Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
File:                     0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft (raw, json)
Hash identifier:          HRhJRzsk2qQXLMHHWqofAG56muyxMbMcO8HrOCaeRBo=
Subject key identifier:   ED:A2:20:F4:C5:D1:3B:E4:24:B6:0E:FF:3D:77:0A:5D:CB:BC:71:54
Authority key identifier: D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0
Certificate issuer:       /CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
Certificate serial:       019D38D38967964ABF1B1029C46E426FE18A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
Manifest number:          0F39
Signing time:             Sun 29 Mar 2026 09:01:20 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:20 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:20 +0000
Files and hashes:         1: 0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl (hash: d+wJGRcDpwpQIOA3TV8kMAEJzbdBCNpUqzXrXDL7Whg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:89:67:96:4a:bf:1b:10:29:c4:6e:42:6f:e1:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1db4a7d1e6abffbcda78bfc331250dd16be3de0
        Validity
            Not Before: Mar 29 09:01:20 2026 GMT
            Not After : Mar 30 09:01:20 2026 GMT
        Subject: CN=eda220f4c5d13be424b60eff3d770a5dcbbc7154
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b6:99:ee:8f:17:b1:29:57:26:e2:4e:ac:cd:
                    a0:fd:60:2e:55:1f:79:05:7a:eb:61:11:af:f7:72:
                    85:55:5d:bd:47:65:f4:99:c4:25:ac:b1:ee:41:63:
                    7c:89:1f:b2:d4:fa:c9:d7:91:2e:67:28:82:62:a2:
                    90:b0:38:3c:07:d6:4d:91:6f:ea:04:51:c7:b9:93:
                    c1:85:a4:92:67:d8:0f:26:0e:2d:26:c6:c1:75:83:
                    c4:d1:41:6a:70:80:04:9a:c9:ac:e0:e1:30:d2:cb:
                    83:97:99:db:68:c9:be:1e:bc:f4:4f:05:bb:dd:09:
                    86:ef:06:e8:40:a4:be:1d:ae:e9:6d:a3:fb:94:d7:
                    71:28:14:b4:8e:6c:54:92:66:15:75:e0:33:79:c1:
                    28:a4:f8:38:6e:74:df:ac:b9:e0:5a:32:97:51:1c:
                    2c:35:d9:d7:61:fd:2a:c0:0a:84:5c:19:9e:cc:2f:
                    d1:6a:e5:4a:98:07:db:1d:d7:b1:ae:a1:e1:e8:2d:
                    b0:50:00:42:60:5b:1f:2d:43:e7:03:1a:a0:f7:b4:
                    0b:ca:78:57:24:92:c0:77:fd:7d:e9:e6:b6:3d:40:
                    28:82:a3:13:28:da:0b:1e:50:ef:72:64:12:a6:7a:
                    89:94:ff:af:6e:91:8a:8e:33:b4:7f:72:98:c9:6b:
                    81:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:A2:20:F4:C5:D1:3B:E4:24:B6:0E:FF:3D:77:0A:5D:CB:BC:71:54
            X509v3 Authority Key Identifier:
                keyid:D1:DB:4A:7D:1E:6A:BF:FB:CD:A7:8B:FC:33:12:50:DD:16:BE:3D:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/15ad08-0fd0-4000-9662-cc78af4e8016/1/0dtKfR5qv_vNp4v8MxJQ3Ra-PeA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:1b:2b:1d:e7:95:50:0d:70:16:1b:bb:30:f3:33:c2:71:5e:
         cc:34:8a:58:64:c4:5d:81:2f:61:f1:c5:5c:32:98:25:89:bd:
         35:8e:87:e3:bb:49:91:95:5c:36:82:a6:f4:a7:b0:ac:7f:e1:
         41:48:3e:7b:4c:a3:ac:a4:02:3e:d7:3d:5d:42:fa:41:a5:88:
         b0:d2:40:54:fa:57:15:21:47:a8:4c:85:29:19:a9:4e:a4:74:
         2d:99:6a:1a:44:64:67:da:12:b8:3a:04:5c:b4:6d:25:f9:3f:
         12:c4:fc:79:f9:48:b9:46:a1:21:f0:71:86:a1:5b:bf:82:dc:
         b4:34:e4:51:1e:59:5c:4e:0f:73:4b:03:61:ff:9e:06:94:53:
         e6:37:6a:e1:24:21:74:1a:84:c4:c3:c2:23:25:f8:c9:5f:79:
         12:a6:41:98:ea:7e:48:f6:7c:86:78:9f:6a:75:98:92:cc:7c:
         8b:e3:4c:45:88:53:ce:9d:3b:e0:66:d0:6e:33:60:02:b2:2a:
         90:89:c2:b8:a2:a5:c4:32:23:08:2e:93:4f:98:2b:8f:7b:56:
         c5:2b:ad:53:14:30:71:84:5e:02:9b:1e:1a:35:12:13:e2:9e:
         16:eb:7c:35:19:cc:ce:63:76:1a:07:74:2b:01:4d:a4:b2:e7:
         9d:ed:4c:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0404lnlkq/GxApxG5Cb+GKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGI0YTdkMWU2YWJmZmJjZGE3OGJmYzMzMTI1MGRkMTZi
ZTNkZTAwHhcNMjYwMzI5MDkwMTIwWhcNMjYwMzMwMDkwMTIwWjAzMTEwLwYDVQQD
EyhlZGEyMjBmNGM1ZDEzYmU0MjRiNjBlZmYzZDc3MGE1ZGNiYmM3MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuraZ7o8XsSlXJuJOrM2g/WAuVR95
BXrrYRGv93KFVV29R2X0mcQlrLHuQWN8iR+y1PrJ15EuZyiCYqKQsDg8B9ZNkW/q
BFHHuZPBhaSSZ9gPJg4tJsbBdYPE0UFqcIAEmsms4OEw0suDl5nbaMm+Hrz0TwW7
3QmG7wboQKS+Ha7pbaP7lNdxKBS0jmxUkmYVdeAzecEopPg4bnTfrLngWjKXURws
NdnXYf0qwAqEXBmezC/RauVKmAfbHdexrqHh6C2wUABCYFsfLUPnAxqg97QLynhX
JJLAd/196ea2PUAogqMTKNoLHlDvcmQSpnqJlP+vbpGKjjO0f3KYyWuBzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO2iIPTF0TvkJLYO/z13Cl3LvHFUMB8GA1UdIwQY
MBaAFNHbSn0ear/7zaeL/DMSUN0Wvj3gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjIt
Y2M3OGFmNGU4MDE2LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xNWFkMDgtMGZkMC00MDAwLTk2NjItY2M3OGFmNGU4MDE2
LzEvMGR0S2ZSNXF2X3ZOcDR2OE14SlEzUmEtUGVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBsrHeeV
UA1wFhu7MPMzwnFezDSKWGTEXYEvYfHFXDKYJYm9NY6H47tJkZVcNoKm9KewrH/h
QUg+e0yjrKQCPtc9XUL6QaWIsNJAVPpXFSFHqEyFKRmpTqR0LZlqGkRkZ9oSuDoE
XLRtJfk/EsT8eflIuUahIfBxhqFbv4LctDTkUR5ZXE4Pc0sDYf+eBpRT5jdq4SQh
dBqExMPCIyX4yV95EqZBmOp+SPZ8hnifanWYksx8i+NMRYhTzp074GbQbjNgArIq
kInCuKKlxDIjCC6TT5grj3tWxSutUxQwcYReApseGjUSE+KeFut8NRnMzmN2Ggd0
KwFNpLLnne1MTw==
-----END CERTIFICATE-----