Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
File:                     lPO2Epw0Od376Q21BkyAZt6GSnI.mft (raw, json)
Hash identifier:          aD+tb3WL4Ypynv3XobTW1wSTDhYusAihYnnnav47X+Q=
Subject key identifier:   75:AB:ED:31:1D:2A:EC:C9:51:DD:6A:3B:60:CF:B3:A1:AA:FA:54:0C
Authority key identifier: 94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72
Certificate issuer:       /CN=94f3b6129c3439ddfbe90db5064c8066de864a72
Certificate serial:       019D38D373E58D04A92C4C8FAA276F55F85D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
Manifest number:          07A3
Signing time:             Sun 29 Mar 2026 09:01:14 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:14 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:14 +0000
Files and hashes:         1: lPO2Epw0Od376Q21BkyAZt6GSnI.crl (hash: NUpKU1RW3QJi8fVxxNew9g5BW4T8BTdPR7QXqiRDnX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:73:e5:8d:04:a9:2c:4c:8f:aa:27:6f:55:f8:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94f3b6129c3439ddfbe90db5064c8066de864a72
        Validity
            Not Before: Mar 29 09:01:14 2026 GMT
            Not After : Mar 30 09:01:14 2026 GMT
        Subject: CN=75abed311d2aecc951dd6a3b60cfb3a1aafa540c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:b5:fd:58:f7:c3:7c:2c:a4:7d:82:20:18:39:
                    00:b7:ce:1b:55:65:67:0a:81:ef:20:a7:c5:86:6d:
                    34:e8:7a:26:32:ba:ca:dc:df:62:b1:2e:63:de:09:
                    fa:cd:03:e7:fd:73:3b:33:ab:24:e2:d8:78:4c:26:
                    90:58:c9:1f:8e:8d:6e:92:39:52:ab:dc:71:fc:e0:
                    9f:81:c7:63:98:4d:e2:23:a1:ef:95:f4:59:49:e1:
                    88:22:e4:70:d4:1f:dd:0f:71:a2:f1:13:6b:90:10:
                    e2:79:17:0c:b0:6d:cb:90:63:da:c5:fe:8f:b0:cd:
                    b8:ca:d9:9b:b6:b4:2a:97:40:7c:c8:fb:ea:97:cc:
                    66:54:1c:c4:7b:b7:c5:a2:66:d7:f9:a1:c0:59:55:
                    7d:3f:7e:83:8c:4b:f2:7e:0f:e6:ee:89:34:86:58:
                    0e:cd:60:d8:39:6a:d6:ff:82:d1:ed:23:1b:12:41:
                    f0:5a:c7:7d:22:b4:6b:c8:28:24:83:57:d2:0f:7e:
                    74:04:5d:66:a4:9b:7e:53:7b:7f:2f:0c:eb:1c:43:
                    e3:cd:82:22:6e:34:1a:7e:2c:54:bf:b6:0c:51:c6:
                    7f:f4:25:67:2a:f7:3e:98:41:22:54:1e:67:c3:d9:
                    c1:e0:17:53:d1:4a:db:2a:bd:88:b7:63:9e:85:b7:
                    9c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:AB:ED:31:1D:2A:EC:C9:51:DD:6A:3B:60:CF:B3:A1:AA:FA:54:0C
            X509v3 Authority Key Identifier:
                keyid:94:F3:B6:12:9C:34:39:DD:FB:E9:0D:B5:06:4C:80:66:DE:86:4A:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPO2Epw0Od376Q21BkyAZt6GSnI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/d43572-ad91-44ad-afa1-b3382e4aa7c3/1/lPO2Epw0Od376Q21BkyAZt6GSnI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:05:0b:82:9b:08:8d:ee:fa:52:5c:37:80:3a:58:65:39:a9:
         d2:99:92:02:94:eb:dc:30:fe:ee:65:53:43:22:e5:19:a0:30:
         cf:21:ee:a9:9c:48:62:02:b3:58:d0:83:7b:23:0a:77:35:bf:
         4f:72:0a:0d:88:f2:65:67:33:49:9d:f7:1e:93:e0:04:69:15:
         60:9d:14:01:18:34:ad:f8:08:e3:35:cd:da:35:7e:70:19:50:
         66:cc:a6:97:f4:5c:bb:19:fb:24:ad:5a:bc:65:ab:4f:51:78:
         6f:4d:61:97:d5:d4:bd:cb:96:1c:ad:ef:ea:a3:e5:27:cf:f0:
         d5:06:d6:ff:a6:af:3c:7a:10:6e:b6:b4:df:15:31:2c:7a:3b:
         18:2f:8d:c3:f8:b9:a1:b2:05:50:b0:8b:47:9e:29:69:38:87:
         44:2c:c8:3d:f3:fc:cc:43:3b:a5:1d:bb:c7:51:6d:19:7a:17:
         1c:50:f6:88:f8:75:60:9e:90:61:45:68:b1:0c:56:a9:f8:9e:
         0c:7e:d6:72:03:81:d9:b3:87:df:f1:3d:39:59:e5:b6:6c:3e:
         9b:03:92:3a:45:b7:d8:83:9c:18:89:44:26:5f:64:3b:f8:d9:
         7e:49:f4:c1:60:c8:ab:ab:1f:fc:2c:81:b6:b9:82:7d:9b:a6:
         09:20:b9:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0403PljQSpLEyPqidvVfhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjNiNjEyOWMzNDM5ZGRmYmU5MGRiNTA2NGM4MDY2ZGU4
NjRhNzIwHhcNMjYwMzI5MDkwMTE0WhcNMjYwMzMwMDkwMTE0WjAzMTEwLwYDVQQD
Eyg3NWFiZWQzMTFkMmFlY2M5NTFkZDZhM2I2MGNmYjNhMWFhZmE1NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3rX9WPfDfCykfYIgGDkAt84bVWVn
CoHvIKfFhm006HomMrrK3N9isS5j3gn6zQPn/XM7M6sk4th4TCaQWMkfjo1ukjlS
q9xx/OCfgcdjmE3iI6HvlfRZSeGIIuRw1B/dD3Gi8RNrkBDieRcMsG3LkGPaxf6P
sM24ytmbtrQql0B8yPvql8xmVBzEe7fFombX+aHAWVV9P36DjEvyfg/m7ok0hlgO
zWDYOWrW/4LR7SMbEkHwWsd9IrRryCgkg1fSD350BF1mpJt+U3t/LwzrHEPjzYIi
bjQafixUv7YMUcZ/9CVnKvc+mEEiVB5nw9nB4BdT0UrbKr2It2Oehbec6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHWr7TEdKuzJUd1qO2DPs6Gq+lQMMB8GA1UdIwQY
MBaAFJTzthKcNDnd++kNtQZMgGbehkpyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEt
YjMzODJlNGFhN2MzLzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kNDM1NzItYWQ5MS00NGFkLWFmYTEtYjMzODJlNGFhN2Mz
LzEvbFBPMkVwdzBPZDM3NlEyMUJreUFadDZHU25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhwULgpsI
je76Ulw3gDpYZTmp0pmSApTr3DD+7mVTQyLlGaAwzyHuqZxIYgKzWNCDeyMKdzW/
T3IKDYjyZWczSZ33HpPgBGkVYJ0UARg0rfgI4zXN2jV+cBlQZsyml/Rcuxn7JK1a
vGWrT1F4b01hl9XUvcuWHK3v6qPlJ8/w1QbW/6avPHoQbra03xUxLHo7GC+Nw/i5
obIFULCLR54paTiHRCzIPfP8zEM7pR27x1FtGXoXHFD2iPh1YJ6QYUVosQxWqfie
DH7WcgOB2bOH3/E9OVnltmw+mwOSOkW32IOcGIlEJl9kO/jZfkn0wWDIq6sf/CyB
trmCfZumCSC5JA==
-----END CERTIFICATE-----