Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          kuzFz44egQGOJ2dGzEdIjdCJF2QjTIsHb9JfyvuVrK0=
Subject key identifier:   10:7C:B2:CB:5D:6C:22:8E:61:4F:5E:EC:94:F8:12:32:91:91:63:29
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       019D3865706BE849FDBB457E7AD216A77B44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          13DA
Signing time:             Sun 29 Mar 2026 07:01:05 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:05 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:05 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: h2KuiYP6YMuDr6zv/OOJ4jRlZgUuPL/Ct+7kFDWXmjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:70:6b:e8:49:fd:bb:45:7e:7a:d2:16:a7:7b:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Mar 29 07:01:05 2026 GMT
            Not After : Mar 30 07:01:05 2026 GMT
        Subject: CN=107cb2cb5d6c228e614f5eec94f8123291916329
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e0:3b:85:e4:ed:46:2d:d3:35:94:15:66:09:
                    b5:6a:9b:cd:01:c4:2e:70:9a:17:d3:cd:b3:b9:37:
                    bd:cf:7b:71:5e:68:7e:69:70:f8:70:c4:aa:36:e8:
                    86:69:7f:28:ff:15:f2:51:2d:a7:48:08:a2:f9:d9:
                    89:16:8b:11:59:6c:83:6d:a1:61:f6:72:af:bd:7f:
                    8e:04:b2:77:fd:14:eb:99:29:45:42:ee:d6:7e:b3:
                    d1:cc:b2:05:87:cc:51:d7:3f:b5:a9:e0:06:95:50:
                    28:f3:d1:f5:ff:8f:af:47:5a:b4:1f:cc:0a:de:7a:
                    74:d0:b0:a2:14:93:79:4e:ab:10:a0:36:b3:53:11:
                    d7:c2:0b:73:1e:8a:ce:56:f6:e3:50:b3:48:d2:8c:
                    8a:f1:09:7f:31:63:68:dc:74:e7:ab:29:41:57:9a:
                    7d:37:aa:e8:43:2c:99:f4:e3:c7:6b:f9:58:77:5f:
                    d3:aa:31:3a:6b:03:0e:e6:e5:dd:00:e2:2c:d5:b2:
                    53:f1:ec:70:d7:03:09:26:46:c2:9c:36:bb:1b:b7:
                    68:3c:eb:ce:1a:51:f2:85:b2:dc:c5:78:18:3c:2b:
                    ab:4f:38:b3:97:4a:36:6e:5f:81:47:33:0f:ac:f8:
                    8f:e5:c8:7c:0c:e7:53:52:49:7e:71:bc:da:16:2d:
                    3c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:7C:B2:CB:5D:6C:22:8E:61:4F:5E:EC:94:F8:12:32:91:91:63:29
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:fd:06:5c:b0:39:b7:45:11:22:6c:9b:f3:f0:25:01:f7:ab:
         a9:dd:0e:a1:5c:46:0e:4b:10:2a:7a:30:4a:2c:cc:37:a2:03:
         73:b2:6f:2f:31:1d:58:d7:df:7e:d5:73:e9:07:ef:31:76:44:
         45:92:d0:35:70:f2:c0:f5:49:2c:2f:bb:6c:96:8a:4b:22:76:
         a8:a5:8c:93:94:c6:fa:d1:7c:e9:82:84:cf:46:78:7d:5c:5e:
         a5:9b:99:f4:d7:72:ef:4e:24:b5:24:dc:f9:05:f0:fb:ee:50:
         21:03:e6:78:4a:08:50:bd:02:be:62:c7:0a:f5:69:a0:23:a9:
         4d:0c:6e:9f:88:83:3a:de:c5:08:fe:22:e6:45:d5:54:28:1e:
         3e:89:97:1c:40:6f:4d:f6:6e:e7:55:35:1b:1d:c0:86:98:2b:
         b0:78:8f:76:83:57:fc:c6:b0:5b:7e:4c:7a:7a:8a:f6:7f:4e:
         55:6f:5c:92:98:63:31:2f:13:12:83:90:fe:bd:42:42:4b:c5:
         6e:fe:43:7e:62:53:99:79:ec:d1:27:ec:b5:51:87:fd:b0:d0:
         85:bf:35:1e:11:d2:75:0e:c9:fd:ba:fa:ad:57:1d:be:9f:ec:
         54:14:a6:d0:02:93:c3:61:c2:86:77:fd:a2:da:99:9b:0d:d0:
         1f:d5:61:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXBr6En9u0V+etIWp3tEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjYwMzI5MDcwMTA1WhcNMjYwMzMwMDcwMTA1WjAzMTEwLwYDVQQD
EygxMDdjYjJjYjVkNmMyMjhlNjE0ZjVlZWM5NGY4MTIzMjkxOTE2MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+A7heTtRi3TNZQVZgm1apvNAcQu
cJoX082zuTe9z3txXmh+aXD4cMSqNuiGaX8o/xXyUS2nSAii+dmJFosRWWyDbaFh
9nKvvX+OBLJ3/RTrmSlFQu7WfrPRzLIFh8xR1z+1qeAGlVAo89H1/4+vR1q0H8wK
3np00LCiFJN5TqsQoDazUxHXwgtzHorOVvbjULNI0oyK8Ql/MWNo3HTnqylBV5p9
N6roQyyZ9OPHa/lYd1/TqjE6awMO5uXdAOIs1bJT8exw1wMJJkbCnDa7G7doPOvO
GlHyhbLcxXgYPCurTzizl0o2bl+BRzMPrPiP5ch8DOdTUkl+cbzaFi08JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBB8sstdbCKOYU9e7JT4EjKRkWMpMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZP0GXLA5
t0URImyb8/AlAferqd0OoVxGDksQKnowSizMN6IDc7JvLzEdWNffftVz6QfvMXZE
RZLQNXDywPVJLC+7bJaKSyJ2qKWMk5TG+tF86YKEz0Z4fVxepZuZ9Ndy704ktSTc
+QXw++5QIQPmeEoIUL0CvmLHCvVpoCOpTQxun4iDOt7FCP4i5kXVVCgePomXHEBv
TfZu51U1Gx3AhpgrsHiPdoNX/MawW35MenqK9n9OVW9ckphjMS8TEoOQ/r1CQkvF
bv5DfmJTmXns0SfstVGH/bDQhb81HhHSdQ7J/br6rVcdvp/sVBSm0AKTw2HChnf9
otqZmw3QH9VhRg==
-----END CERTIFICATE-----