Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft
File:                     KuHXizgSIs2I12qOk8RLujyACKI.mft (raw, json)
Hash identifier:          nFYwyKkMZevKD/W85V5Z/NRmIhS+rfdUxokZ9L4MTWo=
Subject key identifier:   E7:A9:AA:B1:96:E8:0A:C3:86:71:0A:A8:FF:82:AB:B0:2F:C9:9A:3B
Authority key identifier: 2A:E1:D7:8B:38:12:22:CD:88:D7:6A:8E:93:C4:4B:BA:3C:80:08:A2
Certificate issuer:       /CN=2ae1d78b381222cd88d76a8e93c44bba3c8008a2
Certificate serial:       019D390A421A2C4A167356CE6FDAB2B45AB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KuHXizgSIs2I12qOk8RLujyACKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft
Manifest number:          0170
Signing time:             Sun 29 Mar 2026 10:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 10:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 10:01:06 +0000
Files and hashes:         1: KuHXizgSIs2I12qOk8RLujyACKI.crl (hash: MTXdS69VFM+K5ffu1XbNqhNq8XffV3h17qlVXxIjXVY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KuHXizgSIs2I12qOk8RLujyACKI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:0a:42:1a:2c:4a:16:73:56:ce:6f:da:b2:b4:5a:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ae1d78b381222cd88d76a8e93c44bba3c8008a2
        Validity
            Not Before: Mar 29 10:01:06 2026 GMT
            Not After : Mar 30 10:01:06 2026 GMT
        Subject: CN=e7a9aab196e80ac386710aa8ff82abb02fc99a3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d6:7c:cd:9e:a2:94:21:4e:63:d4:7f:fc:c8:
                    77:79:99:4e:12:a5:5c:f9:d9:f2:3e:44:3e:03:2d:
                    86:a2:55:fe:58:0a:c6:dc:c5:61:3a:ee:ef:d1:7e:
                    49:7f:59:f5:81:30:5c:ca:40:23:d7:58:64:9d:97:
                    d9:52:cd:12:21:0f:27:29:f7:fc:56:34:61:06:96:
                    84:56:a3:77:49:a0:91:3a:d7:dc:b9:44:f3:bf:94:
                    a1:5b:4b:f3:b8:58:2b:62:b5:fe:61:41:35:06:20:
                    e7:2d:29:ab:7b:20:20:67:b7:81:3a:af:f1:92:a7:
                    aa:57:27:2c:ca:39:fe:a1:6a:43:1a:e2:d5:86:2e:
                    43:3c:3a:b1:da:db:30:de:e0:70:5f:71:1d:91:88:
                    11:fe:a2:6a:30:56:a0:e4:78:54:ac:c0:ec:d7:cf:
                    71:4f:75:31:de:cb:07:18:cb:1c:d6:b9:67:8e:ff:
                    45:a9:20:d9:10:c6:9d:df:70:2e:20:e9:9b:b9:34:
                    74:17:4f:b9:0c:00:30:ac:f8:bc:e2:27:a6:5f:3a:
                    61:4b:8f:e4:3d:66:fc:ce:14:7f:11:f1:b4:45:ce:
                    02:e2:07:1f:4d:05:da:7c:83:28:9c:53:78:0c:2c:
                    2c:6a:ad:1c:a3:fc:c9:85:0f:90:4c:70:7f:52:9f:
                    80:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:A9:AA:B1:96:E8:0A:C3:86:71:0A:A8:FF:82:AB:B0:2F:C9:9A:3B
            X509v3 Authority Key Identifier:
                keyid:2A:E1:D7:8B:38:12:22:CD:88:D7:6A:8E:93:C4:4B:BA:3C:80:08:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KuHXizgSIs2I12qOk8RLujyACKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:53:26:fc:f1:de:5c:4a:42:27:89:e8:e6:89:8c:ca:57:8d:
         18:c8:9e:20:d4:f2:d4:35:97:38:50:2d:f0:35:bf:e3:33:1b:
         2e:69:da:e2:cd:b0:f5:7b:9c:a8:74:91:9f:bf:ef:4a:da:91:
         3c:ae:b4:e5:70:fe:b9:a6:74:2c:1b:42:2a:28:f1:0e:ae:9c:
         dc:2d:15:83:5a:6d:21:80:d4:1f:6f:66:f0:0d:93:51:f3:b3:
         6e:7c:d6:11:3c:7e:a5:56:00:d8:0e:65:7f:88:b2:16:8b:0c:
         21:eb:17:2e:cf:67:d4:be:e2:79:08:f1:81:31:b5:90:1b:62:
         b3:ec:92:b5:30:ac:17:ac:2c:b7:6b:9e:60:ca:22:47:c5:14:
         68:15:5a:64:17:d2:20:02:91:6a:ab:de:69:ba:8a:26:7d:3c:
         ec:9e:c8:0d:ad:aa:da:0a:12:c2:ff:98:f2:73:86:b0:1e:86:
         85:3c:da:ce:77:59:45:4b:bb:ff:c3:4f:f8:b4:e8:38:95:de:
         5f:f8:0c:57:6f:1f:7f:06:70:2d:f6:46:fc:73:05:3d:4e:c9:
         78:39:b5:5d:d9:f9:02:78:05:a7:64:7f:6b:c5:4e:59:76:24:
         f3:4f:59:25:c6:35:7f:e4:6c:bb:e2:4c:be:36:8b:c7:9c:53:
         57:78:a0:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CkIaLEoWc1bOb9qytFqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZTFkNzhiMzgxMjIyY2Q4OGQ3NmE4ZTkzYzQ0YmJhM2M4
MDA4YTIwHhcNMjYwMzI5MTAwMTA2WhcNMjYwMzMwMTAwMTA2WjAzMTEwLwYDVQQD
EyhlN2E5YWFiMTk2ZTgwYWMzODY3MTBhYThmZjgyYWJiMDJmYzk5YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9Z8zZ6ilCFOY9R//Mh3eZlOEqVc
+dnyPkQ+Ay2GolX+WArG3MVhOu7v0X5Jf1n1gTBcykAj11hknZfZUs0SIQ8nKff8
VjRhBpaEVqN3SaCROtfcuUTzv5ShW0vzuFgrYrX+YUE1BiDnLSmreyAgZ7eBOq/x
kqeqVycsyjn+oWpDGuLVhi5DPDqx2tsw3uBwX3EdkYgR/qJqMFag5HhUrMDs189x
T3Ux3ssHGMsc1rlnjv9FqSDZEMad33AuIOmbuTR0F0+5DAAwrPi84iemXzphS4/k
PWb8zhR/EfG0Rc4C4gcfTQXafIMonFN4DCwsaq0co/zJhQ+QTHB/Up+ARQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOepqrGW6ArDhnEKqP+Cq7AvyZo7MB8GA1UdIwQY
MBaAFCrh14s4EiLNiNdqjpPES7o8gAiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3VIWGl6Z1NJczJJMTJxT2s4Ukx1anlBQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kM2YyZjQtM2Y4ZS00YTczLThjOGMt
ZDdjOGY4ODc1M2Q0LzEvS3VIWGl6Z1NJczJJMTJxT2s4Ukx1anlBQ0tJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kM2YyZjQtM2Y4ZS00YTczLThjOGMtZDdjOGY4ODc1M2Q0
LzEvS3VIWGl6Z1NJczJJMTJxT2s4Ukx1anlBQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1Mm/PHe
XEpCJ4no5omMyleNGMieINTy1DWXOFAt8DW/4zMbLmna4s2w9XucqHSRn7/vStqR
PK605XD+uaZ0LBtCKijxDq6c3C0Vg1ptIYDUH29m8A2TUfOzbnzWETx+pVYA2A5l
f4iyFosMIesXLs9n1L7ieQjxgTG1kBtis+yStTCsF6wst2ueYMoiR8UUaBVaZBfS
IAKRaqveabqKJn087J7IDa2q2goSwv+Y8nOGsB6GhTzazndZRUu7/8NP+LToOJXe
X/gMV28ffwZwLfZG/HMFPU7JeDm1Xdn5AngFp2R/a8VOWXYk809ZJcY1f+Rsu+JM
vjaLx5xTV3igWA==
-----END CERTIFICATE-----