Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          w8DKJBRShIjmaaS0/HNVy7mKDSDrfOlpBKNa/zVWuW0=
Subject key identifier:   D7:82:CD:57:A3:84:A1:05:5C:B5:E2:CA:B2:38:70:48:1B:FF:C3:A6
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019D386645907328560EC7D4657E6675E58E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0C9D
Signing time:             Sun 29 Mar 2026 07:01:59 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:59 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:59 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: S5facs4VQNOf+HCq+vnhWurD+i0illT+V0AygSx0+jU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:45:90:73:28:56:0e:c7:d4:65:7e:66:75:e5:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Mar 29 07:01:59 2026 GMT
            Not After : Mar 30 07:01:59 2026 GMT
        Subject: CN=d782cd57a384a1055cb5e2cab23870481bffc3a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c6:4f:5f:c3:11:a8:5c:48:a6:4a:85:f8:a3:
                    e2:c7:50:12:f0:d6:48:53:e7:ce:60:e5:5c:a0:db:
                    46:f8:ce:5a:54:fd:01:38:74:45:d6:06:52:6e:75:
                    14:e2:26:6d:4f:a2:30:1e:10:f2:f5:df:df:18:09:
                    b7:87:c9:aa:c0:b7:22:e9:10:92:b9:f2:d0:2f:43:
                    2e:51:f0:68:76:55:12:31:70:33:a0:f1:d9:83:c7:
                    6b:d8:b0:52:b8:e5:dc:0f:4d:5f:e6:7c:82:8a:e8:
                    7d:b9:d9:01:f3:9c:0f:56:24:3a:55:7f:8b:b5:b8:
                    86:c4:b0:dd:80:11:1d:6d:e1:9b:ef:2a:64:35:b0:
                    41:a2:d4:0a:85:11:e2:43:db:8d:e7:77:dd:e3:f3:
                    0a:09:f3:3b:b2:6f:19:bb:53:ac:45:ad:16:93:d5:
                    9d:dc:08:c0:b3:e3:33:cc:5a:a8:cc:36:26:92:f4:
                    6f:c9:e3:94:f3:21:74:b9:e9:5a:1e:80:a7:4a:75:
                    b5:3a:36:77:a2:98:be:b0:db:1f:e1:a4:d5:bb:0a:
                    a7:46:26:14:a1:07:71:f4:4c:26:ec:ef:d9:16:7d:
                    1a:35:95:1b:74:02:65:1b:62:fa:8e:ef:f8:19:02:
                    c3:c3:66:ad:cc:ad:a7:15:38:3f:c9:3c:9a:7a:07:
                    15:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:82:CD:57:A3:84:A1:05:5C:B5:E2:CA:B2:38:70:48:1B:FF:C3:A6
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:93:2c:26:8d:9b:47:13:69:57:c8:c0:d1:e3:d8:93:d1:70:
         5c:c2:17:80:d8:d5:23:44:59:71:85:dd:a9:15:2e:e9:66:28:
         8e:d1:af:99:81:18:52:54:ee:13:f8:fd:a2:e5:71:04:da:df:
         5f:aa:55:e0:ff:3d:5d:8b:9f:0c:03:06:08:35:09:38:81:ab:
         5b:f6:60:a8:fb:fd:e2:21:53:2e:86:9e:77:44:c8:4f:e8:77:
         c5:a7:4c:11:ec:57:10:32:40:df:68:a6:2f:bb:85:eb:c2:d8:
         8f:b1:b7:11:d7:ec:50:be:ed:11:3f:31:d7:f0:05:e0:fb:bb:
         35:a7:74:88:e3:46:36:e4:d7:15:6d:80:7d:98:fd:b7:67:cd:
         0b:39:08:e8:5a:52:94:1c:d2:64:c3:8e:dd:d1:35:0a:00:30:
         4f:5b:ea:33:cb:60:8a:a6:69:43:b1:20:6d:67:b4:3b:33:f4:
         ee:7f:32:86:f7:eb:2e:9f:f8:ea:14:b1:6a:c1:67:af:f6:b9:
         f0:a8:d3:ad:e5:cc:f6:e6:13:77:4f:60:f0:dd:93:06:f9:ea:
         20:80:3b:7e:34:c2:15:b8:ae:6c:92:89:e0:f5:a0:c2:8c:44:
         23:16:79:b0:0a:57:86:67:43:1b:93:35:1f:4e:13:a8:73:07:
         d0:43:a4:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZkWQcyhWDsfUZX5mdeWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjYwMzI5MDcwMTU5WhcNMjYwMzMwMDcwMTU5WjAzMTEwLwYDVQQD
EyhkNzgyY2Q1N2EzODRhMTA1NWNiNWUyY2FiMjM4NzA0ODFiZmZjM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8ZPX8MRqFxIpkqF+KPix1AS8NZI
U+fOYOVcoNtG+M5aVP0BOHRF1gZSbnUU4iZtT6IwHhDy9d/fGAm3h8mqwLci6RCS
ufLQL0MuUfBodlUSMXAzoPHZg8dr2LBSuOXcD01f5nyCiuh9udkB85wPViQ6VX+L
tbiGxLDdgBEdbeGb7ypkNbBBotQKhRHiQ9uN53fd4/MKCfM7sm8Zu1OsRa0Wk9Wd
3AjAs+MzzFqozDYmkvRvyeOU8yF0uelaHoCnSnW1OjZ3opi+sNsf4aTVuwqnRiYU
oQdx9Ewm7O/ZFn0aNZUbdAJlG2L6ju/4GQLDw2atzK2nFTg/yTyaegcVawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeCzVejhKEFXLXiyrI4cEgb/8OmMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqJMsJo2b
RxNpV8jA0ePYk9FwXMIXgNjVI0RZcYXdqRUu6WYojtGvmYEYUlTuE/j9ouVxBNrf
X6pV4P89XYufDAMGCDUJOIGrW/ZgqPv94iFTLoaed0TIT+h3xadMEexXEDJA32im
L7uF68LYj7G3EdfsUL7tET8x1/AF4Pu7Nad0iONGNuTXFW2AfZj9t2fNCzkI6FpS
lBzSZMOO3dE1CgAwT1vqM8tgiqZpQ7EgbWe0OzP07n8yhvfrLp/46hSxasFnr/a5
8KjTreXM9uYTd09g8N2TBvnqIIA7fjTCFbiubJKJ4PWgwoxEIxZ5sApXhmdDG5M1
H04TqHMH0EOk5g==
-----END CERTIFICATE-----