Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
File:                     i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft (raw, json)
Hash identifier:          iw4sFO8MHS0dsPtGFA0ZVqvvYJVUPNhpTGOg6M3hl/4=
Subject key identifier:   00:E6:94:01:8E:79:3C:6A:2C:82:46:9A:67:7A:97:A7:1D:47:BA:51
Authority key identifier: 8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24
Certificate issuer:       /CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
Certificate serial:       019D39AE9EECBFBDE078190158C9E9DA7116
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
Manifest number:          0D67
Signing time:             Sun 29 Mar 2026 13:00:38 +0000
Manifest this update:     Sun 29 Mar 2026 13:00:38 +0000
Manifest next update:     Mon 30 Mar 2026 13:00:38 +0000
Files and hashes:         1: i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl (hash: ULMflSx8bk2qssXe056bN4n9q5l6rVDxe4U8OxVUXSs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:ae:9e:ec:bf:bd:e0:78:19:01:58:c9:e9:da:71:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bd8931f63579428bf08ccb199a3a98dcba6b824
        Validity
            Not Before: Mar 29 13:00:38 2026 GMT
            Not After : Mar 30 13:00:38 2026 GMT
        Subject: CN=00e694018e793c6a2c82469a677a97a71d47ba51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0f:7d:76:bc:6c:ad:1b:8b:37:d9:04:25:1d:
                    3c:f4:2e:4a:b7:9c:0a:46:3a:49:6f:a4:e8:0a:1e:
                    7c:76:43:d3:26:00:e7:94:0a:6e:99:fd:12:31:20:
                    15:0c:c3:37:c9:66:bc:fa:33:ac:64:bf:9b:4d:00:
                    d5:27:ad:16:66:5a:c0:8d:c2:66:93:0a:26:21:61:
                    f1:35:67:f5:39:ed:9c:d5:19:42:ff:10:07:4e:2d:
                    ae:37:c3:0a:b1:a8:14:11:c6:27:d1:d6:72:49:dd:
                    bd:9b:08:9c:ec:18:10:9e:8a:2e:16:fe:d5:4a:f9:
                    35:4b:96:12:ec:d5:85:94:1c:e1:2e:8a:dc:c7:dc:
                    ab:1e:de:4e:e1:08:9c:0d:7b:fc:12:d2:55:b8:89:
                    60:85:a4:95:02:fd:61:8f:25:f2:e6:01:8d:e3:db:
                    ba:be:a9:3f:41:ca:ea:7a:88:da:d5:13:46:5a:21:
                    9f:f8:b5:88:e1:a6:8d:e1:9d:82:84:8b:a4:6b:20:
                    d7:90:fe:9d:99:d7:eb:76:0a:30:a8:e8:be:f3:6c:
                    30:2a:cc:b5:c9:4a:75:4a:4b:95:4a:06:85:d4:df:
                    d7:b2:ae:0f:cd:11:41:3a:fc:6e:9b:64:63:1e:12:
                    95:02:b0:6d:cf:92:f4:7a:39:44:54:1b:c2:fc:49:
                    f5:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:E6:94:01:8E:79:3C:6A:2C:82:46:9A:67:7A:97:A7:1D:47:BA:51
            X509v3 Authority Key Identifier:
                keyid:8B:D8:93:1F:63:57:94:28:BF:08:CC:B1:99:A3:A9:8D:CB:A6:B8:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9iTH2NXlCi_CMyxmaOpjcumuCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7ac7bb-21dc-4a11-9791-4ee16d6c80a6/1/i9iTH2NXlCi_CMyxmaOpjcumuCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:61:96:1d:ec:81:a3:1e:44:94:9c:72:ba:8a:10:c1:72:e6:
         4c:8f:c3:d2:61:ef:25:74:2e:9b:3c:cf:6b:c4:05:7b:e2:97:
         f7:45:6b:1a:b6:e0:4d:e4:b7:ec:0b:dc:94:cd:4e:34:c5:4d:
         a5:23:94:e0:92:da:50:59:54:70:3c:4e:85:22:3e:5f:73:f5:
         a9:a7:2d:a5:8b:b4:cf:9b:51:86:05:99:c6:10:7b:c4:44:ff:
         9e:5d:fd:70:b3:2d:9a:9b:f2:56:44:88:35:3d:b3:0a:99:bf:
         f9:a4:f4:2e:28:26:a9:98:e1:75:e9:e7:55:6f:bc:7b:db:9d:
         cb:9f:03:35:fc:05:32:54:ca:cd:09:3a:94:10:95:9a:91:3e:
         9a:2e:92:39:5c:38:ab:ec:fe:f2:78:0c:e3:8a:1d:8e:ff:4b:
         24:1d:c4:f5:9c:6e:14:92:0b:ae:da:42:e1:57:5f:1c:11:d7:
         16:c4:b9:dc:0c:2e:61:53:ff:b9:4a:86:fd:3f:83:be:fb:0d:
         df:4d:1b:6f:b4:0d:7a:db:38:a4:64:6e:77:78:f2:66:c0:ec:
         fb:80:21:3b:58:9c:34:6d:b1:2d:f0:59:a7:1e:8a:eb:35:6e:
         fb:fc:61:73:77:36:1e:15:0d:2e:7f:6f:87:ef:70:ea:8b:53:
         91:5d:87:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rp7sv73geBkBWMnp2nEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDg5MzFmNjM1Nzk0MjhiZjA4Y2NiMTk5YTNhOThkY2Jh
NmI4MjQwHhcNMjYwMzI5MTMwMDM4WhcNMjYwMzMwMTMwMDM4WjAzMTEwLwYDVQQD
EygwMGU2OTQwMThlNzkzYzZhMmM4MjQ2OWE2NzdhOTdhNzFkNDdiYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQ99drxsrRuLN9kEJR089C5Kt5wK
RjpJb6ToCh58dkPTJgDnlApumf0SMSAVDMM3yWa8+jOsZL+bTQDVJ60WZlrAjcJm
kwomIWHxNWf1Oe2c1RlC/xAHTi2uN8MKsagUEcYn0dZySd29mwic7BgQnoouFv7V
Svk1S5YS7NWFlBzhLorcx9yrHt5O4QicDXv8EtJVuIlghaSVAv1hjyXy5gGN49u6
vqk/Qcrqeoja1RNGWiGf+LWI4aaN4Z2ChIukayDXkP6dmdfrdgowqOi+82wwKsy1
yUp1SkuVSgaF1N/Xsq4PzRFBOvxum2RjHhKVArBtz5L0ejlEVBvC/En1cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADmlAGOeTxqLIJGmmd6l6cdR7pRMB8GA1UdIwQY
MBaAFIvYkx9jV5QovwjMsZmjqY3LprgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEt
NGVlMTZkNmM4MGE2LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWM3YmItMjFkYy00YTExLTk3OTEtNGVlMTZkNmM4MGE2
LzEvaTlpVEgyTlhsQ2lfQ015eG1hT3BqY3VtdUNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2GWHeyB
ox5ElJxyuooQwXLmTI/D0mHvJXQumzzPa8QFe+KX90VrGrbgTeS37AvclM1ONMVN
pSOU4JLaUFlUcDxOhSI+X3P1qactpYu0z5tRhgWZxhB7xET/nl39cLMtmpvyVkSI
NT2zCpm/+aT0LigmqZjhdennVW+8e9udy58DNfwFMlTKzQk6lBCVmpE+mi6SOVw4
q+z+8ngM44odjv9LJB3E9ZxuFJILrtpC4VdfHBHXFsS53AwuYVP/uUqG/T+DvvsN
300bb7QNets4pGRud3jyZsDs+4AhO1icNG2xLfBZpx6K6zVu+/xhc3c2HhUNLn9v
h+9w6otTkV2H0g==
-----END CERTIFICATE-----