Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
File:                     kiGxuiPNnBINnmfHS16SkKcq3SA.mft (raw, json)
Hash identifier:          8Bndd/CZygKL/m5wISfUXJtQ+TgtKV47XFDe4tGalbw=
Subject key identifier:   BA:D9:4D:2D:0A:DD:F2:C1:6B:B7:AC:69:03:53:58:BD:D1:5B:33:6E
Authority key identifier: 92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20
Certificate issuer:       /CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20
Certificate serial:       019D37891A0D939B84EAD43357D9C4511A4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
Manifest number:          0269
Signing time:             Sun 29 Mar 2026 03:00:25 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:25 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:25 +0000
Files and hashes:         1: kiGxuiPNnBINnmfHS16SkKcq3SA.crl (hash: YdUefTChpVqP53WvFDDMXRFLOfD0wZO3OJ96RSqHgww=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:1a:0d:93:9b:84:ea:d4:33:57:d9:c4:51:1a:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20
        Validity
            Not Before: Mar 29 03:00:25 2026 GMT
            Not After : Mar 30 03:00:25 2026 GMT
        Subject: CN=bad94d2d0addf2c16bb7ac69035358bdd15b336e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:54:b7:81:7c:fa:4c:4f:69:c8:2f:de:2c:43:
                    40:c5:e9:59:3f:4d:d1:5f:81:11:56:37:27:bf:4b:
                    3f:e6:92:aa:d5:dd:42:05:bc:a9:61:92:14:04:bc:
                    c1:eb:9a:d1:37:04:94:cf:bb:5b:01:eb:49:6e:05:
                    09:c1:de:3c:9b:8d:30:ba:d2:11:37:dd:f5:eb:9b:
                    c3:4b:a3:93:59:d6:e4:a7:d7:95:8b:e1:35:30:28:
                    b2:a2:ad:ab:6f:4e:f0:d6:3b:ad:5a:0f:5f:72:d2:
                    9e:4e:d6:6d:0f:9a:de:a6:f7:35:f0:0b:e0:7b:c1:
                    d0:8f:58:7e:86:34:5a:cb:14:e8:57:97:ae:67:14:
                    6a:c7:07:ec:27:a7:36:ca:56:83:7e:fb:a3:16:8f:
                    8f:99:49:b6:85:91:de:73:bc:8d:7d:c0:3e:bb:a7:
                    ae:c1:98:cf:7d:9d:8a:bf:b7:ef:74:5b:22:ee:9c:
                    7c:e9:fd:d1:c2:d4:f4:91:e9:bc:0c:5f:d7:24:be:
                    a6:05:b8:f8:47:a9:69:e5:58:f8:1b:bd:6f:02:23:
                    db:60:30:5c:8a:0d:f3:59:46:40:b1:c1:7e:fd:49:
                    12:a5:07:09:7c:32:0a:0d:c3:e3:dd:73:c0:e5:a8:
                    3c:0e:09:d5:aa:47:ec:f8:38:c3:a9:25:f7:e6:30:
                    b6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:D9:4D:2D:0A:DD:F2:C1:6B:B7:AC:69:03:53:58:BD:D1:5B:33:6E
            X509v3 Authority Key Identifier:
                keyid:92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:a1:a5:ab:95:86:b6:68:9c:c6:3a:92:ed:e7:b3:7c:53:75:
         db:c0:ee:10:f0:c5:8b:11:88:ce:1d:ad:b3:25:d3:7f:66:c7:
         fb:e7:f7:2a:ed:fb:3d:1f:b4:78:3f:01:59:14:f9:e3:88:8f:
         c5:89:5d:87:c5:81:66:f5:a2:c6:1b:06:29:a8:2b:7e:4c:94:
         42:c2:7c:b6:88:fb:b6:bc:f2:62:ef:7c:a0:55:de:a7:fd:af:
         ee:eb:88:ba:26:97:b8:62:00:32:1d:f1:e1:f5:7e:d3:86:e9:
         4a:9a:f2:6a:3b:a1:69:a4:73:7c:78:e2:89:aa:13:43:5e:bd:
         46:ad:f8:79:59:6e:a4:ba:97:94:59:70:b0:6e:32:91:93:8a:
         2f:6c:4b:aa:e3:3f:15:a5:6e:60:b2:f3:5f:a1:7a:0b:9a:03:
         98:f8:49:23:cf:84:8a:44:f2:2f:92:39:46:97:62:3d:31:58:
         56:ce:b5:ce:93:67:3b:80:c2:49:90:da:81:e9:b1:c7:40:2d:
         98:ef:8f:b5:b5:d2:88:4b:e1:cb:f4:e3:30:bc:b1:7b:f6:0b:
         ec:f5:d2:92:76:2e:a2:8b:3c:17:3a:7f:18:6a:bb:7b:86:c6:
         d2:4b:4e:10:e0:f8:b0:c4:b0:c0:80:ca:79:d2:e4:f3:30:cb:
         c3:63:2d:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iRoNk5uE6tQzV9nEURpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjFiMWJhMjNjZDljMTIwZDllNjdjNzRiNWU5MjkwYTcy
YWRkMjAwHhcNMjYwMzI5MDMwMDI1WhcNMjYwMzMwMDMwMDI1WjAzMTEwLwYDVQQD
EyhiYWQ5NGQyZDBhZGRmMmMxNmJiN2FjNjkwMzUzNThiZGQxNWIzMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1S3gXz6TE9pyC/eLENAxelZP03R
X4ERVjcnv0s/5pKq1d1CBbypYZIUBLzB65rRNwSUz7tbAetJbgUJwd48m40wutIR
N93165vDS6OTWdbkp9eVi+E1MCiyoq2rb07w1jutWg9fctKeTtZtD5repvc18Avg
e8HQj1h+hjRayxToV5euZxRqxwfsJ6c2ylaDfvujFo+PmUm2hZHec7yNfcA+u6eu
wZjPfZ2Kv7fvdFsi7px86f3RwtT0kem8DF/XJL6mBbj4R6lp5Vj4G71vAiPbYDBc
ig3zWUZAscF+/UkSpQcJfDIKDcPj3XPA5ag8DgnVqkfs+DjDqSX35jC2YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrZTS0K3fLBa7esaQNTWL3RWzNuMB8GA1UdIwQY
MBaAFJIhsbojzZwSDZ5nx0tekpCnKt0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYt
M2RiN2ZlOGY2NzgzLzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYtM2RiN2ZlOGY2Nzgz
LzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASKGlq5WG
tmicxjqS7eezfFN128DuEPDFixGIzh2tsyXTf2bH++f3Ku37PR+0eD8BWRT544iP
xYldh8WBZvWixhsGKagrfkyUQsJ8toj7trzyYu98oFXep/2v7uuIuiaXuGIAMh3x
4fV+04bpSpryajuhaaRzfHjiiaoTQ169Rq34eVlupLqXlFlwsG4ykZOKL2xLquM/
FaVuYLLzX6F6C5oDmPhJI8+EikTyL5I5RpdiPTFYVs61zpNnO4DCSZDagemxx0At
mO+PtbXSiEvhy/TjMLyxe/YL7PXSknYuoos8Fzp/GGq7e4bG0ktOEOD4sMSwwIDK
edLk8zDLw2MteA==
-----END CERTIFICATE-----