Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/e06dcf-b520-4b65-9cac-bc61cb1f8610/1/KpKTnjuv_mq42aeWIFHYXOKjaLo.mft
File:                     KpKTnjuv_mq42aeWIFHYXOKjaLo.mft (raw, json)
Hash identifier:          ce+8IvEg/D6Hh1sZsIdwpxZW6rumsk9AVytDBVP3zq8=
Subject key identifier:   40:23:9F:C9:51:1B:2B:E8:65:3E:19:AD:23:D9:39:D0:7F:6C:CC:05
Authority key identifier: 2A:92:93:9E:3B:AF:FE:6A:B8:D9:A7:96:20:51:D8:5C:E2:A3:68:BA
Certificate issuer:       /CN=2a92939e3baffe6ab8d9a7962051d85ce2a368ba
Certificate serial:       019D39E5EC424E959D178B2C20BDBCB56E3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KpKTnjuv_mq42aeWIFHYXOKjaLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/e06dcf-b520-4b65-9cac-bc61cb1f8610/1/KpKTnjuv_mq42aeWIFHYXOKjaLo.mft
Manifest number:          A3
Signing time:             Sun 29 Mar 2026 14:01:02 +0000
Manifest this update:     Sun 29 Mar 2026 14:01:02 +0000
Manifest next update:     Mon 30 Mar 2026 14:01:02 +0000
Files and hashes:         1: KpKTnjuv_mq42aeWIFHYXOKjaLo.crl (hash: siIJZ2aKwCE3vnXVOq/lqof73WCFv8cmbnKqaytSxpg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/e06dcf-b520-4b65-9cac-bc61cb1f8610/1/KpKTnjuv_mq42aeWIFHYXOKjaLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/e06dcf-b520-4b65-9cac-bc61cb1f8610/1/KpKTnjuv_mq42aeWIFHYXOKjaLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KpKTnjuv_mq42aeWIFHYXOKjaLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 14:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:e5:ec:42:4e:95:9d:17:8b:2c:20:bd:bc:b5:6e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a92939e3baffe6ab8d9a7962051d85ce2a368ba
        Validity
            Not Before: Mar 29 14:01:02 2026 GMT
            Not After : Mar 30 14:01:02 2026 GMT
        Subject: CN=40239fc9511b2be8653e19ad23d939d07f6ccc05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:c9:dd:f4:78:69:b6:f4:5b:f9:43:38:40:7f:
                    6b:7a:a6:fd:a1:a7:b8:58:b9:bd:17:b7:dc:63:c1:
                    76:ea:26:24:57:48:4a:4c:cb:5b:5f:3a:2c:99:bc:
                    d4:c0:3a:38:f4:82:49:06:2d:30:55:14:eb:97:3f:
                    10:44:0a:af:84:ec:f3:15:48:62:27:f0:45:36:2a:
                    92:bc:c5:61:b3:9c:b6:18:2f:cf:d5:12:48:cf:31:
                    07:f0:25:2e:e3:2c:b6:55:5e:5f:96:22:75:13:f9:
                    66:d2:44:f4:17:ed:f9:d0:17:28:7a:07:68:b9:ab:
                    84:52:f8:65:30:7e:9c:8d:be:a5:44:0a:f5:c9:a7:
                    09:1f:eb:92:84:c7:1b:86:67:27:2b:37:f6:72:60:
                    c2:4d:12:6b:88:ba:9d:8f:de:ee:e8:fa:73:76:6e:
                    1f:c3:e9:e6:4f:3c:9f:50:b0:d9:a9:e7:36:50:96:
                    eb:ba:52:21:22:81:82:8d:a6:41:ec:20:47:c6:05:
                    dd:c8:26:69:27:56:7c:9f:52:c4:7f:fa:e5:28:67:
                    26:5e:7e:0b:7f:de:d6:68:41:33:08:17:62:18:fa:
                    27:63:d4:f0:5a:68:70:7e:9a:c2:76:5b:52:f4:dd:
                    6e:26:70:38:4e:56:50:c3:3e:41:3c:ce:33:cd:6f:
                    5e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:23:9F:C9:51:1B:2B:E8:65:3E:19:AD:23:D9:39:D0:7F:6C:CC:05
            X509v3 Authority Key Identifier:
                keyid:2A:92:93:9E:3B:AF:FE:6A:B8:D9:A7:96:20:51:D8:5C:E2:A3:68:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpKTnjuv_mq42aeWIFHYXOKjaLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e06dcf-b520-4b65-9cac-bc61cb1f8610/1/KpKTnjuv_mq42aeWIFHYXOKjaLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e06dcf-b520-4b65-9cac-bc61cb1f8610/1/KpKTnjuv_mq42aeWIFHYXOKjaLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:7d:64:1f:05:8a:ed:05:64:dc:9d:64:37:96:77:59:35:ae:
         f1:65:a5:d6:6f:f6:e5:dd:aa:7e:5b:61:66:45:15:25:93:db:
         28:81:8c:01:cc:82:93:4a:08:d8:d8:74:42:74:75:c7:ff:99:
         3d:b3:81:56:11:03:eb:2f:66:b9:dc:34:e6:44:18:b3:70:bc:
         6c:6d:8a:2b:49:ca:29:b3:eb:51:f2:91:08:bc:96:89:8a:03:
         0f:2c:c3:3f:c5:31:4b:c9:22:f8:9b:63:10:e4:d6:75:ce:f7:
         79:e5:90:5c:86:d6:04:26:d9:d6:86:7e:bb:a1:ee:73:fb:7e:
         67:6c:55:2c:29:85:2c:03:0d:51:ba:11:9b:69:8a:cd:88:66:
         fd:d4:f3:ee:29:38:7c:6e:48:f0:e3:d0:7b:f8:bd:cc:d5:b0:
         07:15:91:19:c1:34:65:02:63:2b:a7:48:6a:85:4f:ed:17:7d:
         ea:54:f2:14:7a:fe:94:71:37:f3:9d:0f:ed:7a:8f:51:93:ef:
         40:7d:d6:99:cc:42:1e:37:cb:de:54:0e:ad:93:ab:be:fe:e1:
         7d:e0:9c:80:3c:fe:6b:ec:00:ce:af:e3:08:8e:07:d4:aa:66:
         b1:6e:15:ea:d7:4f:69:28:f3:0e:2c:1a:be:31:00:1f:ea:e7:
         ee:e3:2b:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ055exCTpWdF4ssIL28tW49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTI5MzllM2JhZmZlNmFiOGQ5YTc5NjIwNTFkODVjZTJh
MzY4YmEwHhcNMjYwMzI5MTQwMTAyWhcNMjYwMzMwMTQwMTAyWjAzMTEwLwYDVQQD
Eyg0MDIzOWZjOTUxMWIyYmU4NjUzZTE5YWQyM2Q5MzlkMDdmNmNjYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38nd9HhptvRb+UM4QH9reqb9oae4
WLm9F7fcY8F26iYkV0hKTMtbXzosmbzUwDo49IJJBi0wVRTrlz8QRAqvhOzzFUhi
J/BFNiqSvMVhs5y2GC/P1RJIzzEH8CUu4yy2VV5fliJ1E/lm0kT0F+350Bcoegdo
uauEUvhlMH6cjb6lRAr1yacJH+uShMcbhmcnKzf2cmDCTRJriLqdj97u6Ppzdm4f
w+nmTzyfULDZqec2UJbrulIhIoGCjaZB7CBHxgXdyCZpJ1Z8n1LEf/rlKGcmXn4L
f97WaEEzCBdiGPonY9TwWmhwfprCdltS9N1uJnA4TlZQwz5BPM4zzW9ehwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEAjn8lRGyvoZT4ZrSPZOdB/bMwFMB8GA1UdIwQY
MBaAFCqSk547r/5quNmnliBR2Fzio2i6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BLVG5qdXZfbXE0MmFlV0lGSFlYT0tqYUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9lMDZkY2YtYjUyMC00YjY1LTljYWMt
YmM2MWNiMWY4NjEwLzEvS3BLVG5qdXZfbXE0MmFlV0lGSFlYT0tqYUxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9lMDZkY2YtYjUyMC00YjY1LTljYWMtYmM2MWNiMWY4NjEw
LzEvS3BLVG5qdXZfbXE0MmFlV0lGSFlYT0tqYUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ31kHwWK
7QVk3J1kN5Z3WTWu8WWl1m/25d2qflthZkUVJZPbKIGMAcyCk0oI2Nh0QnR1x/+Z
PbOBVhED6y9mudw05kQYs3C8bG2KK0nKKbPrUfKRCLyWiYoDDyzDP8UxS8ki+Jtj
EOTWdc73eeWQXIbWBCbZ1oZ+u6Huc/t+Z2xVLCmFLAMNUboRm2mKzYhm/dTz7ik4
fG5I8OPQe/i9zNWwBxWRGcE0ZQJjK6dIaoVP7Rd96lTyFHr+lHE3850P7XqPUZPv
QH3WmcxCHjfL3lQOrZOrvv7hfeCcgDz+a+wAzq/jCI4H1KpmsW4V6tdPaSjzDiwa
vjEAH+rn7uMrhQ==
-----END CERTIFICATE-----