Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
File:                     pnUQ3cUswCV-TCVS9b1XVURUxgs.mft (raw, json)
Hash identifier:          uj+2Fv+vmSRSmE6R7OKxk4mAFweBIToaUat3ilb5t9k=
Subject key identifier:   23:0D:27:4E:B7:8E:E5:85:FA:22:41:5D:CB:84:93:DD:5D:F7:0E:5A
Authority key identifier: A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B
Certificate issuer:       /CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
Certificate serial:       019D3909F13C5C5B1921927DE226A897D9D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
Manifest number:          080D
Signing time:             Sun 29 Mar 2026 10:00:45 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:45 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:45 +0000
Files and hashes:         1: pnUQ3cUswCV-TCVS9b1XVURUxgs.crl (hash: 0nJQsb5r+CR1gJmmWdPeObQmDSUnfhHUODzbCX4ih20=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:f1:3c:5c:5b:19:21:92:7d:e2:26:a8:97:d9:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67510ddc52cc0257e4c2552f5bd57554454c60b
        Validity
            Not Before: Mar 29 10:00:45 2026 GMT
            Not After : Mar 30 10:00:45 2026 GMT
        Subject: CN=230d274eb78ee585fa22415dcb8493dd5df70e5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:dc:e1:04:29:3f:d3:e6:41:9e:cf:ec:bd:95:
                    9a:0e:96:69:7c:96:c6:30:46:46:60:80:2a:f3:ef:
                    b4:41:18:1c:f7:4a:2e:a6:4a:ad:e2:34:c2:1d:ba:
                    e1:8a:85:da:6f:4e:8b:df:e4:a3:5b:44:0d:cf:50:
                    9e:7b:34:6a:87:4a:21:0c:c3:fe:61:42:ae:5b:3b:
                    ae:0c:c2:7d:b5:13:f7:aa:d1:28:a1:e9:59:38:39:
                    54:13:3c:dd:36:b5:5e:2a:8c:46:b1:02:9c:d4:51:
                    b6:48:37:8a:19:27:11:8d:38:69:94:be:4b:e8:e1:
                    75:06:42:da:81:be:cd:1d:0a:6c:9c:e0:2a:4c:81:
                    3b:f9:cc:4b:27:4d:cf:f7:cf:f6:41:cf:8c:f3:c7:
                    d5:46:54:96:c8:7e:09:98:39:16:59:38:16:7d:50:
                    f9:d9:cf:78:9d:a5:44:4c:9b:65:fb:e6:0b:f0:d4:
                    d5:61:02:2f:c7:15:66:e4:9c:22:5b:74:51:e9:2d:
                    f7:b2:e9:3f:3a:69:21:fd:b0:c2:66:3e:ff:c6:c1:
                    c1:80:44:84:73:0d:6e:d2:89:4a:34:4d:07:9d:6e:
                    ef:77:a4:b7:c7:e8:f6:21:27:ea:61:7d:df:e1:79:
                    b8:0a:dc:f0:fa:70:73:e9:e8:31:5a:ba:f2:2a:34:
                    19:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:0D:27:4E:B7:8E:E5:85:FA:22:41:5D:CB:84:93:DD:5D:F7:0E:5A
            X509v3 Authority Key Identifier:
                keyid:A6:75:10:DD:C5:2C:C0:25:7E:4C:25:52:F5:BD:57:55:44:54:C6:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnUQ3cUswCV-TCVS9b1XVURUxgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/e31f78-68bb-4729-bd65-60d255be0479/1/pnUQ3cUswCV-TCVS9b1XVURUxgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:28:d6:26:5f:f8:4c:d0:d9:ae:f4:ee:3a:a1:10:c1:58:3b:
         ea:20:7d:bd:d4:81:25:a3:61:55:46:5d:0e:35:d8:04:ff:cc:
         0f:91:4f:65:a5:a3:4e:7e:5e:eb:8c:c7:e1:8f:8f:18:b5:6a:
         40:99:d1:ac:a9:13:5e:ea:9f:a2:8f:01:99:e0:dc:01:e6:5d:
         a4:52:21:2d:ee:6a:82:9a:cf:fe:9d:23:1e:f7:cc:4f:cf:dd:
         06:68:73:6c:bc:b4:0d:bc:df:cf:bb:9a:b0:c7:24:7f:d1:18:
         af:bc:e8:bc:10:4f:0e:19:fa:4a:1d:ad:b5:19:bc:a9:41:89:
         f3:17:bd:2b:65:86:e2:26:13:74:38:55:fd:39:1a:8b:db:65:
         4e:34:6e:e4:40:5f:9a:ef:55:99:8c:35:ab:0c:d6:ef:5d:a8:
         fd:84:4c:e6:f0:e0:5b:77:3c:2b:79:a2:66:ab:2c:ed:32:ef:
         a5:63:f4:fa:d7:19:dd:c8:51:73:8b:6b:1f:d6:10:8a:e3:0e:
         fd:c3:6b:4e:89:9f:82:a1:e5:b6:c6:a4:d0:52:ca:2a:e6:e1:
         66:7a:db:2c:ab:54:71:c2:0d:77:6a:5d:53:b0:18:db:21:88:
         fd:cf:ac:ba:81:bd:6d:13:c2:ba:56:60:19:c2:92:b3:39:17:
         7f:46:c0:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CfE8XFsZIZJ94iaol9nWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NzUxMGRkYzUyY2MwMjU3ZTRjMjU1MmY1YmQ1NzU1NDQ1
NGM2MGIwHhcNMjYwMzI5MTAwMDQ1WhcNMjYwMzMwMTAwMDQ1WjAzMTEwLwYDVQQD
EygyMzBkMjc0ZWI3OGVlNTg1ZmEyMjQxNWRjYjg0OTNkZDVkZjcwZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdzhBCk/0+ZBns/svZWaDpZpfJbG
MEZGYIAq8++0QRgc90oupkqt4jTCHbrhioXab06L3+SjW0QNz1CeezRqh0ohDMP+
YUKuWzuuDMJ9tRP3qtEooelZODlUEzzdNrVeKoxGsQKc1FG2SDeKGScRjThplL5L
6OF1BkLagb7NHQpsnOAqTIE7+cxLJ03P98/2Qc+M88fVRlSWyH4JmDkWWTgWfVD5
2c94naVETJtl++YL8NTVYQIvxxVm5JwiW3RR6S33suk/Omkh/bDCZj7/xsHBgESE
cw1u0olKNE0HnW7vd6S3x+j2ISfqYX3f4Xm4Ctzw+nBz6egxWrryKjQZUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCMNJ063juWF+iJBXcuEk91d9w5aMB8GA1UdIwQY
MBaAFKZ1EN3FLMAlfkwlUvW9V1VEVMYLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUt
NjBkMjU1YmUwNDc5LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9lMzFmNzgtNjhiYi00NzI5LWJkNjUtNjBkMjU1YmUwNDc5
LzEvcG5VUTNjVXN3Q1YtVENWUzliMVhWVVJVeGdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJijWJl/4
TNDZrvTuOqEQwVg76iB9vdSBJaNhVUZdDjXYBP/MD5FPZaWjTn5e64zH4Y+PGLVq
QJnRrKkTXuqfoo8BmeDcAeZdpFIhLe5qgprP/p0jHvfMT8/dBmhzbLy0Dbzfz7ua
sMckf9EYr7zovBBPDhn6Sh2ttRm8qUGJ8xe9K2WG4iYTdDhV/Tkai9tlTjRu5EBf
mu9VmYw1qwzW712o/YRM5vDgW3c8K3miZqss7TLvpWP0+tcZ3chRc4trH9YQiuMO
/cNrTomfgqHltsak0FLKKubhZnrbLKtUccINd2pdU7AY2yGI/c+suoG9bRPCulZg
GcKSszkXf0bATw==
-----END CERTIFICATE-----