Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
File:                     K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft (raw, json)
Hash identifier:          EX0/mvm6IZ1DoMjRuwqu1PnBbH9e8HcyfORCfYJtdik=
Subject key identifier:   2E:AC:32:D0:24:28:B0:64:B1:C2:AF:22:B9:0A:53:EC:C9:C6:0A:E1
Authority key identifier: 2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73
Certificate issuer:       /CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
Certificate serial:       019D3909C3FB4017C776F61AC62A7011131F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
Manifest number:          0A5C
Signing time:             Sun 29 Mar 2026 10:00:34 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:34 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:34 +0000
Files and hashes:         1: K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl (hash: 9Ev9kvED2zy4lJ8yb6rM8yMNeJ/h0DzVvt6g9Q6EuX0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:c3:fb:40:17:c7:76:f6:1a:c6:2a:70:11:13:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
        Validity
            Not Before: Mar 29 10:00:34 2026 GMT
            Not After : Mar 30 10:00:34 2026 GMT
        Subject: CN=2eac32d02428b064b1c2af22b90a53ecc9c60ae1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:45:72:61:e6:42:82:10:7b:a9:f5:43:b7:87:
                    ca:23:67:eb:be:0e:aa:40:24:c9:5a:8f:dc:40:85:
                    df:eb:1b:b1:5f:21:44:82:76:ab:dd:32:c0:56:2e:
                    f2:cc:79:37:63:bc:1e:e3:4c:c7:37:ec:9f:9e:71:
                    1d:0c:af:e2:87:ac:c9:e4:4b:6e:b8:b3:1b:1d:c8:
                    74:27:54:56:0a:cc:90:08:82:b7:8b:80:d4:4c:54:
                    53:dc:c6:7e:a4:00:2d:4a:d3:c7:d6:85:52:f7:b1:
                    77:35:e8:0a:1e:be:5a:9b:67:d6:25:94:3c:70:53:
                    a3:df:8a:90:6d:ce:78:cd:72:5b:38:a3:b1:7c:fa:
                    4f:36:89:e6:dd:dd:f4:c8:fe:69:44:34:93:e8:64:
                    15:a9:94:b8:11:71:86:d9:47:8f:0f:d6:49:3f:37:
                    01:db:55:a3:53:22:4a:22:fd:c9:d2:ba:b3:07:4d:
                    78:3e:dd:9c:a7:27:c2:e8:b5:fa:04:b5:50:bd:35:
                    d9:5a:33:76:87:be:31:b5:eb:23:6d:8c:ab:7b:43:
                    6e:a5:15:e7:99:44:75:a2:89:e1:98:8a:fe:63:5a:
                    92:4e:b6:4c:80:1d:55:dc:44:d5:29:f3:46:01:cf:
                    78:00:b8:5f:a6:9a:6c:6a:56:34:a4:39:38:67:08:
                    45:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:AC:32:D0:24:28:B0:64:B1:C2:AF:22:B9:0A:53:EC:C9:C6:0A:E1
            X509v3 Authority Key Identifier:
                keyid:2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:44:c0:fc:b5:d5:e2:4c:53:6c:8d:39:1e:cd:c7:c5:e7:24:
         6c:9b:f2:a3:f3:a6:83:79:8c:bf:a0:c2:64:64:5e:b4:d4:87:
         7e:0a:42:5a:cc:01:db:46:d9:ca:84:b3:5c:2d:df:b9:a7:41:
         9e:f6:de:ad:ec:dd:97:ac:32:2e:2e:5a:49:b7:b3:dc:9e:a7:
         ae:8c:52:35:db:21:1f:2c:79:75:66:32:56:aa:a0:4d:05:79:
         4a:33:61:44:f2:f3:73:53:57:fe:0d:23:90:59:27:9c:f2:83:
         0d:06:36:72:a8:1b:1e:ba:ef:5e:79:e9:47:37:bf:bb:25:c6:
         7a:11:84:4b:40:0b:71:36:a3:60:5c:58:d9:7d:3a:b6:ed:95:
         34:28:5c:89:d8:f3:a2:02:d3:00:b2:27:5b:02:99:f1:58:b4:
         6f:c9:34:91:06:2e:be:50:54:a1:ae:c0:0c:25:0e:36:46:d4:
         cd:8e:0b:da:36:34:f2:4d:51:de:f9:49:f5:b8:7f:d9:52:9b:
         b2:cc:72:a6:2e:69:1a:88:2f:db:ac:89:b4:0d:21:ea:61:68:
         84:53:cf:a2:1c:2a:04:50:5d:93:7a:e0:eb:90:e3:e1:b0:60:
         53:94:95:e6:0c:5b:4c:16:af:4e:ea:21:32:e9:9e:d4:df:d6:
         4e:94:15:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcP7QBfHdvYaxipwERMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjJkMDIzNDFjMTE5NDlhOGM4NzE1M2Y4NjZjMGY2OGYx
YmJkNzMwHhcNMjYwMzI5MTAwMDM0WhcNMjYwMzMwMTAwMDM0WjAzMTEwLwYDVQQD
EygyZWFjMzJkMDI0MjhiMDY0YjFjMmFmMjJiOTBhNTNlY2M5YzYwYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEVyYeZCghB7qfVDt4fKI2frvg6q
QCTJWo/cQIXf6xuxXyFEgnar3TLAVi7yzHk3Y7we40zHN+yfnnEdDK/ih6zJ5Etu
uLMbHch0J1RWCsyQCIK3i4DUTFRT3MZ+pAAtStPH1oVS97F3NegKHr5am2fWJZQ8
cFOj34qQbc54zXJbOKOxfPpPNonm3d30yP5pRDST6GQVqZS4EXGG2UePD9ZJPzcB
21WjUyJKIv3J0rqzB014Pt2cpyfC6LX6BLVQvTXZWjN2h74xtesjbYyre0NupRXn
mUR1oonhmIr+Y1qSTrZMgB1V3ETVKfNGAc94ALhfpppsalY0pDk4ZwhF7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6sMtAkKLBkscKvIrkKU+zJxgrhMB8GA1UdIwQY
MBaAFCuy0CNBwRlJqMhxU/hmwPaPG71zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYt
NDYwNjU2ZmUzYWI1LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYtNDYwNjU2ZmUzYWI1
LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmkTA/LXV
4kxTbI05Hs3HxeckbJvyo/Omg3mMv6DCZGRetNSHfgpCWswB20bZyoSzXC3fuadB
nvberezdl6wyLi5aSbez3J6nroxSNdshHyx5dWYyVqqgTQV5SjNhRPLzc1NX/g0j
kFknnPKDDQY2cqgbHrrvXnnpRze/uyXGehGES0ALcTajYFxY2X06tu2VNChcidjz
ogLTALInWwKZ8Vi0b8k0kQYuvlBUoa7ADCUONkbUzY4L2jY08k1R3vlJ9bh/2VKb
ssxypi5pGogv26yJtA0h6mFohFPPohwqBFBdk3rg65Dj4bBgU5SV5gxbTBavTuoh
Mume1N/WTpQV4w==
-----END CERTIFICATE-----