Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
File:                     kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft (raw, json)
Hash identifier:          BJdvoGqvP/WgrRVzSLEXqaSDsYfLkho6AIT5NiPoIL0=
Subject key identifier:   74:11:85:6C:CB:EB:B8:0F:7A:D2:10:C7:A8:F3:37:C1:00:63:F2:45
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Certificate issuer:       /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial:       019D382E3E91A9926CABA799A668815EBAEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
Manifest number:          0FB0
Signing time:             Sun 29 Mar 2026 06:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 06:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 06:00:47 +0000
Files and hashes:         1: kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl (hash: YTdcKzM0XrQeLxfP3rMtqYiXi51FwH4FCooAGMFqUr0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 06:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:2e:3e:91:a9:92:6c:ab:a7:99:a6:68:81:5e:ba:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
        Validity
            Not Before: Mar 29 06:00:47 2026 GMT
            Not After : Mar 30 06:00:47 2026 GMT
        Subject: CN=7411856ccbebb80f7ad210c7a8f337c10063f245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c7:58:b0:2a:d9:a2:cf:d7:59:c0:9f:d6:9f:
                    00:2a:9b:89:0c:d0:4e:68:11:f1:65:90:1e:aa:ea:
                    cb:67:f8:52:9d:4d:72:d8:91:06:1c:e2:ff:6b:52:
                    26:c4:2d:89:14:72:29:5c:78:f6:c2:2b:55:bb:bd:
                    73:2c:4d:91:15:1b:d1:2a:a3:1e:fd:0d:67:dc:3a:
                    cf:0d:0b:d9:80:2d:a3:ad:61:fd:10:62:dd:68:81:
                    ba:88:6f:31:6a:eb:a7:de:dd:5c:1b:fb:f2:5f:a2:
                    7f:da:fa:ac:1f:fe:55:28:bc:da:0f:86:09:6e:e3:
                    6e:69:82:f4:e9:ad:f2:ec:cb:39:bb:62:69:1d:41:
                    c4:b2:3b:19:ec:f3:23:22:4d:5f:e9:73:4e:a4:4a:
                    6f:de:5f:24:11:d6:de:1f:59:85:00:08:fa:9f:dd:
                    ea:b3:1e:87:91:b9:bc:42:56:72:a2:7f:b8:21:01:
                    2c:bc:83:36:ff:49:be:34:e1:88:fe:c4:a8:e2:44:
                    08:b8:f4:e3:6a:3b:c8:08:d7:07:4c:ac:0a:a8:06:
                    0e:25:c1:46:7a:da:c0:ae:bc:5a:f6:73:c6:08:17:
                    d6:6e:17:5e:ee:ff:ae:a2:fd:9f:32:85:98:25:92:
                    1c:6d:55:59:06:f1:57:36:95:40:74:4b:e9:49:17:
                    04:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:11:85:6C:CB:EB:B8:0F:7A:D2:10:C7:A8:F3:37:C1:00:63:F2:45
            X509v3 Authority Key Identifier:
                keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:97:c5:3a:b0:cc:61:86:f7:fa:1d:d5:59:e3:1f:6f:43:ed:
         5c:83:69:2a:78:98:54:9e:b1:82:d5:d1:b8:d0:ce:73:c5:1c:
         40:b7:69:cd:c7:6c:6d:30:0a:6b:6c:b5:dc:2d:2d:9c:d0:6e:
         2b:f8:2d:17:e0:1b:ac:c9:d9:6a:b5:6a:c8:3a:94:98:5f:6f:
         74:be:33:05:28:bb:83:d5:21:54:3f:26:5b:59:64:3f:b1:22:
         bb:fa:11:b0:d8:b1:4d:40:72:67:54:8a:38:8b:ca:91:36:6f:
         d5:4e:bf:90:cf:44:a1:4c:d9:07:9b:21:eb:19:f8:d7:07:95:
         a4:23:6c:66:55:2b:3f:93:ef:ef:c4:43:86:d7:1f:82:e6:d5:
         96:8d:b5:2a:24:a4:e3:e6:e1:f4:6e:50:ab:7a:09:80:38:71:
         41:fe:82:d9:87:9b:4e:35:2a:30:fa:31:61:7a:b1:b9:4e:f7:
         ba:b2:94:63:8d:e2:8c:b8:d0:de:11:7f:e2:6b:7d:00:e6:96:
         56:6f:92:e0:7b:e2:29:2a:f9:5a:ef:f5:d7:93:b6:78:d6:18:
         82:d3:21:11:53:e5:5d:65:4c:fd:9e:8c:b0:61:26:ab:f7:01:
         57:3d:52:bb:54:81:66:26:74:aa:6f:da:44:a6:a0:11:28:32:
         0c:3c:0d:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lj6RqZJsq6eZpmiBXrrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjYwMzI5MDYwMDQ3WhcNMjYwMzMwMDYwMDQ3WjAzMTEwLwYDVQQD
Eyg3NDExODU2Y2NiZWJiODBmN2FkMjEwYzdhOGYzMzdjMTAwNjNmMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsdYsCrZos/XWcCf1p8AKpuJDNBO
aBHxZZAequrLZ/hSnU1y2JEGHOL/a1ImxC2JFHIpXHj2witVu71zLE2RFRvRKqMe
/Q1n3DrPDQvZgC2jrWH9EGLdaIG6iG8xauun3t1cG/vyX6J/2vqsH/5VKLzaD4YJ
buNuaYL06a3y7Ms5u2JpHUHEsjsZ7PMjIk1f6XNOpEpv3l8kEdbeH1mFAAj6n93q
sx6Hkbm8QlZyon+4IQEsvIM2/0m+NOGI/sSo4kQIuPTjajvICNcHTKwKqAYOJcFG
etrArrxa9nPGCBfWbhde7v+uov2fMoWYJZIcbVVZBvFXNpVAdEvpSRcEPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHQRhWzL67gPetIQx6jzN8EAY/JFMB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc5fFOrDM
YYb3+h3VWeMfb0PtXINpKniYVJ6xgtXRuNDOc8UcQLdpzcdsbTAKa2y13C0tnNBu
K/gtF+AbrMnZarVqyDqUmF9vdL4zBSi7g9UhVD8mW1lkP7Eiu/oRsNixTUByZ1SK
OIvKkTZv1U6/kM9EoUzZB5sh6xn41weVpCNsZlUrP5Pv78RDhtcfgubVlo21KiSk
4+bh9G5Qq3oJgDhxQf6C2YebTjUqMPoxYXqxuU73urKUY43ijLjQ3hF/4mt9AOaW
Vm+S4HviKSr5Wu/115O2eNYYgtMhEVPlXWVM/Z6MsGEmq/cBVz1Su1SBZiZ0qm/a
RKagESgyDDwNQg==
-----END CERTIFICATE-----