Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          AhlfhgxFSlDc6R7Mf98HYaqNTYhtpaNFgBtGxMOhI3w=
Subject key identifier:   C6:AD:A0:06:D2:0D:06:05:3E:D3:6B:E2:44:CD:B9:2F:A1:EC:FF:DC
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       019D3A5367CCA0B87BDD6D647381410C626A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          140D
Signing time:             Sun 29 Mar 2026 16:00:37 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:37 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:37 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: TkIuWiPBl5vt6FRpeV0f+54sT0hUWLn026CKaU2Hb00=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:67:cc:a0:b8:7b:dd:6d:64:73:81:41:0c:62:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: Mar 29 16:00:37 2026 GMT
            Not After : Mar 30 16:00:37 2026 GMT
        Subject: CN=c6ada006d20d06053ed36be244cdb92fa1ecffdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:03:17:ab:ef:1a:0a:29:83:42:3f:dd:33:47:
                    d7:e4:1a:1d:66:78:af:75:db:b1:07:18:54:6c:fe:
                    03:b7:b3:a2:52:0a:5c:c0:e8:4a:b0:09:3c:6b:9e:
                    ce:45:a7:0a:7a:c3:1e:7a:c9:e2:b5:32:9c:85:4a:
                    c4:41:71:48:a5:7b:a6:b2:c5:07:24:b9:61:45:2f:
                    2f:bb:35:b1:ad:14:ca:40:16:dd:f7:77:75:c0:33:
                    1a:ff:91:32:fb:7f:04:f7:c9:fb:44:0f:7a:b2:e1:
                    0c:7f:5a:45:8e:ea:dc:87:ee:69:e5:54:86:59:a3:
                    35:20:d6:d8:68:bd:69:bb:5f:28:92:fc:b0:f4:23:
                    70:89:31:66:fb:c9:3a:e7:26:81:ec:94:c4:ce:82:
                    60:6c:7d:5e:11:9c:ec:17:ff:ff:61:c6:99:e4:93:
                    69:79:ed:b1:d3:64:4c:87:5e:33:0d:ba:20:21:0d:
                    58:62:42:ba:4f:d5:69:c6:3f:51:bb:14:07:c8:1a:
                    10:2c:81:00:9b:18:c7:4a:88:6a:51:9e:0c:20:1a:
                    1e:0f:a3:9f:78:d9:ff:61:39:1f:47:7e:a0:11:6c:
                    9d:3b:a6:5d:24:18:b8:ea:c3:59:16:60:a1:01:c2:
                    af:be:77:55:82:6a:7f:d9:df:0f:19:a8:64:e3:ff:
                    09:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:AD:A0:06:D2:0D:06:05:3E:D3:6B:E2:44:CD:B9:2F:A1:EC:FF:DC
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:66:9c:0c:7b:db:8b:38:a8:b1:3c:44:d0:a1:c0:8e:a4:58:
         4a:b1:31:ae:64:67:e8:32:a9:d9:81:b9:24:de:4a:2c:84:5a:
         7b:01:c6:c1:9f:32:02:f8:d8:1b:bc:e0:e7:60:4d:d4:6d:b1:
         3b:e2:8f:c5:3c:8b:eb:ff:36:06:72:0e:6b:3f:9e:4e:25:b1:
         4f:0a:4f:6b:f9:5f:6c:f6:e8:8f:8d:cf:54:2d:44:68:f9:3c:
         dd:eb:bc:dc:c9:aa:4e:aa:14:9b:e3:02:f9:6a:38:8f:06:3f:
         d1:b2:4c:28:82:01:8b:4b:41:de:4a:c7:69:9e:f8:e7:67:5b:
         a8:8d:37:1f:e6:9b:28:6b:c9:c8:1f:b3:b6:59:82:6c:cd:4b:
         ff:0b:f2:63:af:d6:1d:93:45:f2:76:61:92:0e:2d:af:3c:af:
         3b:1a:bd:b2:cb:ab:63:ed:9c:62:b5:36:ed:bc:4b:3a:7e:78:
         3f:23:2f:2b:dc:c2:67:2b:b7:91:14:23:e2:5f:f1:5f:6c:b9:
         06:98:1c:b3:21:3b:46:5b:fe:c3:d0:1e:a3:3c:bf:be:bd:52:
         20:81:8c:df:37:f5:ab:3c:46:e3:91:fc:ed:53:ef:a4:9e:cb:
         07:fb:6a:30:c8:e1:f6:1f:d1:ad:2b:b4:e6:08:c0:31:1e:4f:
         87:44:83:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U2fMoLh73W1kc4FBDGJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjYwMzI5MTYwMDM3WhcNMjYwMzMwMTYwMDM3WjAzMTEwLwYDVQQD
EyhjNmFkYTAwNmQyMGQwNjA1M2VkMzZiZTI0NGNkYjkyZmExZWNmZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgMXq+8aCimDQj/dM0fX5BodZniv
dduxBxhUbP4Dt7OiUgpcwOhKsAk8a57ORacKesMeesnitTKchUrEQXFIpXumssUH
JLlhRS8vuzWxrRTKQBbd93d1wDMa/5Ey+38E98n7RA96suEMf1pFjurch+5p5VSG
WaM1INbYaL1pu18okvyw9CNwiTFm+8k65yaB7JTEzoJgbH1eEZzsF///YcaZ5JNp
ee2x02RMh14zDbogIQ1YYkK6T9Vpxj9RuxQHyBoQLIEAmxjHSohqUZ4MIBoeD6Of
eNn/YTkfR36gEWydO6ZdJBi46sNZFmChAcKvvndVgmp/2d8PGahk4/8JjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMatoAbSDQYFPtNr4kTNuS+h7P/cMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnmacDHvb
iziosTxE0KHAjqRYSrExrmRn6DKp2YG5JN5KLIRaewHGwZ8yAvjYG7zg52BN1G2x
O+KPxTyL6/82BnIOaz+eTiWxTwpPa/lfbPboj43PVC1EaPk83eu83MmqTqoUm+MC
+Wo4jwY/0bJMKIIBi0tB3krHaZ7452dbqI03H+abKGvJyB+ztlmCbM1L/wvyY6/W
HZNF8nZhkg4trzyvOxq9ssurY+2cYrU27bxLOn54PyMvK9zCZyu3kRQj4l/xX2y5
BpgcsyE7Rlv+w9Aeozy/vr1SIIGM3zf1qzxG45H87VPvpJ7LB/tqMMjh9h/RrSu0
5gjAMR5Ph0SDFw==
-----END CERTIFICATE-----