Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft
File:                     DlNS2UQbZcIBbtjrfi8jWVRDT10.mft (raw, json)
Hash identifier:          Q9EcmpR//gy4tgMrDnh+QCueRFB4THbXAbgK+KA1RP8=
Subject key identifier:   BA:FB:68:E3:8A:7C:9D:49:CD:F1:2A:84:52:B6:2F:DF:4F:F0:38:85
Authority key identifier: 0E:53:52:D9:44:1B:65:C2:01:6E:D8:EB:7E:2F:23:59:54:43:4F:5D
Certificate issuer:       /CN=0e5352d9441b65c2016ed8eb7e2f235954434f5d
Certificate serial:       019D38D31A98650E927B9DD61BF8D4DB3915
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DlNS2UQbZcIBbtjrfi8jWVRDT10.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft
Manifest number:          0436
Signing time:             Sun 29 Mar 2026 09:00:52 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:52 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:52 +0000
Files and hashes:         1: DlNS2UQbZcIBbtjrfi8jWVRDT10.crl (hash: EYGDJhqDzRD3Hm+I9MiljbUjFuYvIzMe9T5Tqx+Vn+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DlNS2UQbZcIBbtjrfi8jWVRDT10.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:1a:98:65:0e:92:7b:9d:d6:1b:f8:d4:db:39:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e5352d9441b65c2016ed8eb7e2f235954434f5d
        Validity
            Not Before: Mar 29 09:00:52 2026 GMT
            Not After : Mar 30 09:00:52 2026 GMT
        Subject: CN=bafb68e38a7c9d49cdf12a8452b62fdf4ff03885
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:91:e6:43:a5:f9:57:1e:2e:51:d3:a6:4a:c0:
                    1d:27:ba:03:28:a3:54:17:e5:81:72:cc:7a:f4:5a:
                    d8:b3:a4:ac:81:99:dc:5c:65:b1:d3:df:5b:dc:15:
                    27:87:db:f2:42:91:bc:fe:0d:91:f5:7c:6f:ed:be:
                    37:8a:5f:9a:6e:b5:81:3d:57:87:69:bb:07:ed:c4:
                    2b:4f:b8:4d:20:d8:2e:8c:ac:36:0c:b7:98:f1:cb:
                    48:42:0b:d7:a5:5d:57:9f:47:9f:7e:f4:be:aa:c5:
                    66:f1:2e:b6:c5:48:57:6e:e5:6a:60:c9:e6:4f:86:
                    c8:4c:95:61:72:87:e0:63:26:b3:c2:a9:3a:02:ae:
                    18:b4:d9:af:5e:5f:db:5b:cf:9d:7d:f0:0b:bc:b9:
                    f2:72:9c:47:cb:ef:65:58:dd:24:b6:2a:5e:19:14:
                    8b:bf:18:1e:72:08:22:dd:ea:9b:eb:19:17:e2:52:
                    dd:77:93:ce:e2:58:ed:24:b5:1d:aa:3d:21:63:37:
                    b6:08:f6:62:2f:2e:72:1c:c8:ca:32:4f:10:8c:ac:
                    d4:25:18:09:85:5f:2d:25:ef:13:fb:2f:2f:8e:4d:
                    8d:7b:cd:ce:f9:ff:e1:cd:16:b4:0a:7b:42:d3:50:
                    84:be:77:63:f2:95:91:eb:28:ee:e0:11:48:e1:48:
                    ab:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:FB:68:E3:8A:7C:9D:49:CD:F1:2A:84:52:B6:2F:DF:4F:F0:38:85
            X509v3 Authority Key Identifier:
                keyid:0E:53:52:D9:44:1B:65:C2:01:6E:D8:EB:7E:2F:23:59:54:43:4F:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DlNS2UQbZcIBbtjrfi8jWVRDT10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/1f5681-b105-4ff1-9bf4-adc56d43e0c4/1/DlNS2UQbZcIBbtjrfi8jWVRDT10.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:df:80:8e:b7:ce:aa:a9:2c:a6:bc:a5:8c:17:6a:c5:e5:00:
         4f:48:2b:57:a2:58:e4:95:8e:3f:1a:d9:ea:f7:f8:c4:24:51:
         41:06:44:38:99:11:37:e1:a1:2f:b4:01:ab:4d:e8:3f:e3:ed:
         5c:fb:08:69:d8:ae:02:6d:53:78:fa:8f:a7:20:89:08:e5:e4:
         d8:62:e2:5a:dd:09:bc:71:88:09:f2:6b:7d:62:18:11:bc:3e:
         92:87:b7:51:a8:35:23:f1:a5:2e:4a:e7:64:c3:88:60:07:4a:
         c1:34:c8:c7:f1:13:91:88:c9:0c:4a:19:0d:c8:f4:47:07:92:
         fc:3a:8c:6f:5c:c5:55:cb:52:9c:32:f8:db:4e:22:b8:f1:c7:
         e4:3d:14:36:51:86:7b:8e:01:44:b0:17:2a:a8:ab:84:87:33:
         ed:41:19:a7:6e:fc:f8:59:9d:3a:6e:5f:3d:97:43:d7:c0:6e:
         96:0a:ea:f9:67:0b:62:76:ae:dd:27:7a:de:da:34:d4:eb:04:
         de:1c:55:1b:51:3e:5b:b5:81:58:be:8d:13:ec:2d:a0:f5:7e:
         81:52:72:80:17:85:20:9d:e6:82:6b:a1:1c:86:d1:da:17:bb:
         fe:37:27:28:ed:12:a7:2d:83:73:81:85:28:3a:71:9d:dc:e9:
         68:da:18:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040xqYZQ6Se53WG/jU2zkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNTM1MmQ5NDQxYjY1YzIwMTZlZDhlYjdlMmYyMzU5NTQ0
MzRmNWQwHhcNMjYwMzI5MDkwMDUyWhcNMjYwMzMwMDkwMDUyWjAzMTEwLwYDVQQD
EyhiYWZiNjhlMzhhN2M5ZDQ5Y2RmMTJhODQ1MmI2MmZkZjRmZjAzODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5HmQ6X5Vx4uUdOmSsAdJ7oDKKNU
F+WBcsx69FrYs6SsgZncXGWx099b3BUnh9vyQpG8/g2R9Xxv7b43il+abrWBPVeH
absH7cQrT7hNINgujKw2DLeY8ctIQgvXpV1Xn0effvS+qsVm8S62xUhXbuVqYMnm
T4bITJVhcofgYyazwqk6Aq4YtNmvXl/bW8+dffALvLnycpxHy+9lWN0ktipeGRSL
vxgecggi3eqb6xkX4lLdd5PO4ljtJLUdqj0hYze2CPZiLy5yHMjKMk8QjKzUJRgJ
hV8tJe8T+y8vjk2Ne83O+f/hzRa0CntC01CEvndj8pWR6yju4BFI4Uir4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLr7aOOKfJ1JzfEqhFK2L99P8DiFMB8GA1UdIwQY
MBaAFA5TUtlEG2XCAW7Y634vI1lUQ09dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGxOUzJVUWJaY0lCYnRqcmZpOGpXVlJEVDEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xZjU2ODEtYjEwNS00ZmYxLTliZjQt
YWRjNTZkNDNlMGM0LzEvRGxOUzJVUWJaY0lCYnRqcmZpOGpXVlJEVDEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8xZjU2ODEtYjEwNS00ZmYxLTliZjQtYWRjNTZkNDNlMGM0
LzEvRGxOUzJVUWJaY0lCYnRqcmZpOGpXVlJEVDEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWN+AjrfO
qqkspryljBdqxeUAT0grV6JY5JWOPxrZ6vf4xCRRQQZEOJkRN+GhL7QBq03oP+Pt
XPsIadiuAm1TePqPpyCJCOXk2GLiWt0JvHGICfJrfWIYEbw+koe3Uag1I/GlLkrn
ZMOIYAdKwTTIx/ETkYjJDEoZDcj0RweS/DqMb1zFVctSnDL4204iuPHH5D0UNlGG
e44BRLAXKqirhIcz7UEZp278+FmdOm5fPZdD18Bulgrq+WcLYnau3Sd63to01OsE
3hxVG1E+W7WBWL6NE+wtoPV+gVJygBeFIJ3mgmuhHIbR2he7/jcnKO0Spy2Dc4GF
KDpxndzpaNoY3w==
-----END CERTIFICATE-----