Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
File:                     kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json)
Hash identifier:          I9zFe4cs+C2fHfHQYAicb0qphvIf+vC3Xz0mZPibcQ0=
Subject key identifier:   E2:0B:20:46:51:B4:F8:6C:31:0A:37:D6:A3:5A:BA:A0:FF:F8:79:D7
Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D
Certificate issuer:       /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
Certificate serial:       019D386616F36C5C7B32247748CC80812DB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
Manifest number:          0306
Signing time:             Sun 29 Mar 2026 07:01:47 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:47 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:47 +0000
Files and hashes:         1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: 41KdvMs+F6Jb9PC3oBHRTjha+L2RCz3VbWESXjkuKoY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:16:f3:6c:5c:7b:32:24:77:48:cc:80:81:2d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
        Validity
            Not Before: Mar 29 07:01:47 2026 GMT
            Not After : Mar 30 07:01:47 2026 GMT
        Subject: CN=e20b204651b4f86c310a37d6a35abaa0fff879d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:52:e4:38:1e:43:5c:d0:cc:5e:c8:ff:94:b6:
                    9d:15:b5:d9:7d:c9:bc:61:90:b6:69:b0:c3:65:a2:
                    39:ce:3f:6f:00:92:75:2b:d1:27:38:d9:9f:49:da:
                    df:02:05:8f:79:bc:70:ad:43:27:6c:38:7f:1f:be:
                    96:cc:f0:42:2b:24:f6:29:c1:c1:f4:2f:79:b9:16:
                    01:99:36:8a:25:26:65:a6:67:81:72:bc:21:e4:b2:
                    ba:86:7d:55:d5:b0:36:b2:85:50:24:5b:eb:93:ee:
                    15:94:61:f2:36:ef:3a:35:6f:6b:4a:cf:80:d2:99:
                    2c:39:43:fc:d8:bd:3a:d4:22:41:24:7f:89:27:93:
                    52:42:a5:20:75:3d:2d:ce:7c:f7:26:e2:2b:ee:58:
                    78:d6:a8:1f:fd:7c:f2:75:80:e6:63:0a:a0:f6:22:
                    f1:d6:3c:1f:b5:3c:88:60:83:ea:2a:29:4f:ea:fb:
                    bb:6f:d1:02:85:94:2d:35:f4:23:78:f0:78:63:0b:
                    bc:0f:8f:e3:3a:40:47:72:9c:1f:7e:04:b1:c9:61:
                    b2:b9:96:11:e6:ab:a5:d9:74:98:41:71:13:f9:cd:
                    42:89:07:a9:f7:0d:19:82:7c:a4:4e:88:b7:8f:26:
                    a0:c3:6e:f5:d0:fc:79:f6:d2:98:4f:a4:5c:57:da:
                    8b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:0B:20:46:51:B4:F8:6C:31:0A:37:D6:A3:5A:BA:A0:FF:F8:79:D7
            X509v3 Authority Key Identifier:
                keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:46:48:41:33:12:7d:d7:2f:a8:01:d6:dc:1e:d1:8d:01:71:
         57:16:db:c4:13:76:08:ef:85:b9:6b:86:42:b7:d6:15:1f:f2:
         c0:6d:3f:6b:5f:af:0c:4b:01:79:91:9a:16:96:39:3f:5e:64:
         b5:05:00:e9:9c:3a:c8:4f:fb:19:83:08:97:6a:93:e9:2e:18:
         c4:6c:33:0e:41:a9:5d:ce:14:20:fd:80:1a:3a:5b:c4:1b:45:
         66:d0:99:96:69:53:68:6b:81:43:14:8e:da:83:5f:74:20:8b:
         31:f9:23:eb:09:ef:a4:de:9f:d7:ff:24:d7:0d:38:c9:79:e3:
         5a:42:cc:da:92:0e:48:a8:f6:d8:4c:1a:0f:bb:22:20:1e:6f:
         43:d9:d8:4f:46:80:cc:69:85:f3:ea:15:b8:cd:ee:c7:61:13:
         5d:5e:ba:c1:f1:3d:0a:48:b8:0f:f7:2a:af:db:08:0d:1a:d5:
         d3:5b:c8:83:f1:dd:66:a3:63:1c:c5:77:86:86:7a:2e:7c:bf:
         66:92:7a:d9:aa:65:09:6d:77:7a:e5:81:df:1f:b4:2c:3b:cf:
         3c:49:8b:77:3c:2f:85:73:25:a5:76:b3:7c:63:3b:93:e4:24:
         b3:20:9b:a1:5e:01:9a:56:a1:b0:bf:c6:d4:b5:c6:94:f2:2c:
         09:9d:ab:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhbzbFx7MiR3SMyAgS24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0
MjJiN2QwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
EyhlMjBiMjA0NjUxYjRmODZjMzEwYTM3ZDZhMzVhYmFhMGZmZjg3OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslLkOB5DXNDMXsj/lLadFbXZfcm8
YZC2abDDZaI5zj9vAJJ1K9EnONmfSdrfAgWPebxwrUMnbDh/H76WzPBCKyT2KcHB
9C95uRYBmTaKJSZlpmeBcrwh5LK6hn1V1bA2soVQJFvrk+4VlGHyNu86NW9rSs+A
0pksOUP82L061CJBJH+JJ5NSQqUgdT0tznz3JuIr7lh41qgf/XzydYDmYwqg9iLx
1jwftTyIYIPqKilP6vu7b9EChZQtNfQjePB4Ywu8D4/jOkBHcpwffgSxyWGyuZYR
5qul2XSYQXET+c1CiQep9w0ZgnykToi3jyagw2710Px59tKYT6RcV9qLDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOILIEZRtPhsMQo31qNauqD/+HnXMB8GA1UdIwQY
MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt
YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz
LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAikZIQTMS
fdcvqAHW3B7RjQFxVxbbxBN2CO+FuWuGQrfWFR/ywG0/a1+vDEsBeZGaFpY5P15k
tQUA6Zw6yE/7GYMIl2qT6S4YxGwzDkGpXc4UIP2AGjpbxBtFZtCZlmlTaGuBQxSO
2oNfdCCLMfkj6wnvpN6f1/8k1w04yXnjWkLM2pIOSKj22EwaD7siIB5vQ9nYT0aA
zGmF8+oVuM3ux2ETXV66wfE9Cki4D/cqr9sIDRrV01vIg/HdZqNjHMV3hoZ6Lny/
ZpJ62aplCW13euWB3x+0LDvPPEmLdzwvhXMlpXazfGM7k+QksyCboV4BmlahsL/G
1LXGlPIsCZ2rMw==
-----END CERTIFICATE-----