zYGtRBoBldxU0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNObHIiFhJeXvdTYx35XGnieI07aMB8GA1UdIwQY
MBaAFNmP+gRbNbFtyZQZ4+Dm4W5u20fpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAt
ZWUyNWQyYzViNDEwLzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84MTQxMTUtMDk5My00YTFmLWFlMTAtZWUyNWQyYzViNDEw
LzEvMllfNkJGczFzVzNKbEJuajRPYmhibTdiUi1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0uP+nIz6
LjFGkFkyE9LTLibyb4y5eMuT5R+m9L3t+vGBlpWdlDlDZDl5VKcCOijK33yaWhfh
k1+An6o/HJEC3YPABgihabtFqAgLNrKBxkcDSosKtnXSpDw0ed0jyIhoDZ4/F7YC
uB+2qdbsQdTjnDVkeKMMIxfSBE/0zSK7qivNwOhLpf7q9Uy3EB/DDBW1JK8ykL94
RchYKjTVWEV/H8e/TuBsEUbgkefWlwT4d6Q6wp5O+n+sOcwqlybv5TseidiBVL4w
qzkW7XdH/kL1Nu5BbWPEqIxpS4SNWz/ZO1azmSq66FWGJRXSWYwi6FozmfAOBT0P
fqnHoJLkuOJbbg==
-----END CERTIFICATE-----