Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          5tpIpKc/cKPeJsRqeEjpTMB46E1OQe6mI6iRnyU+GP0=
Subject key identifier:   2F:49:77:3D:A7:18:D9:99:19:C2:71:13:65:28:FB:69:63:6F:26:3F
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       019D38D31E2AA580C55C85F3645A7F045AF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          0F0B
Signing time:             Sun 29 Mar 2026 09:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:53 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: wOnOcoEwwSIWKWbWWxAdrYEtNaxfuRkOMq3CrFfTHDY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:1e:2a:a5:80:c5:5c:85:f3:64:5a:7f:04:5a:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: Mar 29 09:00:53 2026 GMT
            Not After : Mar 30 09:00:53 2026 GMT
        Subject: CN=2f49773da718d99919c271136528fb69636f263f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:af:98:b0:34:89:2f:c5:c1:8f:37:21:88:48:
                    02:95:e4:c0:38:ca:ec:b0:01:74:55:e5:e1:d3:65:
                    f5:e0:c3:38:53:bf:53:aa:fc:44:94:fa:8a:23:5d:
                    22:60:13:55:88:ae:aa:de:79:25:f5:cb:a5:f0:a0:
                    35:ea:89:3c:f9:28:2e:e7:31:8a:2a:9b:f2:07:52:
                    85:c2:8f:03:32:b5:63:2b:10:ee:46:f1:24:9b:ff:
                    6f:5d:38:0f:72:0a:3f:10:a0:35:ae:51:87:e1:67:
                    e8:08:f9:c2:ea:a3:d8:a3:a1:52:17:6b:50:62:c1:
                    3f:3c:03:bc:f9:9d:6a:71:eb:cc:bd:7b:a3:3b:ef:
                    be:53:b6:07:67:08:f2:3e:4c:91:0d:01:0a:1b:3c:
                    06:3d:4c:3c:ce:52:e5:ac:76:a6:ad:9c:e3:98:91:
                    77:3f:a4:de:d0:f9:2d:74:60:d8:08:1a:b6:da:f2:
                    4c:5f:62:cf:14:d1:ce:29:75:0f:74:f3:c5:cf:fc:
                    7e:6a:a8:c1:14:c5:88:57:50:69:9c:f7:d9:27:00:
                    9c:34:02:af:32:f2:3e:85:63:cf:3c:dd:5c:68:8d:
                    31:da:16:d4:25:a8:34:b3:24:b1:7d:8f:fb:9c:b4:
                    05:ce:ae:d9:6f:2f:c5:da:58:6a:b2:be:02:1d:ee:
                    e4:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:49:77:3D:A7:18:D9:99:19:C2:71:13:65:28:FB:69:63:6F:26:3F
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:b1:ab:f8:51:ca:df:8b:b0:24:68:3f:43:73:90:98:da:59:
         be:7d:10:e1:cf:06:46:dc:fe:34:83:c1:67:7d:e3:e9:49:57:
         a1:4b:b0:11:ef:68:05:ee:ea:08:40:d3:fc:12:5d:2e:f3:f7:
         39:3f:d2:cf:4d:a3:c8:e8:2f:0b:71:23:83:f8:d7:a8:5c:14:
         d5:d0:d8:a4:71:1f:5c:04:96:3b:d8:8b:c1:50:53:77:85:44:
         a2:c6:ac:12:23:a8:15:57:ba:4e:20:62:f0:3e:db:bf:68:0b:
         9d:8b:88:22:91:06:2d:05:3e:a7:ad:27:ee:3f:2b:a6:ba:7d:
         2c:33:87:22:c9:e1:8d:74:d8:61:64:96:f9:a8:f5:0f:b3:0a:
         c3:ba:28:0a:dc:39:d5:bd:53:63:55:64:e8:58:27:c3:0e:91:
         b4:55:0d:66:0a:89:6d:ca:b0:f7:e6:8b:cb:b3:3a:f5:98:0e:
         9e:b8:dd:fe:5d:18:b8:5c:f6:45:d7:43:75:87:44:53:b2:bb:
         15:36:44:c1:03:45:be:50:31:93:21:05:73:09:47:20:13:db:
         e2:b4:98:9d:02:20:9f:f2:62:07:19:85:7d:73:8f:d3:65:4a:
         94:2b:af:c1:11:44:e0:ed:28:26:9b:9d:fb:4b:56:01:ef:6c:
         a3:1d:b0:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040x4qpYDFXIXzZFp/BFryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjYwMzI5MDkwMDUzWhcNMjYwMzMwMDkwMDUzWjAzMTEwLwYDVQQD
EygyZjQ5NzczZGE3MThkOTk5MTljMjcxMTM2NTI4ZmI2OTYzNmYyNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzq+YsDSJL8XBjzchiEgCleTAOMrs
sAF0VeXh02X14MM4U79TqvxElPqKI10iYBNViK6q3nkl9cul8KA16ok8+Sgu5zGK
KpvyB1KFwo8DMrVjKxDuRvEkm/9vXTgPcgo/EKA1rlGH4WfoCPnC6qPYo6FSF2tQ
YsE/PAO8+Z1qcevMvXujO+++U7YHZwjyPkyRDQEKGzwGPUw8zlLlrHamrZzjmJF3
P6Te0PktdGDYCBq22vJMX2LPFNHOKXUPdPPFz/x+aqjBFMWIV1BpnPfZJwCcNAKv
MvI+hWPPPN1caI0x2hbUJag0sySxfY/7nLQFzq7Zby/F2lhqsr4CHe7kwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC9Jdz2nGNmZGcJxE2Uo+2ljbyY/MB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAULGr+FHK
34uwJGg/Q3OQmNpZvn0Q4c8GRtz+NIPBZ33j6UlXoUuwEe9oBe7qCEDT/BJdLvP3
OT/Sz02jyOgvC3Ejg/jXqFwU1dDYpHEfXASWO9iLwVBTd4VEosasEiOoFVe6TiBi
8D7bv2gLnYuIIpEGLQU+p60n7j8rprp9LDOHIsnhjXTYYWSW+aj1D7MKw7ooCtw5
1b1TY1Vk6Fgnww6RtFUNZgqJbcqw9+aLy7M69ZgOnrjd/l0YuFz2RddDdYdEU7K7
FTZEwQNFvlAxkyEFcwlHIBPb4rSYnQIgn/JiBxmFfXOP02VKlCuvwRFE4O0oJpud
+0tWAe9sox2wlw==
-----END CERTIFICATE-----