Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          CxLd8hKuCmmMd3nDUlei9Ugn8s7kJVFMJmGd0xnsXfo=
Subject key identifier:   5A:4E:1E:94:01:A4:DD:72:8A:A1:7C:C4:17:21:DB:97:84:25:1A:9D
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       019D38658151B09F4DBF3D69D379B855E5E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0E7A
Signing time:             Sun 29 Mar 2026 07:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:09 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: /F7QCnFMrw4l2bpbsnMGy88aiucdJZAU7sXAT3qZom4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:81:51:b0:9f:4d:bf:3d:69:d3:79:b8:55:e5:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Mar 29 07:01:09 2026 GMT
            Not After : Mar 30 07:01:09 2026 GMT
        Subject: CN=5a4e1e9401a4dd728aa17cc41721db9784251a9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0b:a3:56:a1:66:25:fb:37:f3:ee:82:b8:37:
                    3c:9d:c7:f6:b3:eb:6a:6e:18:ba:8b:a9:72:e6:52:
                    1e:45:33:ac:fb:9f:6b:f6:c1:fc:86:e6:ec:d9:5e:
                    26:5b:54:33:d4:e6:d9:67:07:72:41:15:d1:e6:e2:
                    b8:57:fa:21:3a:c9:04:db:ad:15:96:a1:a9:d8:35:
                    7e:3c:5b:91:1a:2c:d1:c0:fa:34:38:e8:92:d6:9d:
                    40:e2:ba:1d:27:cd:03:4f:a2:0b:50:6f:23:e6:f1:
                    97:b0:a1:ef:cb:af:94:4f:9a:ae:85:b3:e0:9e:42:
                    fd:b5:4e:75:a7:2b:6e:fc:4e:4f:b8:d2:95:01:b3:
                    24:21:90:0b:67:58:a8:85:f7:d1:7b:93:c9:26:5f:
                    a4:33:6f:f6:50:0b:3f:41:40:36:e5:b2:65:32:78:
                    13:22:32:53:30:3f:0e:dd:4a:94:b3:a0:4d:1d:fe:
                    46:28:bc:5a:ea:8d:02:98:04:81:24:99:26:11:0a:
                    b7:f0:d2:ef:18:39:2c:11:4b:c9:11:40:5c:8e:38:
                    d9:c1:ef:a0:75:01:ef:48:a3:8f:ad:48:54:15:c5:
                    f0:1c:44:c3:f2:73:8d:f9:cc:35:bc:39:40:7e:63:
                    6e:73:61:41:16:1c:f0:c6:32:a0:08:5f:74:5a:52:
                    a8:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:4E:1E:94:01:A4:DD:72:8A:A1:7C:C4:17:21:DB:97:84:25:1A:9D
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:34:f3:13:c9:1e:37:12:a3:8c:56:d8:f4:d3:d8:e3:23:90:
         d3:41:09:39:75:d3:a7:9e:dd:7c:23:c3:f4:98:43:4f:03:c0:
         40:06:59:ec:25:66:01:04:e1:e5:18:c1:93:1c:78:de:c4:80:
         e6:b3:86:95:40:bf:d8:b3:2d:39:28:b6:da:df:36:32:32:d0:
         83:3a:cc:8e:e1:73:ef:dd:27:5b:11:61:6c:b5:5b:3b:64:7a:
         d9:c7:c1:33:4a:7d:5a:fa:e3:5e:27:1c:fd:fc:18:cb:ea:8d:
         f8:d3:02:28:08:91:1a:9a:c0:43:9c:52:9b:dd:5c:1f:df:9f:
         46:a6:3b:46:92:90:50:03:e2:92:e7:d9:e1:74:6a:13:fd:44:
         fb:79:ef:c6:15:04:8c:9b:9d:6d:67:b1:34:c0:85:33:42:7a:
         6e:1c:de:36:40:8d:9c:5c:e3:f0:94:b6:0c:b7:e2:8a:17:e3:
         e9:1c:02:1b:83:67:13:09:7d:38:a5:e2:b8:8d:4d:54:39:e0:
         df:e7:77:0b:85:ae:17:a2:84:78:69:ec:36:4c:af:98:33:9c:
         9f:6c:35:44:49:57:c6:88:b9:fa:9a:35:68:cc:8f:a9:40:af:
         00:2d:e5:95:c2:a1:36:00:43:69:1a:d0:0c:e9:9c:90:9a:6a:
         34:06:d1:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYFRsJ9Nvz1p03m4VeXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjYwMzI5MDcwMTA5WhcNMjYwMzMwMDcwMTA5WjAzMTEwLwYDVQQD
Eyg1YTRlMWU5NDAxYTRkZDcyOGFhMTdjYzQxNzIxZGI5Nzg0MjUxYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QujVqFmJfs38+6CuDc8ncf2s+tq
bhi6i6ly5lIeRTOs+59r9sH8hubs2V4mW1Qz1ObZZwdyQRXR5uK4V/ohOskE260V
lqGp2DV+PFuRGizRwPo0OOiS1p1A4rodJ80DT6ILUG8j5vGXsKHvy6+UT5quhbPg
nkL9tU51pytu/E5PuNKVAbMkIZALZ1iohffRe5PJJl+kM2/2UAs/QUA25bJlMngT
IjJTMD8O3UqUs6BNHf5GKLxa6o0CmASBJJkmEQq38NLvGDksEUvJEUBcjjjZwe+g
dQHvSKOPrUhUFcXwHETD8nON+cw1vDlAfmNuc2FBFhzwxjKgCF90WlKoJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpOHpQBpN1yiqF8xBch25eEJRqdMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADjTzE8ke
NxKjjFbY9NPY4yOQ00EJOXXTp57dfCPD9JhDTwPAQAZZ7CVmAQTh5RjBkxx43sSA
5rOGlUC/2LMtOSi22t82MjLQgzrMjuFz790nWxFhbLVbO2R62cfBM0p9WvrjXicc
/fwYy+qN+NMCKAiRGprAQ5xSm91cH9+fRqY7RpKQUAPikufZ4XRqE/1E+3nvxhUE
jJudbWexNMCFM0J6bhzeNkCNnFzj8JS2DLfiihfj6RwCG4NnEwl9OKXiuI1NVDng
3+d3C4WuF6KEeGnsNkyvmDOcn2w1RElXxoi5+po1aMyPqUCvAC3llcKhNgBDaRrQ
DOmckJpqNAbRWA==
-----END CERTIFICATE-----