Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          MTU2FEDZzNTjtkFXcgwC+ieCjkYbUB7uteOeYxl+JzA=
Subject key identifier:   46:A2:A3:63:E6:3E:9C:4B:CE:A5:96:40:51:BB:78:5D:30:0D:44:18
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       019D38D2B75B7642AFE406BB7AC68F33C537
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0D69
Signing time:             Sun 29 Mar 2026 09:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 09:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 09:00:26 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: hN4vI0EPhIndn2pXV0l/lRvmsElcDZlZYEf+LcPjPok=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d2:b7:5b:76:42:af:e4:06:bb:7a:c6:8f:33:c5:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Mar 29 09:00:26 2026 GMT
            Not After : Mar 30 09:00:26 2026 GMT
        Subject: CN=46a2a363e63e9c4bcea5964051bb785d300d4418
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:47:6a:9a:84:48:13:7a:b1:d6:52:1a:de:3c:
                    7f:06:a4:76:dd:38:b4:d4:6e:51:28:88:15:13:09:
                    fe:53:99:7f:2b:26:b3:17:ff:85:8f:97:3c:5d:93:
                    68:f2:94:5a:56:81:90:b1:09:02:c1:eb:6d:f9:3c:
                    66:6b:38:3f:5d:7b:b3:8f:50:48:4a:30:07:fa:d4:
                    4a:66:5a:b7:48:9a:8e:39:c3:b1:54:fb:c2:a1:a6:
                    c3:44:29:6d:ee:e2:2b:9b:da:63:d3:34:c7:31:65:
                    30:fd:8e:72:19:d3:df:dc:22:39:94:85:06:11:fa:
                    ef:06:8d:32:52:a7:3c:be:31:34:29:21:3a:ca:c5:
                    34:9e:55:6c:4c:ce:4e:15:81:ef:aa:f0:58:4e:62:
                    fc:0a:01:c9:3a:45:5f:31:0b:6a:bd:c4:ff:cd:81:
                    92:b4:e6:88:3a:b9:5f:37:b2:2e:64:ec:98:0e:0e:
                    b3:93:47:59:b9:5d:be:0f:2f:7b:2a:c7:09:3c:be:
                    6b:25:92:0d:50:d5:30:21:ec:11:7a:40:90:ab:6f:
                    22:38:90:e5:77:c2:c3:93:9a:a5:e0:0b:34:ae:eb:
                    b5:6b:9e:ee:2c:7d:3f:40:57:cc:38:6c:76:b8:cc:
                    84:b6:16:3f:c5:da:a0:62:2d:aa:90:4b:4a:95:11:
                    29:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:A2:A3:63:E6:3E:9C:4B:CE:A5:96:40:51:BB:78:5D:30:0D:44:18
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:f5:17:ea:04:65:95:09:4b:7c:bf:fe:b9:b3:57:71:32:df:
         bd:ac:cf:cd:89:d9:24:d8:21:f5:1a:f4:52:9c:33:da:83:af:
         47:a5:e9:e4:b9:bc:96:e1:1e:cc:72:b5:35:5b:df:b5:d6:15:
         f4:47:80:6e:fe:07:bd:ad:fd:65:b3:36:54:4e:e9:94:95:c3:
         ef:51:28:69:61:3f:d9:52:b3:05:84:59:23:05:94:09:97:e2:
         fd:25:a6:04:5f:8f:ff:ce:38:66:cb:7e:20:9e:c4:3b:e0:33:
         32:fd:cf:a5:3b:e6:d2:f2:db:10:9d:16:a9:9b:55:ac:be:8e:
         0b:dc:bc:1c:7d:7c:65:ae:89:e8:29:a3:47:95:ad:6f:69:34:
         01:9a:35:79:51:aa:33:cf:09:7b:d5:56:67:26:cd:fa:47:b4:
         8a:c1:9d:be:64:c9:67:e3:70:dc:34:7d:03:47:06:16:34:36:
         f1:98:b2:3a:7b:31:c9:bb:a5:d6:7b:26:55:7f:07:ae:ff:f4:
         f0:4b:49:49:e5:5e:e8:28:a3:15:e0:29:ff:e2:73:dd:da:0f:
         47:ed:33:f5:a9:0b:15:0f:40:80:f5:81:99:6c:a6:fa:d8:87:
         38:1d:b8:57:c0:75:1d:2f:73:fa:bb:ae:b9:9d:01:bb:81:c4:
         7b:6b:06:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040rdbdkKv5Aa7esaPM8U3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjYwMzI5MDkwMDI2WhcNMjYwMzMwMDkwMDI2WjAzMTEwLwYDVQQD
Eyg0NmEyYTM2M2U2M2U5YzRiY2VhNTk2NDA1MWJiNzg1ZDMwMGQ0NDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkdqmoRIE3qx1lIa3jx/BqR23Ti0
1G5RKIgVEwn+U5l/KyazF/+Fj5c8XZNo8pRaVoGQsQkCwett+Txmazg/XXuzj1BI
SjAH+tRKZlq3SJqOOcOxVPvCoabDRClt7uIrm9pj0zTHMWUw/Y5yGdPf3CI5lIUG
EfrvBo0yUqc8vjE0KSE6ysU0nlVsTM5OFYHvqvBYTmL8CgHJOkVfMQtqvcT/zYGS
tOaIOrlfN7IuZOyYDg6zk0dZuV2+Dy97KscJPL5rJZINUNUwIewRekCQq28iOJDl
d8LDk5ql4As0ruu1a57uLH0/QFfMOGx2uMyEthY/xdqgYi2qkEtKlREpjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaio2PmPpxLzqWWQFG7eF0wDUQYMB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs/UX6gRl
lQlLfL/+ubNXcTLfvazPzYnZJNgh9Rr0Upwz2oOvR6Xp5Lm8luEezHK1NVvftdYV
9EeAbv4Hva39ZbM2VE7plJXD71EoaWE/2VKzBYRZIwWUCZfi/SWmBF+P/844Zst+
IJ7EO+AzMv3PpTvm0vLbEJ0WqZtVrL6OC9y8HH18Za6J6CmjR5Wtb2k0AZo1eVGq
M88Je9VWZybN+ke0isGdvmTJZ+Nw3DR9A0cGFjQ28ZiyOnsxybul1nsmVX8Hrv/0
8EtJSeVe6CijFeAp/+Jz3doPR+0z9akLFQ9AgPWBmWym+tiHOB24V8B1HS9z+ruu
uZ0Bu4HEe2sGIA==
-----END CERTIFICATE-----