Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
File:                     rTaQk6MtG34Ou-MkRRxY10iuzUI.mft (raw, json)
Hash identifier:          OSavtVhmEtzEU6QxxShDg1HSr9QikFMAtyMRtrtypp4=
Subject key identifier:   8B:4F:3D:F3:3F:52:13:58:5F:9E:55:AE:75:B6:32:25:BF:40:5F:13
Authority key identifier: AD:36:90:93:A3:2D:1B:7E:0E:BB:E3:24:45:1C:58:D7:48:AE:CD:42
Certificate issuer:       /CN=ad369093a32d1b7e0ebbe324451c58d748aecd42
Certificate serial:       019D394129A8BBE17BEFD580D4A718C3BDFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
Manifest number:          07A5
Signing time:             Sun 29 Mar 2026 11:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 11:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 11:01:04 +0000
Files and hashes:         1: rTaQk6MtG34Ou-MkRRxY10iuzUI.crl (hash: diraZTlHMUn+CXqq9/d3Hbiwzr+myf3SmT5G+gWbPdc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:29:a8:bb:e1:7b:ef:d5:80:d4:a7:18:c3:bd:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad369093a32d1b7e0ebbe324451c58d748aecd42
        Validity
            Not Before: Mar 29 11:01:04 2026 GMT
            Not After : Mar 30 11:01:04 2026 GMT
        Subject: CN=8b4f3df33f5213585f9e55ae75b63225bf405f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:92:aa:78:94:2c:7f:22:da:d7:50:6b:af:18:
                    d9:91:d5:fc:96:67:e0:f3:3e:90:4d:3c:a2:b9:fe:
                    ef:da:7f:2d:27:df:c1:8d:50:2e:5a:e8:db:eb:02:
                    f9:ce:bc:51:aa:0d:50:03:f6:68:ed:ef:fc:e9:ae:
                    5e:67:9a:db:5d:00:58:54:11:37:7e:cb:51:bb:cc:
                    9c:69:b6:ee:68:46:73:e5:12:61:e8:5b:0d:98:a0:
                    31:3d:08:2f:18:ce:59:a1:3e:e0:80:c8:79:7c:7e:
                    82:61:52:bc:f9:15:c7:75:0e:e8:03:2e:9d:74:1b:
                    5a:39:34:ed:27:60:de:b2:36:3f:be:77:9d:c9:25:
                    21:1a:60:6b:d2:ea:d0:e4:87:04:44:11:53:ab:99:
                    fb:fb:be:46:89:f7:2b:aa:a2:05:2d:17:c3:36:dd:
                    90:93:2f:66:de:29:62:92:83:ba:80:12:4b:2e:24:
                    b1:14:3c:ec:84:2c:dd:b1:58:f5:6e:20:69:b7:82:
                    71:c2:7e:ab:6e:f0:e6:16:7d:f3:01:0d:51:b7:82:
                    ff:8e:ab:c1:ad:56:29:28:97:5c:69:89:04:2c:c9:
                    8e:76:d3:80:9e:35:98:02:af:42:51:60:49:96:ef:
                    ea:b9:a9:8b:5d:b0:63:b8:f5:ab:a4:c8:2b:b2:f0:
                    3d:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:4F:3D:F3:3F:52:13:58:5F:9E:55:AE:75:B6:32:25:BF:40:5F:13
            X509v3 Authority Key Identifier:
                keyid:AD:36:90:93:A3:2D:1B:7E:0E:BB:E3:24:45:1C:58:D7:48:AE:CD:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTaQk6MtG34Ou-MkRRxY10iuzUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3b222e-a4b3-4fbe-839f-363a558e19be/1/rTaQk6MtG34Ou-MkRRxY10iuzUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ad:b8:c8:56:e9:d8:0d:47:ac:3f:db:2a:55:31:89:ed:a5:
         33:b4:42:fd:6f:2f:13:7f:62:6d:e7:a2:e0:92:d9:ea:b8:14:
         e5:53:9d:92:ca:c3:ff:31:5d:42:0e:6b:02:7f:4b:a7:af:e9:
         b6:83:82:6b:b0:30:3b:e8:bd:df:6b:78:31:bb:2b:c2:1b:17:
         e2:63:27:8c:11:23:41:1f:19:83:28:54:4a:a8:ef:3a:16:fa:
         a2:2e:13:2f:d7:a3:5c:0d:4f:79:cf:0e:00:08:72:9d:72:41:
         81:67:58:15:18:b0:75:7c:49:0b:41:79:e5:ab:38:6c:68:03:
         3a:a5:9f:ae:7a:a5:99:06:69:38:c6:5d:47:8e:99:3d:ce:2a:
         02:62:75:a3:5d:87:06:b6:fe:66:38:5b:09:d3:1d:a9:d3:95:
         36:9b:f6:e5:c1:2f:1b:2b:28:60:20:1f:c3:b9:92:c4:b7:f1:
         e6:8e:85:aa:31:b9:b3:1f:d5:42:a8:58:bb:64:11:65:e7:a1:
         db:d0:fc:39:34:33:c8:05:41:aa:2c:1f:01:a1:6e:ab:a1:c5:
         40:3b:47:be:2a:93:bc:f7:d2:07:8e:7f:f9:a5:cc:b6:25:00:
         d6:99:cd:b2:12:36:b1:d4:b1:37:c4:7d:32:10:69:0b:0e:a2:
         be:ba:27:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QSmou+F779WA1KcYw737MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzY5MDkzYTMyZDFiN2UwZWJiZTMyNDQ1MWM1OGQ3NDhh
ZWNkNDIwHhcNMjYwMzI5MTEwMTA0WhcNMjYwMzMwMTEwMTA0WjAzMTEwLwYDVQQD
Eyg4YjRmM2RmMzNmNTIxMzU4NWY5ZTU1YWU3NWI2MzIyNWJmNDA1ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pKqeJQsfyLa11BrrxjZkdX8lmfg
8z6QTTyiuf7v2n8tJ9/BjVAuWujb6wL5zrxRqg1QA/Zo7e/86a5eZ5rbXQBYVBE3
fstRu8ycabbuaEZz5RJh6FsNmKAxPQgvGM5ZoT7ggMh5fH6CYVK8+RXHdQ7oAy6d
dBtaOTTtJ2DesjY/vnedySUhGmBr0urQ5IcERBFTq5n7+75GifcrqqIFLRfDNt2Q
ky9m3ilikoO6gBJLLiSxFDzshCzdsVj1biBpt4Jxwn6rbvDmFn3zAQ1Rt4L/jqvB
rVYpKJdcaYkELMmOdtOAnjWYAq9CUWBJlu/quamLXbBjuPWrpMgrsvA9GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItPPfM/UhNYX55VrnW2MiW/QF8TMB8GA1UdIwQY
MBaAFK02kJOjLRt+DrvjJEUcWNdIrs1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYjIyMmUtYTRiMy00ZmJlLTgzOWYt
MzYzYTU1OGUxOWJlLzEvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYjIyMmUtYTRiMy00ZmJlLTgzOWYtMzYzYTU1OGUxOWJl
LzEvclRhUWs2TXRHMzRPdS1Na1JSeFkxMGl1elVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj624yFbp
2A1HrD/bKlUxie2lM7RC/W8vE39ibeei4JLZ6rgU5VOdksrD/zFdQg5rAn9Lp6/p
toOCa7AwO+i932t4MbsrwhsX4mMnjBEjQR8ZgyhUSqjvOhb6oi4TL9ejXA1Pec8O
AAhynXJBgWdYFRiwdXxJC0F55as4bGgDOqWfrnqlmQZpOMZdR46ZPc4qAmJ1o12H
Brb+ZjhbCdMdqdOVNpv25cEvGysoYCAfw7mSxLfx5o6FqjG5sx/VQqhYu2QRZeeh
29D8OTQzyAVBqiwfAaFuq6HFQDtHviqTvPfSB45/+aXMtiUA1pnNshI2sdSxN8R9
MhBpCw6ivronrQ==
-----END CERTIFICATE-----