Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
File:                     7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json)
Hash identifier:          /SsZpCilQS1uxM+MlEFX3QsiP0kBAEsU1+ukPF8w+uo=
Subject key identifier:   38:5B:A9:AF:84:10:9D:16:1C:2B:6C:D9:BB:37:50:D6:7B:0C:2A:BC
Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48
Certificate issuer:       /CN=ecf5d512f91044b786a15589a624a8d8cb929e48
Certificate serial:       019D38657673BF37021DEDADB2949783750B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
Manifest number:          1541
Signing time:             Sun 29 Mar 2026 07:01:06 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:06 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:06 +0000
Files and hashes:         1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: FCWKDVnVUKBRLji2leoG6yYLL5vfCeWaj0pGgoWP7EE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:76:73:bf:37:02:1d:ed:ad:b2:94:97:83:75:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48
        Validity
            Not Before: Mar 29 07:01:06 2026 GMT
            Not After : Mar 30 07:01:06 2026 GMT
        Subject: CN=385ba9af84109d161c2b6cd9bb3750d67b0c2abc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:81:23:65:ef:fb:4c:2d:9d:74:cd:2c:6c:47:
                    8a:24:1b:1a:f5:53:e7:fe:0c:9b:e6:a8:e6:77:b3:
                    56:17:c1:52:b4:53:d2:ea:16:06:54:6a:13:80:ff:
                    37:ec:9d:04:bf:eb:65:f0:79:c2:81:a7:ff:cd:88:
                    08:8f:e8:7f:ef:5f:9e:97:93:33:7b:f3:22:ba:d5:
                    bf:41:89:c3:42:75:69:a3:ae:e8:00:3e:94:d5:bc:
                    68:f5:50:1c:b4:98:80:5a:80:32:5e:27:f0:6d:2a:
                    50:19:04:93:02:8f:70:56:94:e5:5a:bb:3b:66:d0:
                    de:bb:d5:39:11:f6:fe:ab:3b:69:54:86:f9:e2:60:
                    80:4c:86:1e:5b:7c:36:f9:86:76:9f:dd:47:8b:75:
                    1c:ee:be:19:55:d3:70:a6:4f:73:42:13:73:6a:5a:
                    d8:72:0c:fe:65:cc:5b:60:17:9c:17:c1:15:f6:8d:
                    ef:18:29:ca:16:a9:e4:40:b5:99:db:c3:81:ed:4f:
                    68:db:08:55:97:30:c3:65:8a:c9:78:03:d5:21:ef:
                    31:47:bc:65:7c:59:fd:a6:02:c5:82:13:6b:af:34:
                    69:e5:29:90:1d:a3:8a:6c:c6:4b:c8:ac:0f:86:96:
                    0a:e3:cc:2d:b2:b4:bc:9d:d7:10:ab:79:23:75:a2:
                    85:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:5B:A9:AF:84:10:9D:16:1C:2B:6C:D9:BB:37:50:D6:7B:0C:2A:BC
            X509v3 Authority Key Identifier:
                keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:d0:80:af:59:c6:e9:b5:d6:62:54:0e:99:84:c8:5f:85:ed:
         91:aa:64:99:70:6e:56:2f:3d:09:6b:89:18:7a:8c:a1:f9:03:
         2b:d6:cc:4d:05:12:29:12:a0:c4:2e:33:9b:a8:7a:f4:59:51:
         03:a5:23:1f:ae:ed:26:02:67:99:f3:fe:f6:4c:0e:7b:48:25:
         de:75:09:34:89:04:25:f0:e1:a8:41:53:c7:87:eb:65:6f:78:
         b0:a4:a5:3b:ea:89:e0:8b:00:ad:9e:46:b8:02:ea:b5:9f:32:
         83:9c:48:cb:e1:db:b0:73:79:50:32:c5:13:ab:9b:05:2e:42:
         ec:63:4d:93:34:6b:6d:ab:85:b5:48:1e:a3:50:c2:c1:27:b6:
         d1:ce:9e:04:f2:ae:4d:c9:64:2c:52:d0:45:13:e3:98:5d:f6:
         9a:18:fb:b8:8b:ab:02:de:4d:fb:30:9e:39:ff:fd:40:d0:94:
         3d:71:13:b1:01:a4:19:ed:c4:a6:a1:6f:3c:7f:e2:07:61:c4:
         63:55:48:cf:1f:d7:20:88:05:e0:e8:70:42:dd:a0:e7:40:b3:
         b7:84:89:65:eb:14:9b:77:dc:5c:ee:fa:ab:fc:64:b7:33:6b:
         4a:fe:2a:c0:b6:e8:80:52:be:29:9f:55:4c:60:a3:28:5a:7f:
         7c:39:47:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZXZzvzcCHe2tspSXg3ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5
MjllNDgwHhcNMjYwMzI5MDcwMTA2WhcNMjYwMzMwMDcwMTA2WjAzMTEwLwYDVQQD
EygzODViYTlhZjg0MTA5ZDE2MWMyYjZjZDliYjM3NTBkNjdiMGMyYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoEjZe/7TC2ddM0sbEeKJBsa9VPn
/gyb5qjmd7NWF8FStFPS6hYGVGoTgP837J0Ev+tl8HnCgaf/zYgIj+h/71+el5Mz
e/MiutW/QYnDQnVpo67oAD6U1bxo9VActJiAWoAyXifwbSpQGQSTAo9wVpTlWrs7
ZtDeu9U5Efb+qztpVIb54mCATIYeW3w2+YZ2n91Hi3Uc7r4ZVdNwpk9zQhNzalrY
cgz+ZcxbYBecF8EV9o3vGCnKFqnkQLWZ28OB7U9o2whVlzDDZYrJeAPVIe8xR7xl
fFn9pgLFghNrrzRp5SmQHaOKbMZLyKwPhpYK48wtsrS8ndcQq3kjdaKF3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhbqa+EEJ0WHCts2bs3UNZ7DCq8MB8GA1UdIwQY
MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt
YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx
LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH9CAr1nG
6bXWYlQOmYTIX4XtkapkmXBuVi89CWuJGHqMofkDK9bMTQUSKRKgxC4zm6h69FlR
A6UjH67tJgJnmfP+9kwOe0gl3nUJNIkEJfDhqEFTx4frZW94sKSlO+qJ4IsArZ5G
uALqtZ8yg5xIy+HbsHN5UDLFE6ubBS5C7GNNkzRrbauFtUgeo1DCwSe20c6eBPKu
TclkLFLQRRPjmF32mhj7uIurAt5N+zCeOf/9QNCUPXETsQGkGe3EpqFvPH/iB2HE
Y1VIzx/XIIgF4OhwQt2g50Czt4SJZesUm3fcXO76q/xktzNrSv4qwLbogFK+KZ9V
TGCjKFp/fDlHWw==
-----END CERTIFICATE-----