Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
File:                     pnyqBsCo91QBbmFEgLuzh35AiR0.mft (raw, json)
Hash identifier:          8s0i28iHaLLsJTowIvPHtRhVOXnb/a1ZXJxci8nI5+w=
Subject key identifier:   90:A0:B5:11:54:36:E0:10:39:CD:62:CE:94:C8:52:CA:82:12:71:71
Authority key identifier: A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D
Certificate issuer:       /CN=a67caa06c0a8f754016e614480bbb3877e40891d
Certificate serial:       019D3789A91A987DFD37916AB114403EAD59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
Manifest number:          05B8
Signing time:             Sun 29 Mar 2026 03:01:01 +0000
Manifest this update:     Sun 29 Mar 2026 03:01:01 +0000
Manifest next update:     Mon 30 Mar 2026 03:01:01 +0000
Files and hashes:         1: pnyqBsCo91QBbmFEgLuzh35AiR0.crl (hash: 4eEJN59d6rJ7+x8sHvkHGIuVl+rMpf/V/VcVfsAeGlE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:a9:1a:98:7d:fd:37:91:6a:b1:14:40:3e:ad:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a67caa06c0a8f754016e614480bbb3877e40891d
        Validity
            Not Before: Mar 29 03:01:01 2026 GMT
            Not After : Mar 30 03:01:01 2026 GMT
        Subject: CN=90a0b5115436e01039cd62ce94c852ca82127171
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:af:d8:6c:04:9a:e9:7e:b2:d7:13:72:d3:52:
                    e0:d5:6e:b8:4d:c2:55:2b:82:1f:c0:86:5a:84:e3:
                    12:79:5c:33:d0:48:97:b6:7d:00:1b:37:c7:4c:41:
                    19:6d:e4:07:ee:5e:f1:b2:55:77:a3:f2:ba:91:14:
                    8d:3f:45:fa:64:90:1c:b5:7a:57:9d:79:17:4d:11:
                    c0:27:ed:98:de:7a:1b:ba:ab:01:af:93:39:da:b4:
                    d7:93:e9:4a:09:fc:8d:f9:26:e4:91:4f:a9:d8:58:
                    bb:00:a4:7a:76:91:19:06:73:66:0a:03:62:1f:52:
                    75:68:31:54:d6:cd:06:de:56:ef:61:f5:78:ac:db:
                    56:f4:24:8b:3a:bb:da:a4:82:96:e8:3b:2d:bb:af:
                    04:78:c2:c0:92:24:d5:f6:29:fe:d4:a2:82:61:40:
                    7a:99:ab:63:46:03:07:c4:4a:75:13:f6:0f:5c:c2:
                    1f:18:eb:fc:23:a8:4c:29:29:0d:de:5a:1b:f7:aa:
                    9d:f1:92:4b:68:6d:06:d5:74:45:f2:60:80:c4:a6:
                    71:6c:0c:eb:f4:12:a2:e9:40:05:f0:23:73:81:cc:
                    60:70:8a:97:24:ab:05:3d:68:ff:ea:16:2a:5f:fe:
                    8f:ca:51:57:61:ab:ff:b1:d8:0c:6a:9c:35:ae:6a:
                    ea:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:A0:B5:11:54:36:E0:10:39:CD:62:CE:94:C8:52:CA:82:12:71:71
            X509v3 Authority Key Identifier:
                keyid:A6:7C:AA:06:C0:A8:F7:54:01:6E:61:44:80:BB:B3:87:7E:40:89:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnyqBsCo91QBbmFEgLuzh35AiR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e9407e-a58e-4941-8cce-2be501feed3d/1/pnyqBsCo91QBbmFEgLuzh35AiR0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:ea:87:92:0c:e6:6e:1b:47:29:fa:56:89:06:26:b1:19:6b:
         7d:8f:ac:3a:d6:6a:19:52:e3:74:0c:79:29:c2:0b:3d:43:bf:
         d9:f6:02:d8:fe:cc:4b:f7:ac:b6:5a:61:3b:75:1b:2b:1b:b0:
         98:de:49:15:8c:31:0c:c2:1f:a4:af:71:e9:a3:94:3c:42:46:
         bf:3e:44:21:98:68:74:c6:32:4e:ff:b0:10:b8:2b:ff:fd:74:
         88:6c:22:d1:14:88:93:ea:29:c1:ee:f8:e3:8a:a5:e9:46:dc:
         29:d9:6f:29:a8:03:56:d6:4d:ae:2c:ec:95:fd:02:15:7f:6f:
         cc:2b:cb:f0:25:47:c2:32:09:ed:77:b5:3f:f8:78:a5:e7:fd:
         69:b3:e2:b4:b5:bb:13:2f:b2:07:4a:38:4a:23:19:f4:b9:96:
         67:f3:c4:b2:46:bc:5b:c5:c3:07:9e:cb:5a:08:4c:da:50:f0:
         d8:a8:fb:44:d3:bf:2d:4d:4e:2d:d2:b0:e6:a7:0a:d5:df:e5:
         7e:c8:f8:51:23:a9:5a:78:3b:f8:ed:9b:37:f7:15:58:83:02:
         d0:1d:ad:d4:45:bc:52:22:22:95:73:51:b9:af:27:5e:71:62:
         fb:8e:07:cf:1c:56:04:d3:52:86:b2:b9:37:a2:49:8c:61:58:
         30:1f:cc:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iakamH39N5FqsRRAPq1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2N2NhYTA2YzBhOGY3NTQwMTZlNjE0NDgwYmJiMzg3N2U0
MDg5MWQwHhcNMjYwMzI5MDMwMTAxWhcNMjYwMzMwMDMwMTAxWjAzMTEwLwYDVQQD
Eyg5MGEwYjUxMTU0MzZlMDEwMzljZDYyY2U5NGM4NTJjYTgyMTI3MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq/YbASa6X6y1xNy01Lg1W64TcJV
K4IfwIZahOMSeVwz0EiXtn0AGzfHTEEZbeQH7l7xslV3o/K6kRSNP0X6ZJActXpX
nXkXTRHAJ+2Y3nobuqsBr5M52rTXk+lKCfyN+SbkkU+p2Fi7AKR6dpEZBnNmCgNi
H1J1aDFU1s0G3lbvYfV4rNtW9CSLOrvapIKW6Dstu68EeMLAkiTV9in+1KKCYUB6
matjRgMHxEp1E/YPXMIfGOv8I6hMKSkN3lob96qd8ZJLaG0G1XRF8mCAxKZxbAzr
9BKi6UAF8CNzgcxgcIqXJKsFPWj/6hYqX/6PylFXYav/sdgMapw1rmrqNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCgtRFUNuAQOc1izpTIUsqCEnFxMB8GA1UdIwQY
MBaAFKZ8qgbAqPdUAW5hRIC7s4d+QIkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2Ut
MmJlNTAxZmVlZDNkLzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lOTQwN2UtYTU4ZS00OTQxLThjY2UtMmJlNTAxZmVlZDNk
LzEvcG55cUJzQ285MVFCYm1GRWdMdXpoMzVBaVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAuqHkgzm
bhtHKfpWiQYmsRlrfY+sOtZqGVLjdAx5KcILPUO/2fYC2P7MS/estlphO3UbKxuw
mN5JFYwxDMIfpK9x6aOUPEJGvz5EIZhodMYyTv+wELgr//10iGwi0RSIk+opwe74
44ql6UbcKdlvKagDVtZNrizslf0CFX9vzCvL8CVHwjIJ7Xe1P/h4pef9abPitLW7
Ey+yB0o4SiMZ9LmWZ/PEska8W8XDB57LWghM2lDw2Kj7RNO/LU1OLdKw5qcK1d/l
fsj4USOpWng7+O2bN/cVWIMC0B2t1EW8UiIilXNRua8nXnFi+44HzxxWBNNShrK5
N6JJjGFYMB/MkA==
-----END CERTIFICATE-----