Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
File:                     K5Ro565AOUbluk3mHMHEej2b794.mft (raw, json)
Hash identifier:          C3Th/bQtW9K+kbYLB6ptiwxgNBKQJhwf8YTSB+BLqQI=
Subject key identifier:   92:9E:1A:F6:D1:3B:EB:CD:50:C9:C4:89:95:C7:E1:EC:E9:F8:B6:C9
Authority key identifier: 2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE
Certificate issuer:       /CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
Certificate serial:       019D3A548D66EC0046636FA5EC77F29DFB35
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
Manifest number:          0D49
Signing time:             Sun 29 Mar 2026 16:01:52 +0000
Manifest this update:     Sun 29 Mar 2026 16:01:52 +0000
Manifest next update:     Mon 30 Mar 2026 16:01:52 +0000
Files and hashes:         1: K5Ro565AOUbluk3mHMHEej2b794.crl (hash: lDUBuX9spX9sE7/F+rOy8pCsT6Y5hbyyuYGZ5jmarpU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:54:8d:66:ec:00:46:63:6f:a5:ec:77:f2:9d:fb:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b9468e7ae403946e5ba4de61cc1c47a3d9befde
        Validity
            Not Before: Mar 29 16:01:52 2026 GMT
            Not After : Mar 30 16:01:52 2026 GMT
        Subject: CN=929e1af6d13bebcd50c9c48995c7e1ece9f8b6c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:6d:3c:98:a6:54:a2:c6:75:fb:e1:53:fc:98:
                    99:60:08:b9:f3:49:43:e7:2e:a3:7e:b4:f2:b3:76:
                    94:34:28:53:76:34:46:c6:5b:90:ba:ea:95:57:5a:
                    f2:11:b3:e1:ff:39:8e:af:13:db:32:48:76:b7:b0:
                    35:c2:9e:f4:17:8d:9e:90:90:32:8b:e5:5d:22:fb:
                    27:f2:bd:a4:4b:6e:e2:4d:8a:82:fc:e8:67:8b:5c:
                    85:91:6f:10:9c:82:56:1b:40:27:cd:f7:5c:7e:72:
                    68:c1:ee:4e:6f:5e:7c:c0:14:06:79:93:bf:b1:89:
                    ad:80:03:cf:ff:6b:c7:5b:d4:d3:c2:3c:0b:95:91:
                    97:23:50:ed:c0:2f:fc:4b:e7:8e:56:8b:9d:d4:11:
                    bc:a9:e5:ec:7c:5f:4c:02:fb:ba:51:ce:b5:05:e6:
                    dc:1a:85:95:ec:b8:57:c4:df:ca:d1:62:f2:70:aa:
                    11:ed:4b:91:c2:c6:3a:d8:fd:7d:aa:79:ce:66:26:
                    58:ee:2d:47:7c:ed:7d:d2:ea:96:11:47:cb:af:4b:
                    45:62:bd:78:25:3c:c1:fe:e7:4a:ca:80:56:fb:be:
                    f9:37:5f:02:3d:1b:64:d6:5f:07:1e:ce:6b:76:80:
                    c9:43:f4:50:24:c7:e5:85:19:87:29:f4:f0:71:93:
                    55:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:9E:1A:F6:D1:3B:EB:CD:50:C9:C4:89:95:C7:E1:EC:E9:F8:B6:C9
            X509v3 Authority Key Identifier:
                keyid:2B:94:68:E7:AE:40:39:46:E5:BA:4D:E6:1C:C1:C4:7A:3D:9B:EF:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Ro565AOUbluk3mHMHEej2b794.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/4b5c18-8472-41db-b557-2269c1af2ad3/1/K5Ro565AOUbluk3mHMHEej2b794.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:b9:9f:3a:83:3d:c4:bf:1c:6b:06:2d:96:c8:1c:a0:3d:f8:
         68:dd:46:e7:22:50:ec:a5:43:01:6f:50:70:66:24:1f:1d:34:
         7c:d6:a5:16:d9:7e:25:a6:e6:52:51:cb:ac:c6:d2:49:3d:2d:
         93:69:3e:5e:f0:ea:67:5c:34:08:a4:82:95:92:cb:85:c7:6e:
         40:d6:57:8a:6c:10:40:11:71:01:4a:cc:11:15:ad:23:a0:0f:
         d7:a6:0f:ed:bc:12:33:9b:c4:58:8b:34:c5:c8:15:69:78:38:
         b8:96:28:d4:67:6c:ba:94:d2:4d:26:20:3d:6f:bd:02:6c:86:
         37:a9:c3:44:eb:61:cb:67:05:ba:bd:71:80:e9:03:03:cc:1f:
         4f:8a:b5:40:07:e1:b7:f1:40:76:da:77:48:49:39:6e:7e:86:
         81:dd:94:1d:a6:1f:0e:c0:12:1f:41:bc:33:4e:25:4a:84:40:
         d9:a6:7e:7e:77:60:99:13:6c:10:f0:bc:c8:e3:24:59:93:1e:
         cd:89:a2:a8:ce:41:bb:5d:27:cb:ed:ef:14:c4:d1:3f:49:24:
         11:52:24:24:21:d5:ef:d4:45:47:78:b6:e6:a8:13:8c:bd:e7:
         72:77:a7:44:05:22:8f:01:31:e4:16:e7:88:09:f2:55:11:ad:
         e3:46:09:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VI1m7ABGY2+l7Hfynfs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTQ2OGU3YWU0MDM5NDZlNWJhNGRlNjFjYzFjNDdhM2Q5
YmVmZGUwHhcNMjYwMzI5MTYwMTUyWhcNMjYwMzMwMTYwMTUyWjAzMTEwLwYDVQQD
Eyg5MjllMWFmNmQxM2JlYmNkNTBjOWM0ODk5NWM3ZTFlY2U5ZjhiNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW08mKZUosZ1++FT/JiZYAi580lD
5y6jfrTys3aUNChTdjRGxluQuuqVV1ryEbPh/zmOrxPbMkh2t7A1wp70F42ekJAy
i+VdIvsn8r2kS27iTYqC/Ohni1yFkW8QnIJWG0AnzfdcfnJowe5Ob158wBQGeZO/
sYmtgAPP/2vHW9TTwjwLlZGXI1DtwC/8S+eOVoud1BG8qeXsfF9MAvu6Uc61Bebc
GoWV7LhXxN/K0WLycKoR7UuRwsY62P19qnnOZiZY7i1HfO190uqWEUfLr0tFYr14
JTzB/udKyoBW+775N18CPRtk1l8HHs5rdoDJQ/RQJMflhRmHKfTwcZNVmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKeGvbRO+vNUMnEiZXH4ezp+LbJMB8GA1UdIwQY
MBaAFCuUaOeuQDlG5bpN5hzBxHo9m+/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTct
MjI2OWMxYWYyYWQzLzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi80YjVjMTgtODQ3Mi00MWRiLWI1NTctMjI2OWMxYWYyYWQz
LzEvSzVSbzU2NUFPVWJsdWszbUhNSEVlajJiNzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF7mfOoM9
xL8cawYtlsgcoD34aN1G5yJQ7KVDAW9QcGYkHx00fNalFtl+JabmUlHLrMbSST0t
k2k+XvDqZ1w0CKSClZLLhcduQNZXimwQQBFxAUrMERWtI6AP16YP7bwSM5vEWIs0
xcgVaXg4uJYo1GdsupTSTSYgPW+9AmyGN6nDROthy2cFur1xgOkDA8wfT4q1QAfh
t/FAdtp3SEk5bn6Ggd2UHaYfDsASH0G8M04lSoRA2aZ+fndgmRNsEPC8yOMkWZMe
zYmiqM5Bu10ny+3vFMTRP0kkEVIkJCHV79RFR3i25qgTjL3ncnenRAUijwEx5Bbn
iAnyVRGt40YJwQ==
-----END CERTIFICATE-----