Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
File:                     6gYhpKcsclr8dUFej4rPdTPUIH0.mft (raw, json)
Hash identifier:          2UQlMG7e5+nb98pB4gFrPfZdNMK3Uso5ESTfzF5dPnU=
Subject key identifier:   2A:09:94:7D:52:48:A4:C9:3D:2F:74:23:DC:1A:35:59:14:20:2D:99
Authority key identifier: EA:06:21:A4:A7:2C:72:5A:FC:75:41:5E:8F:8A:CF:75:33:D4:20:7D
Certificate issuer:       /CN=ea0621a4a72c725afc75415e8f8acf7533d4207d
Certificate serial:       019D38668989AD4A771A20D8831E5F2BE44C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
Manifest number:          16DA
Signing time:             Sun 29 Mar 2026 07:02:17 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:17 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:17 +0000
Files and hashes:         1: 6gYhpKcsclr8dUFej4rPdTPUIH0.crl (hash: dWr0IgA4lz9evU2qNUFjHuCd/YkTl8bndjQ3lGkDDhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:89:89:ad:4a:77:1a:20:d8:83:1e:5f:2b:e4:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea0621a4a72c725afc75415e8f8acf7533d4207d
        Validity
            Not Before: Mar 29 07:02:17 2026 GMT
            Not After : Mar 30 07:02:17 2026 GMT
        Subject: CN=2a09947d5248a4c93d2f7423dc1a355914202d99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:60:77:52:e3:b7:7b:4f:57:ef:85:e9:57:af:
                    f0:56:79:ce:ed:67:52:9a:4f:f5:c7:b7:04:25:ad:
                    24:a9:1f:5e:66:a0:06:59:67:48:a0:a1:20:b7:9f:
                    e2:de:39:7c:b8:5f:63:89:d7:31:6a:b1:c2:ce:bd:
                    a8:00:86:fe:0e:d5:60:84:42:f1:48:28:9b:08:66:
                    08:53:86:3e:d0:82:85:8b:b6:e4:d1:65:2a:24:9b:
                    57:08:f2:3d:d8:11:3d:24:e9:46:7e:27:6f:93:60:
                    27:4d:cd:1b:18:da:77:d3:fc:a1:2a:c8:8a:5c:75:
                    3a:7f:4d:29:0f:6a:1a:e7:21:56:7f:36:22:ed:c6:
                    4f:bf:0e:35:1a:98:a5:74:e7:58:71:27:a9:28:13:
                    29:5b:d7:06:09:fe:59:6b:66:b3:8e:c8:20:7f:82:
                    e9:85:1a:89:a7:65:1c:09:23:d8:92:b8:35:d0:e7:
                    9a:a5:30:9b:a4:db:b0:47:39:4f:1b:0f:fc:d7:f0:
                    fa:6f:a4:cc:b9:10:b0:41:9b:51:af:79:e4:64:1c:
                    a8:b0:82:59:12:d4:1a:88:4a:19:91:b1:d3:25:2d:
                    b0:31:9b:fa:29:f1:c3:be:e8:14:61:4d:74:53:4d:
                    0e:5d:3e:0c:13:66:b6:b3:43:08:1d:dd:7c:78:cc:
                    3c:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:09:94:7D:52:48:A4:C9:3D:2F:74:23:DC:1A:35:59:14:20:2D:99
            X509v3 Authority Key Identifier:
                keyid:EA:06:21:A4:A7:2C:72:5A:FC:75:41:5E:8F:8A:CF:75:33:D4:20:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:4f:3c:74:e8:9b:a5:ac:00:c4:e9:a4:06:41:ea:11:ce:af:
         59:33:aa:64:e0:7d:b9:2d:3c:05:5d:d8:63:d4:42:a1:bd:57:
         28:5f:5f:94:b1:cc:72:52:23:ae:f5:e4:a6:99:e2:c1:49:bb:
         4f:a2:e0:ed:f4:fc:15:c5:f1:2c:61:0e:8f:2c:f1:0a:1b:d5:
         6c:be:67:24:9f:e4:cc:95:5e:92:f7:e4:4b:13:62:47:10:9e:
         83:5a:0d:f6:e6:7d:b6:af:02:2e:8b:78:a5:31:4f:0d:81:bf:
         6d:95:4a:bd:e0:26:7a:29:54:72:1e:38:ce:ff:fb:20:72:3d:
         45:0b:cd:c3:18:ea:d9:8b:67:d7:31:d4:d3:61:48:0d:18:60:
         00:c3:f5:3f:bc:9a:4a:7d:75:2a:9d:66:c1:53:7e:3d:60:7e:
         1e:1b:49:dd:37:c4:ed:ce:64:82:b3:73:cd:fb:2a:76:85:66:
         df:ab:cf:76:42:f5:be:50:e0:37:1a:fb:7e:5e:2c:bb:72:d7:
         66:8e:d4:6e:c9:2e:ea:ae:82:e8:41:58:ee:06:28:01:46:12:
         1c:50:13:92:2b:e8:7d:cc:f6:5b:18:37:a1:b8:50:9b:fd:f8:
         55:a9:bb:16:df:94:67:a9:3f:09:7c:42:ca:64:8d:27:98:88:
         1e:d9:02:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZomJrUp3GiDYgx5fK+RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMDYyMWE0YTcyYzcyNWFmYzc1NDE1ZThmOGFjZjc1MzNk
NDIwN2QwHhcNMjYwMzI5MDcwMjE3WhcNMjYwMzMwMDcwMjE3WjAzMTEwLwYDVQQD
EygyYTA5OTQ3ZDUyNDhhNGM5M2QyZjc0MjNkYzFhMzU1OTE0MjAyZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WB3UuO3e09X74XpV6/wVnnO7WdS
mk/1x7cEJa0kqR9eZqAGWWdIoKEgt5/i3jl8uF9jidcxarHCzr2oAIb+DtVghELx
SCibCGYIU4Y+0IKFi7bk0WUqJJtXCPI92BE9JOlGfidvk2AnTc0bGNp30/yhKsiK
XHU6f00pD2oa5yFWfzYi7cZPvw41GpildOdYcSepKBMpW9cGCf5Za2azjsggf4Lp
hRqJp2UcCSPYkrg10OeapTCbpNuwRzlPGw/81/D6b6TMuRCwQZtRr3nkZByosIJZ
EtQaiEoZkbHTJS2wMZv6KfHDvugUYU10U00OXT4ME2a2s0MIHd18eMw88QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCoJlH1SSKTJPS90I9waNVkUIC2ZMB8GA1UdIwQY
MBaAFOoGIaSnLHJa/HVBXo+Kz3Uz1CB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zMTE1OGUtOWNhNi00NGUzLTk4NTMt
YzM4NGQ4YmMzYmVmLzEvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zMTE1OGUtOWNhNi00NGUzLTk4NTMtYzM4NGQ4YmMzYmVm
LzEvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEU88dOib
pawAxOmkBkHqEc6vWTOqZOB9uS08BV3YY9RCob1XKF9flLHMclIjrvXkppniwUm7
T6Lg7fT8FcXxLGEOjyzxChvVbL5nJJ/kzJVekvfkSxNiRxCeg1oN9uZ9tq8CLot4
pTFPDYG/bZVKveAmeilUch44zv/7IHI9RQvNwxjq2Ytn1zHU02FIDRhgAMP1P7ya
Sn11Kp1mwVN+PWB+HhtJ3TfE7c5kgrNzzfsqdoVm36vPdkL1vlDgNxr7fl4su3LX
Zo7Ubsku6q6C6EFY7gYoAUYSHFATkivofcz2Wxg3obhQm/34Vam7Ft+UZ6k/CXxC
ymSNJ5iIHtkCjQ==
-----END CERTIFICATE-----