Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
File:                     syznolxromOxucmrdrjS3DoNaAY.mft (raw, json)
Hash identifier:          G0FFRx1bFLLYh3w3ROAWe0dx0TXHQ7pasCLqPKKBDwc=
Subject key identifier:   DA:73:DA:A1:FF:CD:18:2B:0C:95:6B:84:10:95:1F:66:0B:A0:06:07
Authority key identifier: B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06
Certificate issuer:       /CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
Certificate serial:       019D386617A11ED7F6A0117E69E36E3B3F92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
Manifest number:          0740
Signing time:             Sun 29 Mar 2026 07:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:47 +0000
Files and hashes:         1: syznolxromOxucmrdrjS3DoNaAY.crl (hash: 1COX3pBEBUXiKWfG9HbIHminbNdKCEOBEL5fGga+3eA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:17:a1:1e:d7:f6:a0:11:7e:69:e3:6e:3b:3f:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b32ce7a25c6ba263b1b9c9ab76b8d2dc3a0d6806
        Validity
            Not Before: Mar 29 07:01:47 2026 GMT
            Not After : Mar 30 07:01:47 2026 GMT
        Subject: CN=da73daa1ffcd182b0c956b8410951f660ba00607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:c3:73:c9:5b:7e:55:57:df:90:0d:95:36:ce:
                    30:1b:d0:d3:55:b6:27:9c:f2:a6:58:5a:47:0b:0a:
                    ec:f2:09:1e:f1:e8:77:bb:2d:d3:52:13:d0:95:12:
                    b8:2c:b7:2f:46:49:f4:67:35:6a:a7:5c:25:c1:fe:
                    6c:cf:7c:22:dc:3d:b0:30:df:f0:b6:a5:b1:e1:e9:
                    62:43:1e:05:d4:85:50:b8:b7:b1:36:4e:0d:a9:e2:
                    5c:b5:49:2b:24:0f:d9:ba:5a:7e:4a:d0:cc:27:67:
                    55:cc:72:ae:17:eb:f4:99:66:4d:39:69:ca:1d:42:
                    85:3a:df:7d:80:0b:e4:21:1f:6f:db:b1:f9:42:9b:
                    16:23:ca:f5:8d:76:5e:45:88:a1:cb:2d:37:ed:44:
                    66:32:f3:40:6f:2f:64:52:27:96:21:2b:17:7c:6e:
                    bc:95:00:69:2f:4d:fc:3b:c3:17:37:fa:1a:60:1c:
                    42:c0:16:1b:f0:f4:11:e7:f3:07:7e:1c:bb:2f:7b:
                    71:e7:f8:b2:4c:bb:84:0d:3c:d2:fe:ec:cd:ff:c9:
                    bf:fc:72:5c:4e:f0:75:8b:42:1a:9a:fc:c5:d1:fe:
                    5e:6b:af:6f:97:f5:4a:1e:46:a8:b5:f8:e5:f6:1f:
                    07:8c:92:2b:fb:aa:7b:3e:2c:e6:28:b5:a5:7e:02:
                    cf:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:73:DA:A1:FF:CD:18:2B:0C:95:6B:84:10:95:1F:66:0B:A0:06:07
            X509v3 Authority Key Identifier:
                keyid:B3:2C:E7:A2:5C:6B:A2:63:B1:B9:C9:AB:76:B8:D2:DC:3A:0D:68:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syznolxromOxucmrdrjS3DoNaAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a3a653-aefa-48cd-aac7-3403a84297b1/1/syznolxromOxucmrdrjS3DoNaAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:a4:cd:ab:cc:46:4f:68:9c:5b:9a:74:fe:a6:da:99:53:dd:
         f7:78:1f:dc:06:d1:91:7d:b8:6a:b2:14:62:dd:1a:15:53:b7:
         d7:b0:74:da:2c:e0:9f:9d:59:5d:4e:e8:e0:d8:35:ae:b8:ff:
         d9:ae:53:cf:fe:03:99:7c:72:98:c6:c2:41:22:ab:60:82:b3:
         8a:58:b2:9c:18:f1:41:07:d1:b8:d6:01:56:f7:e5:6c:12:59:
         26:f5:af:d8:df:a1:f0:5f:6e:ff:30:23:ed:fd:ae:a1:e8:8b:
         e6:7e:72:b4:fb:6d:c3:ac:e3:fc:9f:bb:40:7c:7c:c1:d0:a8:
         43:30:10:64:33:5f:51:6f:40:71:d4:ad:c6:54:02:5c:07:93:
         d9:4c:bf:d7:4f:f5:0f:e8:6a:20:3f:0b:9c:03:ea:8a:58:38:
         11:4e:26:03:99:4d:f7:b9:2b:fb:6a:4e:8f:83:a8:8d:6b:18:
         4c:be:57:1d:dd:fc:e6:64:08:29:0e:35:40:36:31:06:28:3d:
         47:c6:1d:8b:f3:8e:e0:81:6f:2c:38:a1:84:71:86:88:d4:d5:
         0f:32:d3:c5:83:87:c1:ed:50:d4:d7:f0:23:82:28:c5:2f:ae:
         25:53:06:62:fc:16:ff:40:f3:07:d7:f1:d1:c0:89:8b:6e:04:
         1c:47:c3:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhehHtf2oBF+aeNuOz+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmNlN2EyNWM2YmEyNjNiMWI5YzlhYjc2YjhkMmRjM2Ew
ZDY4MDYwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
EyhkYTczZGFhMWZmY2QxODJiMGM5NTZiODQxMDk1MWY2NjBiYTAwNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMNzyVt+VVffkA2VNs4wG9DTVbYn
nPKmWFpHCwrs8gke8eh3uy3TUhPQlRK4LLcvRkn0ZzVqp1wlwf5sz3wi3D2wMN/w
tqWx4eliQx4F1IVQuLexNk4NqeJctUkrJA/Zulp+StDMJ2dVzHKuF+v0mWZNOWnK
HUKFOt99gAvkIR9v27H5QpsWI8r1jXZeRYihyy037URmMvNAby9kUieWISsXfG68
lQBpL038O8MXN/oaYBxCwBYb8PQR5/MHfhy7L3tx5/iyTLuEDTzS/uzN/8m//HJc
TvB1i0IamvzF0f5ea69vl/VKHkaotfjl9h8HjJIr+6p7PizmKLWlfgLPzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpz2qH/zRgrDJVrhBCVH2YLoAYHMB8GA1UdIwQY
MBaAFLMs56Jca6JjsbnJq3a40tw6DWgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzct
MzQwM2E4NDI5N2IxLzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hM2E2NTMtYWVmYS00OGNkLWFhYzctMzQwM2E4NDI5N2Ix
LzEvc3l6bm9seHJvbU94dWNtcmRyalMzRG9OYUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKTNq8xG
T2icW5p0/qbamVPd93gf3AbRkX24arIUYt0aFVO317B02izgn51ZXU7o4Ng1rrj/
2a5Tz/4DmXxymMbCQSKrYIKziliynBjxQQfRuNYBVvflbBJZJvWv2N+h8F9u/zAj
7f2uoeiL5n5ytPttw6zj/J+7QHx8wdCoQzAQZDNfUW9AcdStxlQCXAeT2Uy/10/1
D+hqID8LnAPqilg4EU4mA5lN97kr+2pOj4OojWsYTL5XHd385mQIKQ41QDYxBig9
R8Ydi/OO4IFvLDihhHGGiNTVDzLTxYOHwe1Q1NfwI4IoxS+uJVMGYvwW/0DzB9fx
0cCJi24EHEfDeg==
-----END CERTIFICATE-----