Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
File:                     TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json)
Hash identifier:          QJQ9nISI6kJOqv/NjONXO4r3ujUMGygqr3SFq90WBOM=
Subject key identifier:   22:C8:A1:5F:83:B0:3A:13:66:11:00:BF:82:7E:1E:18:2F:B3:73:8C
Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1
Certificate issuer:       /CN=4d8106292a50acafea6817cba1cce677a277e0e1
Certificate serial:       019D397780F6CC9D4C42524EF0639691E6DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
Manifest number:          0703
Signing time:             Sun 29 Mar 2026 12:00:26 +0000
Manifest this update:     Sun 29 Mar 2026 12:00:26 +0000
Manifest next update:     Mon 30 Mar 2026 12:00:26 +0000
Files and hashes:         1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: tEbJRTiQR5SjLDWSXy8/Xo2A8bYQcanfFvF8stj3dgA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 12:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:77:80:f6:cc:9d:4c:42:52:4e:f0:63:96:91:e6:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1
        Validity
            Not Before: Mar 29 12:00:26 2026 GMT
            Not After : Mar 30 12:00:26 2026 GMT
        Subject: CN=22c8a15f83b03a13661100bf827e1e182fb3738c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ac:c4:fe:25:9a:15:dd:0f:43:eb:ed:a5:c9:
                    be:e5:a0:54:ba:80:d9:74:f7:be:d4:3a:f8:5e:44:
                    c3:6c:fc:35:97:e7:37:d2:16:af:c4:f7:71:c6:08:
                    13:f6:01:12:54:dc:28:40:63:82:9b:8b:4a:6b:b3:
                    b0:d4:eb:32:22:12:74:04:6b:8f:99:fa:e4:c6:09:
                    19:fa:d8:d4:6d:b0:2b:d8:29:2d:0f:ed:03:a6:b8:
                    f9:7b:48:a8:74:d2:8b:21:e4:2d:64:d3:f2:6a:4d:
                    33:05:59:ca:65:8a:9a:b9:02:da:b9:64:5f:09:91:
                    1f:db:f6:57:c8:79:c4:bb:b5:ff:5d:fa:d3:65:74:
                    0d:86:fd:11:ca:7a:11:5a:87:09:23:bf:45:3a:2f:
                    f2:1d:cb:e1:eb:8b:92:ff:a9:e2:4a:59:41:a2:c4:
                    81:96:84:3f:ed:ff:94:d0:ff:23:00:1d:70:3c:bd:
                    bb:f6:87:99:4b:d6:33:fa:70:28:48:11:b9:ea:a5:
                    df:e4:1f:a0:47:53:58:7f:bc:7c:40:e6:f4:8a:8e:
                    2e:9e:3b:84:53:7b:6d:53:18:68:97:a3:7b:a6:26:
                    4b:73:20:ef:8e:64:50:62:1c:a5:7c:20:56:17:bd:
                    ab:e2:d0:a5:b3:88:4d:db:0d:f7:a8:cb:42:3c:ff:
                    a9:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:C8:A1:5F:83:B0:3A:13:66:11:00:BF:82:7E:1E:18:2F:B3:73:8C
            X509v3 Authority Key Identifier:
                keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:ee:5e:8c:2b:f1:cd:9a:97:bb:e4:7b:06:51:0c:9c:60:b2:
         2b:48:ff:b5:71:12:bd:03:c5:a8:5e:e3:92:c3:7c:45:72:7d:
         0b:7c:2f:de:b7:2f:f8:4e:3c:13:be:20:92:44:cb:e0:c2:2e:
         95:4c:2c:e1:8d:d9:ee:5f:57:fc:fb:e8:8a:5a:37:7a:00:74:
         9b:ef:44:49:04:69:0d:79:5a:a2:fc:3b:03:83:20:c3:37:36:
         b6:b6:f0:29:1f:ec:c9:a8:fc:89:b8:78:67:a6:ba:ce:bb:b7:
         d1:04:d8:09:41:ca:1b:69:ae:72:61:6d:1f:9c:02:72:d5:37:
         30:00:9e:53:ec:96:c3:ff:11:ae:82:8b:0d:b1:f4:da:33:e5:
         35:ef:12:7f:33:cd:e1:c4:da:63:00:e8:ee:6b:24:39:56:99:
         e4:30:0f:f7:08:e6:d9:a7:8c:35:2b:7b:85:ea:b1:7b:1a:b4:
         e0:ab:f5:68:8a:7d:9e:db:43:d6:62:c0:24:91:4b:3e:9f:ef:
         d1:27:93:1b:3c:f0:fd:91:89:2e:79:58:7b:0f:5e:94:a8:7d:
         37:94:ab:93:ad:8a:04:ef:3f:ba:55:25:5a:25:b5:aa:3d:89:
         8b:23:cc:aa:9e:56:0d:34:62:fa:e5:d3:9c:1f:a8:39:0a:07:
         7c:48:9e:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4D2zJ1MQlJO8GOWkebbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3
N2UwZTEwHhcNMjYwMzI5MTIwMDI2WhcNMjYwMzMwMTIwMDI2WjAzMTEwLwYDVQQD
EygyMmM4YTE1ZjgzYjAzYTEzNjYxMTAwYmY4MjdlMWUxODJmYjM3MzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qzE/iWaFd0PQ+vtpcm+5aBUuoDZ
dPe+1Dr4XkTDbPw1l+c30havxPdxxggT9gESVNwoQGOCm4tKa7Ow1OsyIhJ0BGuP
mfrkxgkZ+tjUbbAr2CktD+0Dprj5e0iodNKLIeQtZNPyak0zBVnKZYqauQLauWRf
CZEf2/ZXyHnEu7X/XfrTZXQNhv0RynoRWocJI79FOi/yHcvh64uS/6niSllBosSB
loQ/7f+U0P8jAB1wPL279oeZS9Yz+nAoSBG56qXf5B+gR1NYf7x8QOb0io4unjuE
U3ttUxhol6N7piZLcyDvjmRQYhylfCBWF72r4tCls4hN2w33qMtCPP+pkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLIoV+DsDoTZhEAv4J+Hhgvs3OMMB8GA1UdIwQY
MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct
M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk
LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN+5ejCvx
zZqXu+R7BlEMnGCyK0j/tXESvQPFqF7jksN8RXJ9C3wv3rcv+E48E74gkkTL4MIu
lUws4Y3Z7l9X/Pvoilo3egB0m+9ESQRpDXlaovw7A4Mgwzc2trbwKR/syaj8ibh4
Z6a6zru30QTYCUHKG2mucmFtH5wCctU3MACeU+yWw/8RroKLDbH02jPlNe8SfzPN
4cTaYwDo7mskOVaZ5DAP9wjm2aeMNSt7heqxexq04Kv1aIp9nttD1mLAJJFLPp/v
0SeTGzzw/ZGJLnlYew9elKh9N5Srk62KBO8/ulUlWiW1qj2JiyPMqp5WDTRi+uXT
nB+oOQoHfEiedA==
-----END CERTIFICATE-----