Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          83Vz2RnskOmar8Trj/sSeqt1h3i25dUKJQYM2L7ZAsc=
Subject key identifier:   08:86:6B:A2:5A:B1:E5:45:DA:B7:5D:BB:D0:B4:BF:BF:C5:25:AE:62
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       019D38666F47434AD216EA2464785EDB2265
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0BA7
Signing time:             Sun 29 Mar 2026 07:02:10 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:10 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:10 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: 00CTbEXFvTilcqWlmNAEjmxFyunuL5IakOHmJXbbV80=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:6f:47:43:4a:d2:16:ea:24:64:78:5e:db:22:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Mar 29 07:02:10 2026 GMT
            Not After : Mar 30 07:02:10 2026 GMT
        Subject: CN=08866ba25ab1e545dab75dbbd0b4bfbfc525ae62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:be:6d:ad:15:e7:4f:fd:25:bc:6b:fa:0b:28:
                    df:ba:25:d3:55:6a:cb:95:67:54:35:db:c9:4f:43:
                    1a:06:b4:fd:61:6d:d6:ed:1e:f4:fc:f5:79:7b:e4:
                    2c:f1:36:46:7f:64:35:10:a1:68:0c:45:45:10:36:
                    6f:fe:25:91:c0:2a:41:a3:81:88:6f:3e:3a:c3:78:
                    09:5f:89:fc:c9:18:40:20:90:c4:4e:69:1f:10:bd:
                    33:dc:39:5e:e2:ce:b5:46:73:a2:d2:e8:5e:21:68:
                    9f:b4:fc:be:7a:ab:29:27:0f:5c:bc:bc:01:19:3d:
                    68:80:d0:1a:60:08:2d:f9:bf:b3:2f:dc:8b:f9:c5:
                    59:d9:3f:29:69:2c:80:9e:33:16:16:60:25:1b:8d:
                    fa:00:50:b7:d2:cf:58:90:63:5d:fb:5a:ae:81:f0:
                    fc:03:bc:d2:e1:24:8e:51:5d:e4:41:3c:3b:f1:32:
                    df:17:93:0a:04:b2:bc:f6:c1:3d:5d:41:90:f0:68:
                    26:ee:66:a8:7a:74:5f:1e:ca:c7:68:bb:49:54:c1:
                    0d:72:54:94:3e:e4:f7:fc:cf:a3:8a:0f:ff:f8:45:
                    b2:d8:25:2c:ea:15:ed:1e:3c:78:7a:db:0e:82:33:
                    47:51:73:ac:3a:42:70:fe:cb:8f:43:5e:a5:09:89:
                    39:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:86:6B:A2:5A:B1:E5:45:DA:B7:5D:BB:D0:B4:BF:BF:C5:25:AE:62
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:93:35:74:bf:c0:33:85:3a:92:82:8e:21:f8:28:94:67:64:
         d5:3c:c6:24:fa:a2:df:3a:30:a1:6d:0a:a1:66:be:03:c9:e0:
         0b:0d:12:52:f3:81:77:d8:79:11:d6:d9:0d:c8:b9:03:7b:a3:
         44:73:c8:e8:ba:b3:f8:dd:6f:d4:d3:ca:c6:12:02:00:71:b3:
         bc:30:bd:c7:b0:cf:cb:99:02:91:6d:33:4a:8a:1d:d0:0b:51:
         1b:97:4b:94:f2:ef:da:26:6d:bf:ca:d3:3b:3f:e5:84:11:da:
         2c:33:6c:1b:76:64:6c:ca:e2:0c:3c:67:70:9d:46:67:ee:0c:
         5f:17:85:a2:88:32:30:3f:aa:45:54:ce:ed:b7:67:de:09:ec:
         60:81:45:04:c4:50:c9:f3:aa:f6:6f:81:2d:10:02:03:2e:fe:
         67:11:2a:c7:f4:18:56:ec:55:7e:24:63:63:74:63:50:07:d0:
         cf:de:d4:7f:c9:5f:af:d0:7e:b1:6c:44:8f:e4:76:20:6a:df:
         cb:a0:20:53:1f:f7:e7:11:d8:56:c3:b9:52:b4:3b:74:5a:4c:
         0e:6c:e9:a4:d7:00:dc:24:8a:2c:47:b3:c7:29:1a:7e:0d:1b:
         06:3e:ad:ea:bd:61:04:40:e1:19:53:25:c4:e5:6a:aa:15:a3:
         3f:5f:27:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zm9HQ0rSFuokZHhe2yJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjYwMzI5MDcwMjEwWhcNMjYwMzMwMDcwMjEwWjAzMTEwLwYDVQQD
EygwODg2NmJhMjVhYjFlNTQ1ZGFiNzVkYmJkMGI0YmZiZmM1MjVhZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL5trRXnT/0lvGv6CyjfuiXTVWrL
lWdUNdvJT0MaBrT9YW3W7R70/PV5e+Qs8TZGf2Q1EKFoDEVFEDZv/iWRwCpBo4GI
bz46w3gJX4n8yRhAIJDETmkfEL0z3Dle4s61RnOi0uheIWiftPy+eqspJw9cvLwB
GT1ogNAaYAgt+b+zL9yL+cVZ2T8paSyAnjMWFmAlG436AFC30s9YkGNd+1qugfD8
A7zS4SSOUV3kQTw78TLfF5MKBLK89sE9XUGQ8Ggm7maoenRfHsrHaLtJVMENclSU
PuT3/M+jig//+EWy2CUs6hXtHjx4etsOgjNHUXOsOkJw/suPQ16lCYk5JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiGa6JaseVF2rddu9C0v7/FJa5iMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcZM1dL/A
M4U6koKOIfgolGdk1TzGJPqi3zowoW0KoWa+A8ngCw0SUvOBd9h5EdbZDci5A3uj
RHPI6Lqz+N1v1NPKxhICAHGzvDC9x7DPy5kCkW0zSood0AtRG5dLlPLv2iZtv8rT
Oz/lhBHaLDNsG3ZkbMriDDxncJ1GZ+4MXxeFoogyMD+qRVTO7bdn3gnsYIFFBMRQ
yfOq9m+BLRACAy7+ZxEqx/QYVuxVfiRjY3RjUAfQz97Uf8lfr9B+sWxEj+R2IGrf
y6AgUx/35xHYVsO5UrQ7dFpMDmzppNcA3CSKLEezxykafg0bBj6t6r1hBEDhGVMl
xOVqqhWjP18ndg==
-----END CERTIFICATE-----