Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
File:                     RzrT6YeegYYjFqEICLtcQhKVTLo.mft (raw, json)
Hash identifier:          j+sg53568bnHKg8tw/0fOkmKwO9eF4o7AsMqTDXtmoc=
Subject key identifier:   71:89:6E:E6:91:D4:9B:DD:F0:17:48:3E:B4:10:EE:97:58:93:59:DC
Authority key identifier: 47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA
Certificate issuer:       /CN=473ad3e9879e81862316a10808bb5c4212954cba
Certificate serial:       019D3865CD220997B2F18A7AA76D087E5B70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
Manifest number:          113C
Signing time:             Sun 29 Mar 2026 07:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:28 +0000
Files and hashes:         1: RzrT6YeegYYjFqEICLtcQhKVTLo.crl (hash: OLIyy8McAJpShDkzZfBDXzOfxcVarp+metQfvWYJjSI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:cd:22:09:97:b2:f1:8a:7a:a7:6d:08:7e:5b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=473ad3e9879e81862316a10808bb5c4212954cba
        Validity
            Not Before: Mar 29 07:01:28 2026 GMT
            Not After : Mar 30 07:01:28 2026 GMT
        Subject: CN=71896ee691d49bddf017483eb410ee97589359dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:72:e5:46:c4:aa:a6:ad:e7:6a:ab:c1:02:94:
                    58:44:ac:76:0f:f8:5f:7a:13:bc:23:7a:9c:8a:6a:
                    6d:8d:cc:b7:ec:5c:fc:c1:8f:78:7d:0f:7f:1a:01:
                    88:63:a3:af:27:ff:80:71:12:aa:e7:9c:8c:20:80:
                    d6:fe:47:36:2b:65:f4:af:bc:d5:8e:94:41:74:2a:
                    18:b7:b8:6e:17:5e:bf:f0:49:3a:f2:af:32:1d:ae:
                    39:91:c4:de:bd:4c:c1:11:12:f6:a3:75:8e:53:39:
                    da:4b:9b:19:3d:76:c9:05:1a:52:46:c9:c0:b6:44:
                    1f:77:f4:ff:1a:06:ff:3f:e7:7b:df:64:2b:a5:f7:
                    98:13:3d:7e:c6:59:d7:b8:d6:97:87:6f:79:d3:e3:
                    af:b0:29:33:98:a8:99:bb:f4:b4:9a:a9:36:a1:38:
                    5e:4d:fe:71:03:cd:b3:92:0b:3e:4d:b0:2e:a4:8a:
                    04:60:08:d9:94:75:50:b3:eb:4b:a2:9d:19:f8:e9:
                    ac:6f:49:4c:00:59:e9:0e:49:cb:38:2f:1b:ed:e1:
                    92:aa:74:bb:bc:aa:fa:9e:97:ab:7c:ff:6f:2e:0b:
                    4d:1c:22:42:68:29:bb:15:77:63:eb:a4:01:9a:a4:
                    f0:ed:e7:e3:ee:c7:95:46:2a:b9:8e:48:a0:d9:0f:
                    d3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:89:6E:E6:91:D4:9B:DD:F0:17:48:3E:B4:10:EE:97:58:93:59:DC
            X509v3 Authority Key Identifier:
                keyid:47:3A:D3:E9:87:9E:81:86:23:16:A1:08:08:BB:5C:42:12:95:4C:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzrT6YeegYYjFqEICLtcQhKVTLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/1d27da-b39f-42a9-949f-b6c39ad983dd/1/RzrT6YeegYYjFqEICLtcQhKVTLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:43:4e:24:ab:8e:bc:0b:ab:d3:23:0d:e6:12:ae:4f:e7:29:
         4c:58:df:1b:96:49:e8:48:e7:6e:a4:92:9b:9f:f2:76:16:fa:
         95:44:55:30:cd:4f:cb:f7:4e:9d:38:32:70:aa:50:b9:3f:c3:
         e7:43:0a:d5:60:87:68:2a:12:66:e5:9d:a5:51:4a:2e:9f:75:
         a8:f4:60:99:1f:84:25:26:8e:61:2b:55:69:13:6f:03:7d:16:
         d6:a1:0b:59:00:1d:bf:76:9e:78:ce:1f:e0:fc:c8:06:b9:78:
         88:bf:6e:ca:40:e3:b4:86:8d:e7:68:4e:98:f3:e1:08:6a:14:
         d8:4a:e9:92:ac:2e:ac:3f:20:05:8e:ab:21:ed:bc:f6:55:dd:
         db:c1:34:b0:fe:5c:0d:0a:af:01:86:8f:de:89:b2:d9:0e:f9:
         32:15:0b:8a:44:c8:cb:bd:17:29:76:5c:74:7e:73:95:53:66:
         c7:72:e6:26:03:76:ac:74:7b:1a:84:e6:7e:6a:b1:36:06:73:
         23:b2:b9:48:93:87:9b:6f:16:47:fe:0f:dd:17:e2:67:bd:41:
         b4:66:54:a6:99:53:e1:03:81:c7:8c:9c:d5:34:ad:b4:68:27:
         a2:9b:58:76:1d:68:ab:2e:e9:6e:12:eb:68:5d:2d:e1:1e:e0:
         6e:a9:6d:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zc0iCZey8Yp6p20IfltwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3M2FkM2U5ODc5ZTgxODYyMzE2YTEwODA4YmI1YzQyMTI5
NTRjYmEwHhcNMjYwMzI5MDcwMTI4WhcNMjYwMzMwMDcwMTI4WjAzMTEwLwYDVQQD
Eyg3MTg5NmVlNjkxZDQ5YmRkZjAxNzQ4M2ViNDEwZWU5NzU4OTM1OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnLlRsSqpq3naqvBApRYRKx2D/hf
ehO8I3qcimptjcy37Fz8wY94fQ9/GgGIY6OvJ/+AcRKq55yMIIDW/kc2K2X0r7zV
jpRBdCoYt7huF16/8Ek68q8yHa45kcTevUzBERL2o3WOUznaS5sZPXbJBRpSRsnA
tkQfd/T/Ggb/P+d732QrpfeYEz1+xlnXuNaXh2950+OvsCkzmKiZu/S0mqk2oThe
Tf5xA82zkgs+TbAupIoEYAjZlHVQs+tLop0Z+Omsb0lMAFnpDknLOC8b7eGSqnS7
vKr6nperfP9vLgtNHCJCaCm7FXdj66QBmqTw7efj7seVRiq5jkig2Q/T7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGJbuaR1Jvd8BdIPrQQ7pdYk1ncMB8GA1UdIwQY
MBaAFEc60+mHnoGGIxahCAi7XEISlUy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYt
YjZjMzlhZDk4M2RkLzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8xZDI3ZGEtYjM5Zi00MmE5LTk0OWYtYjZjMzlhZDk4M2Rk
LzEvUnpyVDZZZWVnWVlqRnFFSUNMdGNRaEtWVExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj0NOJKuO
vAur0yMN5hKuT+cpTFjfG5ZJ6EjnbqSSm5/ydhb6lURVMM1Py/dOnTgycKpQuT/D
50MK1WCHaCoSZuWdpVFKLp91qPRgmR+EJSaOYStVaRNvA30W1qELWQAdv3aeeM4f
4PzIBrl4iL9uykDjtIaN52hOmPPhCGoU2ErpkqwurD8gBY6rIe289lXd28E0sP5c
DQqvAYaP3omy2Q75MhULikTIy70XKXZcdH5zlVNmx3LmJgN2rHR7GoTmfmqxNgZz
I7K5SJOHm28WR/4P3RfiZ71BtGZUpplT4QOBx4yc1TSttGgnoptYdh1oqy7pbhLr
aF0t4R7gbqltxw==
-----END CERTIFICATE-----