Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          +gu08VcDs+y/4Y0BriiBH1HuvdR2c0ZFhe7/9h6QwQc=
Subject key identifier:   21:D4:30:DD:09:D6:51:28:BB:D2:65:34:AF:5E:82:AD:0E:6C:01:36
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       019D3865749D25EED67B36D8510469C326B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          08B3
Signing time:             Sun 29 Mar 2026 07:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:06 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: ldCk2oaeJJ8DZPsBZUTJyx9uNVRuxtL/EO/A3V7bck4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:74:9d:25:ee:d6:7b:36:d8:51:04:69:c3:26:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: Mar 29 07:01:06 2026 GMT
            Not After : Mar 30 07:01:06 2026 GMT
        Subject: CN=21d430dd09d65128bbd26534af5e82ad0e6c0136
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:eb:90:b0:d2:04:87:08:dc:f3:5d:e6:26:4c:
                    7e:02:88:d9:db:2a:c9:72:3e:4a:7f:f4:3f:54:bc:
                    93:95:c7:97:0d:e6:2a:78:13:61:b0:38:b6:7c:2d:
                    ad:65:fe:63:a4:29:93:ac:b3:79:c6:3e:97:cf:89:
                    5b:c8:58:82:eb:85:be:f3:8c:e6:8d:8f:d9:8c:5f:
                    a8:e8:25:d9:91:89:e3:e5:28:66:6e:26:46:32:ec:
                    b6:01:f4:36:94:1f:f2:33:79:af:0a:38:49:55:82:
                    af:73:97:58:9c:11:e8:31:6e:7c:c2:ef:e3:2e:46:
                    d0:c3:a6:a7:25:cf:2e:25:40:61:a9:f8:86:d5:ef:
                    f6:4d:1f:e9:ce:17:2f:14:a0:9a:c6:ae:26:1e:2b:
                    a3:1f:e7:00:20:e3:3a:62:13:b6:db:b1:b8:41:7e:
                    8f:85:53:dd:5f:7c:8b:d5:69:39:12:fa:17:89:04:
                    4e:dc:12:f5:6d:51:6b:6e:95:d4:03:f0:31:16:d2:
                    0a:bd:ca:66:2b:71:ec:7b:36:de:90:93:70:97:bd:
                    80:11:e2:d1:c4:ee:b0:3d:5f:21:34:04:da:bd:76:
                    5b:59:5d:c3:e9:5c:4c:b6:c1:7b:a7:4e:87:f7:8f:
                    e7:51:5b:9d:4d:a5:ab:30:18:c5:39:66:6d:4c:14:
                    22:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:D4:30:DD:09:D6:51:28:BB:D2:65:34:AF:5E:82:AD:0E:6C:01:36
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:3a:e4:a8:22:91:c8:a3:88:04:1f:50:ca:64:65:76:96:d2:
         1a:9c:d4:a7:e8:88:13:03:ea:06:db:a6:a9:87:af:e2:4f:0e:
         9a:13:34:b0:b1:d2:d0:c6:84:b5:79:b4:95:f2:d1:6a:88:80:
         17:51:5b:d1:a4:27:ba:9a:dc:33:5d:be:ef:b2:f9:56:be:ee:
         3d:98:01:4f:5d:1c:d8:a2:54:1e:9a:c9:60:d1:32:a7:79:e8:
         1d:51:46:88:df:40:3c:99:39:22:dd:b2:34:4a:92:6a:61:c0:
         bb:ff:94:13:c8:84:16:a3:a4:76:79:bd:3a:b6:c1:fc:bc:1f:
         dc:98:74:d1:c3:29:b6:3f:1d:41:bd:93:53:b6:d7:ce:cb:cc:
         a5:c7:f8:ec:3f:7a:b2:76:e4:cb:57:b4:85:9b:30:eb:10:d2:
         2e:e1:06:f3:7e:31:62:a6:b8:3d:c5:29:db:1d:75:72:63:4d:
         35:de:d8:3a:d1:2b:8b:8e:84:eb:a1:33:27:1d:8a:ce:92:b1:
         f3:84:33:e3:fc:f7:fb:9d:56:54:ca:cd:4c:b7:39:9c:40:ed:
         15:ba:e0:03:6b:d3:27:29:a2:ec:54:78:1c:8c:2a:3a:a6:0f:
         7f:15:d6:de:e8:c1:1e:6a:f6:e6:6c:4f:68:5c:d5:14:80:af:
         ff:1a:23:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXSdJe7WezbYUQRpwyaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjYwMzI5MDcwMTA2WhcNMjYwMzMwMDcwMTA2WjAzMTEwLwYDVQQD
EygyMWQ0MzBkZDA5ZDY1MTI4YmJkMjY1MzRhZjVlODJhZDBlNmMwMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieuQsNIEhwjc813mJkx+AojZ2yrJ
cj5Kf/Q/VLyTlceXDeYqeBNhsDi2fC2tZf5jpCmTrLN5xj6Xz4lbyFiC64W+84zm
jY/ZjF+o6CXZkYnj5ShmbiZGMuy2AfQ2lB/yM3mvCjhJVYKvc5dYnBHoMW58wu/j
LkbQw6anJc8uJUBhqfiG1e/2TR/pzhcvFKCaxq4mHiujH+cAIOM6YhO227G4QX6P
hVPdX3yL1Wk5EvoXiQRO3BL1bVFrbpXUA/AxFtIKvcpmK3HsezbekJNwl72AEeLR
xO6wPV8hNATavXZbWV3D6VxMtsF7p06H94/nUVudTaWrMBjFOWZtTBQigwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCHUMN0J1lEou9JlNK9egq0ObAE2MB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADTrkqCKR
yKOIBB9QymRldpbSGpzUp+iIEwPqBtumqYev4k8OmhM0sLHS0MaEtXm0lfLRaoiA
F1Fb0aQnuprcM12+77L5Vr7uPZgBT10c2KJUHprJYNEyp3noHVFGiN9APJk5It2y
NEqSamHAu/+UE8iEFqOkdnm9OrbB/Lwf3Jh00cMptj8dQb2TU7bXzsvMpcf47D96
snbky1e0hZsw6xDSLuEG834xYqa4PcUp2x11cmNNNd7YOtEri46E66EzJx2KzpKx
84Qz4/z3+51WVMrNTLc5nEDtFbrgA2vTJymi7FR4HIwqOqYPfxXW3ujBHmr25mxP
aFzVFICv/xoj0g==
-----END CERTIFICATE-----