Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
File:                     dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft (raw, json)
Hash identifier:          84OpmLwDDw/NPpsM4VVrSD7ODkJg4nD5QMvoEmDzBAo=
Subject key identifier:   2C:3D:7B:A4:AA:6D:39:47:0E:5D:1A:65:4B:5F:B2:15:94:5C:A5:66
Authority key identifier: 74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E
Certificate issuer:       /CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
Certificate serial:       019D389BD2DBA86955666B9CE97F14D77D91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
Manifest number:          1183
Signing time:             Sun 29 Mar 2026 08:00:29 +0000
Manifest this update:     Sun 29 Mar 2026 08:00:29 +0000
Manifest next update:     Mon 30 Mar 2026 08:00:29 +0000
Files and hashes:         1: dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl (hash: LsE0FQ4V46UseLGKASJ6I0HXsp+/1mFJasVZ7rNJsfM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:9b:d2:db:a8:69:55:66:6b:9c:e9:7f:14:d7:7d:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7472eb8f8015eb1bc29ea3162f83e6acedbb427e
        Validity
            Not Before: Mar 29 08:00:29 2026 GMT
            Not After : Mar 30 08:00:29 2026 GMT
        Subject: CN=2c3d7ba4aa6d39470e5d1a654b5fb215945ca566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:1c:81:71:05:e2:1c:44:07:2d:9c:a4:c1:67:
                    a3:b5:73:59:21:67:5c:1d:1f:fc:c9:3f:8f:b7:e6:
                    68:d1:5b:04:b6:29:43:cf:90:01:34:cf:dd:7a:de:
                    8e:d6:93:05:45:76:41:0a:9a:ea:be:ca:cc:41:82:
                    36:a0:52:a7:90:a2:18:cd:79:41:cf:84:2a:b9:51:
                    24:7f:61:7b:b7:ac:64:8d:eb:ed:3f:82:31:d5:b3:
                    ec:67:24:0e:89:7b:81:71:53:24:e6:67:77:a3:79:
                    ec:72:6e:34:01:4e:0f:a3:27:be:3e:00:a5:49:0e:
                    1e:19:cb:58:c9:50:79:c3:68:27:49:eb:c5:ca:ab:
                    1e:68:db:41:e0:81:44:58:4c:a8:1f:44:50:58:3c:
                    e6:61:13:2b:b5:23:8d:fb:f8:e8:bc:eb:8e:33:d2:
                    bf:d5:28:33:55:ce:10:29:8b:60:ea:81:81:ed:b9:
                    91:4d:60:39:b3:b6:c3:6a:f8:55:f2:fa:8a:dc:eb:
                    94:53:fc:ae:5f:21:12:45:fe:02:bc:be:37:96:83:
                    40:23:f0:c3:63:52:57:7e:9d:4c:f7:c5:e4:a5:98:
                    81:ab:3f:41:ba:ab:8c:5b:64:94:f4:8e:16:71:97:
                    bd:57:b8:b8:ab:55:c0:73:ce:3c:23:82:9d:88:23:
                    75:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:3D:7B:A4:AA:6D:39:47:0E:5D:1A:65:4B:5F:B2:15:94:5C:A5:66
            X509v3 Authority Key Identifier:
                keyid:74:72:EB:8F:80:15:EB:1B:C2:9E:A3:16:2F:83:E6:AC:ED:BB:42:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHLrj4AV6xvCnqMWL4PmrO27Qn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/655e28-3391-40a7-88ca-1bffda382ebe/1/dHLrj4AV6xvCnqMWL4PmrO27Qn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:6e:ae:b8:03:a4:f4:45:7a:36:72:11:2f:b4:af:27:35:cf:
         38:2b:84:e2:8b:e8:ff:0d:b2:27:10:10:56:2c:d9:6a:7a:8a:
         af:d3:27:15:60:33:47:93:ba:1c:b2:12:d4:77:74:42:a0:40:
         71:ff:12:f7:df:11:ed:e7:bb:cd:3f:7c:89:65:cd:40:75:d6:
         16:e0:9a:14:3d:05:68:f5:ea:2a:83:3d:78:73:f2:06:61:05:
         b7:c5:3a:7a:cf:8d:c8:32:72:7c:57:f2:7f:ca:23:48:bc:2d:
         b0:d2:fb:59:39:27:ee:ed:71:c3:46:50:0a:92:b8:a1:2d:ac:
         c6:b7:e5:6c:0d:84:be:58:a6:27:29:48:fc:5b:1e:12:45:c5:
         7e:9d:6b:a6:80:d7:05:4d:a6:9b:80:04:b2:e1:10:ab:8e:e7:
         e2:c7:53:ca:ab:ce:20:ab:8c:cb:43:26:b7:0d:7d:b7:21:b3:
         14:8e:ec:96:43:f5:8b:6f:7f:4b:02:90:03:03:0d:18:6d:ca:
         a4:45:07:c1:ff:c9:16:7e:06:1b:c4:04:78:8d:44:9a:f5:44:
         b2:8a:30:60:57:d4:24:fe:22:fb:5c:43:5a:36:38:ae:7c:be:
         a2:6d:1f:ea:8b:b0:52:d8:c1:cf:ac:f4:eb:c3:33:c5:93:4b:
         74:57:1c:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m9LbqGlVZmuc6X8U132RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzJlYjhmODAxNWViMWJjMjllYTMxNjJmODNlNmFjZWRi
YjQyN2UwHhcNMjYwMzI5MDgwMDI5WhcNMjYwMzMwMDgwMDI5WjAzMTEwLwYDVQQD
EygyYzNkN2JhNGFhNmQzOTQ3MGU1ZDFhNjU0YjVmYjIxNTk0NWNhNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxyBcQXiHEQHLZykwWejtXNZIWdc
HR/8yT+Pt+Zo0VsEtilDz5ABNM/det6O1pMFRXZBCprqvsrMQYI2oFKnkKIYzXlB
z4QquVEkf2F7t6xkjevtP4Ix1bPsZyQOiXuBcVMk5md3o3nscm40AU4Poye+PgCl
SQ4eGctYyVB5w2gnSevFyqseaNtB4IFEWEyoH0RQWDzmYRMrtSON+/jovOuOM9K/
1SgzVc4QKYtg6oGB7bmRTWA5s7bDavhV8vqK3OuUU/yuXyESRf4CvL43loNAI/DD
Y1JXfp1M98XkpZiBqz9BuquMW2SU9I4WcZe9V7i4q1XAc848I4KdiCN1zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCw9e6SqbTlHDl0aZUtfshWUXKVmMB8GA1UdIwQY
MBaAFHRy64+AFesbwp6jFi+D5qztu0J+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2Et
MWJmZmRhMzgyZWJlLzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82NTVlMjgtMzM5MS00MGE3LTg4Y2EtMWJmZmRhMzgyZWJl
LzEvZEhMcmo0QVY2eHZDbnFNV0w0UG1yTzI3UW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlW6uuAOk
9EV6NnIRL7SvJzXPOCuE4ovo/w2yJxAQVizZanqKr9MnFWAzR5O6HLIS1Hd0QqBA
cf8S998R7ee7zT98iWXNQHXWFuCaFD0FaPXqKoM9eHPyBmEFt8U6es+NyDJyfFfy
f8ojSLwtsNL7WTkn7u1xw0ZQCpK4oS2sxrflbA2EvlimJylI/FseEkXFfp1rpoDX
BU2mm4AEsuEQq47n4sdTyqvOIKuMy0Mmtw19tyGzFI7slkP1i29/SwKQAwMNGG3K
pEUHwf/JFn4GG8QEeI1EmvVEsoowYFfUJP4i+1xDWjY4rny+om0f6ouwUtjBz6z0
68MzxZNLdFcc2w==
-----END CERTIFICATE-----