Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
File:                     GAIUWTANFfrFUHBc9uJYmZ09hro.mft (raw, json)
Hash identifier:          O7TtbDVTI20SkFPJDtcz/kWFOp7eLVQF6fCcy98UzuY=
Subject key identifier:   B1:4B:63:84:50:A3:6B:10:EF:AA:C4:F6:02:31:DB:A0:A6:97:2E:6D
Authority key identifier: 18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA
Certificate issuer:       /CN=18021459300d15fac550705cf6e258999d3d86ba
Certificate serial:       019D37C0B43A15AC6B022FD1A461A4549F21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
Manifest number:          0D71
Signing time:             Sun 29 Mar 2026 04:01:08 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:08 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:08 +0000
Files and hashes:         1: GAIUWTANFfrFUHBc9uJYmZ09hro.crl (hash: 3FxcQWUZGt18FCxSp4Q9tgcfb7jV03DvWvT2guzcybI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:b4:3a:15:ac:6b:02:2f:d1:a4:61:a4:54:9f:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18021459300d15fac550705cf6e258999d3d86ba
        Validity
            Not Before: Mar 29 04:01:08 2026 GMT
            Not After : Mar 30 04:01:08 2026 GMT
        Subject: CN=b14b638450a36b10efaac4f60231dba0a6972e6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:fb:9f:2f:5e:3b:f2:fb:52:fb:af:30:0b:a3:
                    01:b9:ce:d7:8b:42:00:ea:59:fb:de:da:77:b9:ea:
                    5f:02:c7:7d:11:de:17:10:49:25:b9:54:65:07:2d:
                    f1:05:f2:47:35:5d:31:91:29:1c:75:d4:e8:c8:6f:
                    23:11:57:89:9b:d3:41:11:f8:7d:ba:d9:9a:3b:30:
                    b6:ef:f1:5f:52:a2:70:d0:7d:66:9c:4b:d7:fb:cf:
                    00:a4:7c:3d:9f:39:e1:cb:b4:c6:e2:f8:d6:0a:c3:
                    17:fd:c0:0e:a1:e6:5c:70:8d:6c:ef:04:01:0d:ff:
                    30:a7:da:57:01:6f:7f:b8:87:36:0e:68:43:93:a7:
                    56:a2:fb:d3:a3:5a:90:5a:3d:ee:20:05:15:a3:6e:
                    89:a0:27:7c:48:74:1c:d9:df:fa:43:62:60:0c:3c:
                    36:8f:df:21:4b:e0:8c:f6:88:f7:38:36:82:5b:01:
                    ae:1e:d1:a2:62:28:60:77:a2:22:8d:8c:fb:06:98:
                    55:9b:14:e7:3d:b0:d2:46:ec:a3:77:b4:6b:5a:5c:
                    63:c5:a4:83:46:43:d3:d5:c7:b1:ed:2d:c2:0d:89:
                    bb:a2:b1:45:84:42:ee:a5:f8:23:cf:d3:a7:76:85:
                    57:32:95:34:54:c7:23:d2:57:52:50:25:43:e4:8d:
                    c9:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:4B:63:84:50:A3:6B:10:EF:AA:C4:F6:02:31:DB:A0:A6:97:2E:6D
            X509v3 Authority Key Identifier:
                keyid:18:02:14:59:30:0D:15:FA:C5:50:70:5C:F6:E2:58:99:9D:3D:86:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAIUWTANFfrFUHBc9uJYmZ09hro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d3327-7084-4ced-9967-9224ce2e965a/1/GAIUWTANFfrFUHBc9uJYmZ09hro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:62:46:76:a8:e1:41:69:b8:bb:94:ca:12:c1:5f:8d:03:e9:
         36:a4:b1:7a:7b:fa:c5:f4:79:1f:a2:f6:21:6b:85:16:36:87:
         a1:74:75:10:36:69:c1:18:de:57:ac:ab:8f:5c:27:a2:05:31:
         d7:93:f0:c7:bb:fc:68:29:0a:a1:5d:a3:59:2a:ef:c8:5a:67:
         ac:fa:d7:2d:96:bb:62:d7:88:7e:3a:b4:0e:a5:ef:2d:b1:82:
         d2:6e:07:f1:5c:9f:f7:e8:a6:1b:85:66:5d:1c:96:e2:99:be:
         5e:1c:16:5a:da:ca:1c:a3:02:81:2b:2b:11:74:63:1f:7a:c0:
         7a:c4:af:3b:eb:c8:64:bf:6e:23:a5:7c:10:7a:48:25:80:8c:
         d8:b6:97:46:f6:fa:eb:de:7a:ac:5f:fb:3f:6b:23:60:db:c7:
         64:f1:33:39:84:92:b3:9f:d7:90:c6:fa:2c:51:88:55:d4:44:
         56:66:04:6b:c2:75:49:f3:6f:93:f2:75:c4:a2:8c:67:ff:a9:
         00:2f:5d:f7:84:6d:ab:2d:aa:58:36:8a:c4:52:5f:c0:d0:c5:
         95:98:5a:f5:ff:b9:d6:ff:31:b2:0c:e0:7c:b5:69:ef:b2:15:
         5e:27:66:5a:d6:88:c0:78:74:9f:d3:91:d8:83:d4:6d:1e:e1:
         fe:97:92:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wLQ6FaxrAi/RpGGkVJ8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDIxNDU5MzAwZDE1ZmFjNTUwNzA1Y2Y2ZTI1ODk5OWQz
ZDg2YmEwHhcNMjYwMzI5MDQwMTA4WhcNMjYwMzMwMDQwMTA4WjAzMTEwLwYDVQQD
EyhiMTRiNjM4NDUwYTM2YjEwZWZhYWM0ZjYwMjMxZGJhMGE2OTcyZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPufL1478vtS+68wC6MBuc7Xi0IA
6ln73tp3uepfAsd9Ed4XEEkluVRlBy3xBfJHNV0xkSkcddToyG8jEVeJm9NBEfh9
utmaOzC27/FfUqJw0H1mnEvX+88ApHw9nznhy7TG4vjWCsMX/cAOoeZccI1s7wQB
Df8wp9pXAW9/uIc2DmhDk6dWovvTo1qQWj3uIAUVo26JoCd8SHQc2d/6Q2JgDDw2
j98hS+CM9oj3ODaCWwGuHtGiYihgd6IijYz7BphVmxTnPbDSRuyjd7RrWlxjxaSD
RkPT1cex7S3CDYm7orFFhELupfgjz9OndoVXMpU0VMcj0ldSUCVD5I3JXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFLY4RQo2sQ76rE9gIx26Cmly5tMB8GA1UdIwQY
MBaAFBgCFFkwDRX6xVBwXPbiWJmdPYa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5Njct
OTIyNGNlMmU5NjVhLzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDMzMjctNzA4NC00Y2VkLTk5NjctOTIyNGNlMmU5NjVh
LzEvR0FJVVdUQU5GZnJGVUhCYzl1SlltWjA5aHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE2JGdqjh
QWm4u5TKEsFfjQPpNqSxenv6xfR5H6L2IWuFFjaHoXR1EDZpwRjeV6yrj1wnogUx
15Pwx7v8aCkKoV2jWSrvyFpnrPrXLZa7YteIfjq0DqXvLbGC0m4H8Vyf9+imG4Vm
XRyW4pm+XhwWWtrKHKMCgSsrEXRjH3rAesSvO+vIZL9uI6V8EHpIJYCM2LaXRvb6
6956rF/7P2sjYNvHZPEzOYSSs5/XkMb6LFGIVdREVmYEa8J1SfNvk/J1xKKMZ/+p
AC9d94Rtqy2qWDaKxFJfwNDFlZha9f+51v8xsgzgfLVp77IVXidmWtaIwHh0n9OR
2IPUbR7h/peSag==
-----END CERTIFICATE-----