Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
File:                     cfxj7vZnTya1A6gwpd-pU9L_qr4.mft (raw, json)
Hash identifier:          OoUo0hPXRjSpF8ogBnmGJLot8miFDCu59yfee79jidI=
Subject key identifier:   91:0E:EE:DB:DA:17:6C:B5:69:CE:05:81:F6:C0:E5:00:42:92:A0:82
Authority key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE
Certificate issuer:       /CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
Certificate serial:       019D3A8ABF710A00F999A0FF5DD5CCA47B74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
Manifest number:          16F8
Signing time:             Sun 29 Mar 2026 17:01:04 +0000
Manifest this update:     Sun 29 Mar 2026 17:01:04 +0000
Manifest next update:     Mon 30 Mar 2026 17:01:04 +0000
Files and hashes:         1: cfxj7vZnTya1A6gwpd-pU9L_qr4.crl (hash: bAs8nM9gfP77184RSxQMndie/OtGUH3fZY7CkrSYwwE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:8a:bf:71:0a:00:f9:99:a0:ff:5d:d5:cc:a4:7b:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe
        Validity
            Not Before: Mar 29 17:01:04 2026 GMT
            Not After : Mar 30 17:01:04 2026 GMT
        Subject: CN=910eeedbda176cb569ce0581f6c0e5004292a082
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:83:2c:3d:bb:e9:7f:07:06:11:ca:70:fc:d1:
                    8d:c4:2d:5a:38:67:b6:67:ce:75:e4:71:b3:17:df:
                    52:97:5e:a3:24:a4:66:61:65:94:9c:7c:fc:41:8f:
                    82:bf:8f:3a:0f:ee:b0:a1:1b:99:04:01:76:55:8d:
                    2a:02:cd:48:a8:fd:dc:7c:43:62:a3:d4:9e:50:98:
                    ee:d5:1a:b4:46:03:e5:c4:ee:21:ef:e4:f9:65:cf:
                    5a:14:62:8b:cc:6d:6a:ef:d4:e1:1a:c0:31:40:7e:
                    ac:09:03:77:54:90:c3:bf:98:fc:b7:31:31:ae:13:
                    19:1c:03:62:a7:d6:48:f8:43:0f:7b:19:95:e9:df:
                    da:dd:a7:83:9a:06:78:01:78:b4:02:7f:5e:54:d0:
                    39:f6:f1:f8:f9:be:df:ec:bf:7d:f9:85:06:20:ee:
                    8f:13:73:9f:5a:cd:85:8c:c2:1c:59:cd:7b:84:5b:
                    88:ca:13:55:88:08:a4:b0:f0:06:6e:6b:26:a9:5b:
                    66:86:72:d2:21:bc:84:75:5b:bb:cd:e0:bc:13:9c:
                    4c:5e:23:e5:f8:4e:cb:83:3a:44:b5:9e:9c:b8:36:
                    01:4a:05:57:66:6e:20:06:18:68:79:fc:14:4b:ab:
                    5b:3d:17:f6:49:30:f2:16:9e:b0:43:36:c3:6e:b0:
                    b6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:0E:EE:DB:DA:17:6C:B5:69:CE:05:81:F6:C0:E5:00:42:92:A0:82
            X509v3 Authority Key Identifier:
                keyid:71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:50:a1:0f:34:34:0e:7f:dd:65:88:25:b6:aa:85:2e:bd:af:
         b7:90:39:4f:d1:fe:49:6b:93:18:88:79:63:c5:4d:26:b9:d4:
         a4:da:dd:cc:78:d5:be:dd:91:92:16:12:31:ee:56:59:88:6f:
         fc:d7:02:d8:f6:ef:fc:ef:c4:c3:42:c5:47:a7:c9:ed:df:a2:
         ef:a0:e1:b1:36:3b:d2:70:2f:30:cd:d0:0c:9f:fc:8d:95:e0:
         6f:c8:6b:b4:7b:d9:eb:06:fd:e7:8b:c5:72:6e:4d:92:aa:3b:
         da:60:7d:47:73:0f:55:42:2f:2a:86:2a:89:f9:e6:35:c2:f0:
         ba:ab:4c:f2:7f:81:70:e1:b7:56:1c:37:b6:c5:75:eb:67:82:
         57:a3:74:e6:5c:a5:46:92:33:f6:c5:c9:61:28:67:1e:b8:d5:
         2c:25:86:15:09:6d:8d:5d:9c:58:b9:d0:3d:a8:b4:7a:46:b0:
         ac:40:c0:76:62:30:3c:b8:64:81:3e:62:31:76:3c:24:1a:f9:
         76:e3:ce:cc:46:e0:d0:ac:6a:20:80:66:63:d1:88:01:2a:bd:
         18:f2:28:b0:a2:6c:91:ba:bc:2a:8b:57:59:4c:de:34:72:ae:
         0c:06:d2:bc:d9:0a:0f:d8:c3:39:4c:b4:18:49:eb:47:3d:d7:
         34:8e:44:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06ir9xCgD5maD/XdXMpHt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZmM2M2VlZjY2NzRmMjZiNTAzYTgzMGE1ZGZhOTUzZDJm
ZmFhYmUwHhcNMjYwMzI5MTcwMTA0WhcNMjYwMzMwMTcwMTA0WjAzMTEwLwYDVQQD
Eyg5MTBlZWVkYmRhMTc2Y2I1NjljZTA1ODFmNmMwZTUwMDQyOTJhMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoMsPbvpfwcGEcpw/NGNxC1aOGe2
Z8515HGzF99Sl16jJKRmYWWUnHz8QY+Cv486D+6woRuZBAF2VY0qAs1IqP3cfENi
o9SeUJju1Rq0RgPlxO4h7+T5Zc9aFGKLzG1q79ThGsAxQH6sCQN3VJDDv5j8tzEx
rhMZHANip9ZI+EMPexmV6d/a3aeDmgZ4AXi0An9eVNA59vH4+b7f7L99+YUGIO6P
E3OfWs2FjMIcWc17hFuIyhNViAiksPAGbmsmqVtmhnLSIbyEdVu7zeC8E5xMXiPl
+E7LgzpEtZ6cuDYBSgVXZm4gBhhoefwUS6tbPRf2STDyFp6wQzbDbrC2qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJEO7tvaF2y1ac4FgfbA5QBCkqCCMB8GA1UdIwQY
MBaAFHH8Y+72Z08mtQOoMKXfqVPS/6q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTct
ZDQxODI0OGU1NzI4LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTctZDQxODI0OGU1NzI4
LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVChDzQ0
Dn/dZYgltqqFLr2vt5A5T9H+SWuTGIh5Y8VNJrnUpNrdzHjVvt2RkhYSMe5WWYhv
/NcC2Pbv/O/Ew0LFR6fJ7d+i76DhsTY70nAvMM3QDJ/8jZXgb8hrtHvZ6wb954vF
cm5Nkqo72mB9R3MPVUIvKoYqifnmNcLwuqtM8n+BcOG3Vhw3tsV162eCV6N05lyl
RpIz9sXJYShnHrjVLCWGFQltjV2cWLnQPai0ekawrEDAdmIwPLhkgT5iMXY8JBr5
duPOzEbg0KxqIIBmY9GIASq9GPIosKJskbq8KotXWUzeNHKuDAbSvNkKD9jDOUy0
GEnrRz3XNI5EQg==
-----END CERTIFICATE-----