Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          sAuscdW28VtwjPzkWTfhsfr15JHJ2DSb6FFmZfL6diU=
Subject key identifier:   67:A7:87:2D:5D:61:FA:2B:38:95:72:40:4C:FE:17:28:25:9E:94:94
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019D38D3609BF95027D1D327604CF93EC4A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0B66
Signing time:             Sun 29 Mar 2026 09:01:10 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:10 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:10 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: L2zYIfrBWWt7qqtgtn4nSydlPeILa2ELaA/CzsoNWGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:60:9b:f9:50:27:d1:d3:27:60:4c:f9:3e:c4:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Mar 29 09:01:10 2026 GMT
            Not After : Mar 30 09:01:10 2026 GMT
        Subject: CN=67a7872d5d61fa2b389572404cfe1728259e9494
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:fe:86:bc:4d:d8:0b:13:c9:00:1a:0a:79:69:
                    cb:0b:b5:b5:30:b8:82:09:b1:af:f9:46:31:e9:42:
                    65:eb:d2:28:66:5e:fd:a2:52:54:42:aa:cb:c8:5b:
                    41:d9:4a:fd:1f:3d:12:f0:42:ad:a4:d8:74:a2:21:
                    e8:ac:1a:7f:65:cc:27:2e:b2:bb:a1:c5:46:78:60:
                    05:18:3d:0e:9a:35:f8:ed:18:1f:d8:a0:07:84:f7:
                    a4:73:4b:31:18:87:99:fb:ac:7a:9a:93:c9:4b:ff:
                    44:40:6e:de:1b:c5:39:a4:72:8a:f9:cb:f0:3f:e9:
                    22:45:3d:18:73:0c:d0:9b:e5:51:fb:4d:75:21:05:
                    56:63:b0:1c:0a:bb:92:b8:bc:11:d7:d5:50:a8:7a:
                    18:d1:31:f1:b0:e7:6e:5c:21:ee:1b:1f:e7:56:b8:
                    0f:9c:d5:05:39:ea:24:de:4d:b3:04:34:fc:25:78:
                    3f:36:9a:1f:a6:72:92:af:a3:f0:45:2b:e9:53:39:
                    a5:fd:6f:c3:9d:e3:7b:a9:e2:3c:c8:06:a1:52:42:
                    08:55:4d:b5:8e:9f:69:b1:55:93:21:fe:54:8a:45:
                    39:b0:1e:f2:ce:f4:27:50:1e:7d:3e:78:12:49:82:
                    24:d4:6c:6b:c1:af:32:df:ec:8e:a7:47:1d:0d:31:
                    dd:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:A7:87:2D:5D:61:FA:2B:38:95:72:40:4C:FE:17:28:25:9E:94:94
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:6f:39:3c:2f:0d:55:49:e6:83:10:6d:a7:99:2a:e5:04:5f:
         29:da:ed:f0:95:c4:cf:45:01:f8:92:d3:52:32:96:95:0e:7c:
         90:d9:f7:39:1b:e6:89:9d:6b:72:06:d8:11:54:5e:22:a9:62:
         4a:2c:50:3f:1f:0c:06:1c:e6:aa:49:57:64:71:5d:bb:32:04:
         1d:c0:20:c3:59:4b:32:e6:a9:13:ff:b8:14:69:79:7c:36:f2:
         05:61:aa:af:b4:e7:b9:70:37:74:1e:d7:c9:f2:c3:31:d0:55:
         7d:2c:6d:30:4a:28:6b:ab:3c:c8:88:03:76:f8:e9:a4:bc:ce:
         f4:cb:e6:68:fe:f2:1d:6d:db:4c:46:84:3e:da:8e:58:79:69:
         bf:2b:ae:36:48:66:23:9f:c0:ec:25:dc:ef:71:46:43:5b:68:
         bb:84:35:7c:95:d8:08:77:8a:2c:a0:16:c9:a8:dc:e7:42:96:
         cb:c3:f8:39:78:1c:a6:07:07:58:37:b8:f1:61:fe:e5:1b:01:
         c2:3f:18:a7:56:de:03:75:f0:0d:98:af:41:f7:cd:b0:2e:d1:
         6d:3d:af:e6:91:e2:02:fa:c8:a7:f1:4b:32:df:0e:33:e4:4c:
         fa:21:cb:9f:d3:4c:1f:9f:c6:af:ba:31:ef:1e:8a:0a:98:be:
         42:0d:71:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0402Cb+VAn0dMnYEz5PsSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjYwMzI5MDkwMTEwWhcNMjYwMzMwMDkwMTEwWjAzMTEwLwYDVQQD
Eyg2N2E3ODcyZDVkNjFmYTJiMzg5NTcyNDA0Y2ZlMTcyODI1OWU5NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/6GvE3YCxPJABoKeWnLC7W1MLiC
CbGv+UYx6UJl69IoZl79olJUQqrLyFtB2Ur9Hz0S8EKtpNh0oiHorBp/ZcwnLrK7
ocVGeGAFGD0OmjX47Rgf2KAHhPekc0sxGIeZ+6x6mpPJS/9EQG7eG8U5pHKK+cvw
P+kiRT0YcwzQm+VR+011IQVWY7AcCruSuLwR19VQqHoY0THxsOduXCHuGx/nVrgP
nNUFOeok3k2zBDT8JXg/NpofpnKSr6PwRSvpUzml/W/DneN7qeI8yAahUkIIVU21
jp9psVWTIf5UikU5sB7yzvQnUB59PngSSYIk1Gxrwa8y3+yOp0cdDTHdKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGenhy1dYforOJVyQEz+FyglnpSUMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbW85PC8N
VUnmgxBtp5kq5QRfKdrt8JXEz0UB+JLTUjKWlQ58kNn3ORvmiZ1rcgbYEVReIqli
SixQPx8MBhzmqklXZHFduzIEHcAgw1lLMuapE/+4FGl5fDbyBWGqr7TnuXA3dB7X
yfLDMdBVfSxtMEooa6s8yIgDdvjppLzO9MvmaP7yHW3bTEaEPtqOWHlpvyuuNkhm
I5/A7CXc73FGQ1tou4Q1fJXYCHeKLKAWyajc50KWy8P4OXgcpgcHWDe48WH+5RsB
wj8Yp1beA3XwDZivQffNsC7RbT2v5pHiAvrIp/FLMt8OM+RM+iHLn9NMH5/Gr7ox
7x6KCpi+Qg1xtQ==
-----END CERTIFICATE-----