Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft
File:                     ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft (raw, json)
Hash identifier:          OnWzvvVCXSJEABe+Qd6BeWz7nRup3iWajgdJvXFISI4=
Subject key identifier:   66:DC:9D:D7:54:57:DF:6B:79:36:17:F0:68:D7:3C:71:D4:8B:44:D0
Authority key identifier: 22:DC:6E:47:43:ED:5C:C8:43:03:28:52:89:6E:F1:5F:48:92:ED:B0
Certificate issuer:       /CN=22dc6e4743ed5cc843032852896ef15f4892edb0
Certificate serial:       019D371BC28DC1849BA741F4C8261D43C842
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft
Manifest number:          0E92
Signing time:             Sun 29 Mar 2026 01:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:59 +0000
Files and hashes:         1: ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl (hash: xc+dHKh751Pyhx4gCjB45DXjHgl2JuaGTLJeVW4X0ho=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:c2:8d:c1:84:9b:a7:41:f4:c8:26:1d:43:c8:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22dc6e4743ed5cc843032852896ef15f4892edb0
        Validity
            Not Before: Mar 29 01:00:59 2026 GMT
            Not After : Mar 30 01:00:59 2026 GMT
        Subject: CN=66dc9dd75457df6b793617f068d73c71d48b44d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:e4:d3:82:7d:bc:30:b5:b8:99:1d:18:21:40:
                    96:24:3e:a3:ad:98:e2:4a:e3:0f:a1:bd:a8:5c:cb:
                    6d:0d:0e:06:47:f2:24:e1:b8:93:74:59:a9:9a:5e:
                    2d:ca:6e:1c:34:bc:1d:7a:fa:40:35:8d:c9:83:66:
                    2e:be:5d:71:28:1b:6e:1b:b3:68:42:6b:6d:4c:49:
                    45:2b:0c:89:d5:13:1c:bc:9e:fb:b6:90:28:26:42:
                    61:31:73:93:c8:82:23:1d:5c:b4:6d:f0:2c:3a:3f:
                    61:ed:fb:f6:0a:e4:d8:57:b1:82:ac:b9:34:3d:e6:
                    c6:40:88:6f:63:e3:dc:bf:63:2e:51:19:09:c9:ab:
                    90:b6:d3:d1:ad:80:0c:37:ee:a6:40:d7:f0:11:58:
                    e0:93:ee:10:2b:92:f9:a4:67:17:30:2e:6c:33:46:
                    a7:c8:f5:b4:4c:56:48:4e:7d:71:b0:dd:42:89:d9:
                    1b:4a:1c:4c:d7:1b:fe:6b:d8:f2:02:2d:48:e2:bf:
                    98:a2:85:d6:63:ed:85:ed:f4:c5:02:ec:d1:5a:6d:
                    5e:40:63:da:67:96:b7:b3:08:4c:f8:42:0e:2d:62:
                    c7:32:21:7a:30:f1:6c:d0:72:d9:80:25:70:01:aa:
                    f5:53:0d:be:dc:fd:b4:cd:a4:59:4d:1b:1e:61:89:
                    3b:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:DC:9D:D7:54:57:DF:6B:79:36:17:F0:68:D7:3C:71:D4:8B:44:D0
            X509v3 Authority Key Identifier:
                keyid:22:DC:6E:47:43:ED:5C:C8:43:03:28:52:89:6E:F1:5F:48:92:ED:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:a3:34:25:2c:6a:e9:a4:f3:88:d0:1a:3a:1e:24:de:2b:e6:
         bb:33:b2:fd:08:f6:bc:df:a7:f1:95:94:9a:e0:32:bc:e3:55:
         4a:5a:cc:4a:b0:1e:22:8c:78:f5:6d:0d:9e:02:79:71:df:5a:
         e7:f2:bd:35:5d:6b:8b:79:8f:21:fa:e6:8b:01:ad:37:0a:e1:
         1c:06:a5:9c:79:16:d0:28:43:4c:55:82:6b:d2:c3:a5:b0:18:
         a6:c2:75:52:09:7f:d7:ee:f2:13:78:2d:44:d8:1d:e5:9f:af:
         c3:07:e4:41:42:15:e9:0e:c2:fa:4b:97:bb:3a:14:6f:ab:9d:
         79:86:3a:c2:40:fe:c5:62:d6:a9:fb:2a:1b:f3:ca:6d:74:82:
         e9:ca:0f:7b:e9:28:8a:66:7e:b2:1b:b0:9e:dd:f3:32:c5:c4:
         f7:33:4e:f7:58:ab:79:53:db:77:9c:c8:9d:6f:33:ce:98:4f:
         2f:c7:22:d4:24:a6:fb:03:64:36:59:b9:4a:75:6e:12:cd:09:
         4e:4a:08:30:91:0d:0b:ba:4e:7e:82:38:6b:e5:f2:24:dc:38:
         bf:82:c7:96:0e:b9:27:62:d3:10:73:1a:e7:4b:2d:bc:44:4d:
         a8:dc:ee:37:de:b8:01:84:a7:35:60:a4:cc:f2:65:f0:58:8d:
         61:78:5c:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G8KNwYSbp0H0yCYdQ8hCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZGM2ZTQ3NDNlZDVjYzg0MzAzMjg1Mjg5NmVmMTVmNDg5
MmVkYjAwHhcNMjYwMzI5MDEwMDU5WhcNMjYwMzMwMDEwMDU5WjAzMTEwLwYDVQQD
Eyg2NmRjOWRkNzU0NTdkZjZiNzkzNjE3ZjA2OGQ3M2M3MWQ0OGI0NGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OTTgn28MLW4mR0YIUCWJD6jrZji
SuMPob2oXMttDQ4GR/Ik4biTdFmpml4tym4cNLwdevpANY3Jg2Yuvl1xKBtuG7No
QmttTElFKwyJ1RMcvJ77tpAoJkJhMXOTyIIjHVy0bfAsOj9h7fv2CuTYV7GCrLk0
PebGQIhvY+Pcv2MuURkJyauQttPRrYAMN+6mQNfwEVjgk+4QK5L5pGcXMC5sM0an
yPW0TFZITn1xsN1CidkbShxM1xv+a9jyAi1I4r+YooXWY+2F7fTFAuzRWm1eQGPa
Z5a3swhM+EIOLWLHMiF6MPFs0HLZgCVwAar1Uw2+3P20zaRZTRseYYk7iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbcnddUV99reTYX8GjXPHHUi0TQMB8GA1UdIwQY
MBaAFCLcbkdD7VzIQwMoUolu8V9Iku2wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYWY4NTAtZjU4Ny00NGIyLThkZTQt
YTg1ODVmZjkzNTQ2LzEvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kYWY4NTAtZjU4Ny00NGIyLThkZTQtYTg1ODVmZjkzNTQ2
LzEvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKM0JSxq
6aTziNAaOh4k3ivmuzOy/Qj2vN+n8ZWUmuAyvONVSlrMSrAeIox49W0NngJ5cd9a
5/K9NV1ri3mPIfrmiwGtNwrhHAalnHkW0ChDTFWCa9LDpbAYpsJ1Ugl/1+7yE3gt
RNgd5Z+vwwfkQUIV6Q7C+kuXuzoUb6udeYY6wkD+xWLWqfsqG/PKbXSC6coPe+ko
imZ+shuwnt3zMsXE9zNO91ireVPbd5zInW8zzphPL8ci1CSm+wNkNlm5SnVuEs0J
TkoIMJENC7pOfoI4a+XyJNw4v4LHlg65J2LTEHMa50stvERNqNzuN964AYSnNWCk
zPJl8FiNYXhckg==
-----END CERTIFICATE-----