Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
File:                     Pq9YPXwbe09XMQE8iymLpQVGTlI.mft (raw, json)
Hash identifier:          qcbpoYGMPyZyl8t7QvJE3mSbjq4/mO1TM0p/d8vpGU8=
Subject key identifier:   40:FB:86:A6:B4:CB:64:52:9F:78:17:E1:F7:80:6D:2E:33:2C:76:A3
Authority key identifier: 3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52
Certificate issuer:       /CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
Certificate serial:       019D37C0B6C6251559AA6B1E36BBBACFC23A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
Manifest number:          14A8
Signing time:             Sun 29 Mar 2026 04:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:09 +0000
Files and hashes:         1: Pq9YPXwbe09XMQE8iymLpQVGTlI.crl (hash: bE1HTdnre5waxcIuT6SKDThYBrT0CQDWXPMVkvIDhDQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c0:b6:c6:25:15:59:aa:6b:1e:36:bb:ba:cf:c2:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eaf583d7c1b7b4f5731013c8b298ba505464e52
        Validity
            Not Before: Mar 29 04:01:09 2026 GMT
            Not After : Mar 30 04:01:09 2026 GMT
        Subject: CN=40fb86a6b4cb64529f7817e1f7806d2e332c76a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:57:2e:5e:8e:47:a7:7a:a8:78:2c:e5:6d:e0:
                    74:2d:cd:fb:cb:7a:68:4b:55:cb:99:a9:a8:59:93:
                    57:ce:7a:29:f4:22:ab:77:cc:a9:65:95:3d:78:2b:
                    ad:f3:8a:41:c0:c8:e8:6a:0d:19:69:e5:38:55:0a:
                    d7:75:20:e2:dd:91:f6:e7:02:92:1d:4a:a4:88:b9:
                    bd:d9:de:f7:b6:cf:fe:33:82:e7:3e:17:14:8f:2a:
                    77:a8:bb:59:88:db:82:bf:3f:6e:f8:86:28:2e:2c:
                    2a:a7:fb:76:aa:6c:c0:30:75:59:d5:98:37:cd:2d:
                    2b:94:de:0f:23:5d:74:35:df:d6:5b:5a:f9:65:35:
                    b2:00:44:6a:01:e9:ad:a5:96:76:59:65:7a:37:31:
                    b2:cf:ed:98:99:c3:23:19:e5:e5:af:18:09:97:ff:
                    7c:d1:4f:27:f5:ec:f5:db:de:9a:62:4e:8c:08:c5:
                    9e:6f:a6:3a:7f:12:0e:6a:6a:4e:b3:83:58:23:70:
                    39:73:e9:a2:84:2d:74:9f:90:1f:cd:06:d6:ae:16:
                    d7:62:8b:4c:09:fb:02:6b:50:bf:0a:50:97:cd:ed:
                    7f:d5:f0:27:38:2c:fb:43:05:0d:6c:4d:f1:b3:aa:
                    b0:0d:c1:70:74:d9:a1:3c:23:50:6a:bc:3b:4c:2b:
                    03:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:FB:86:A6:B4:CB:64:52:9F:78:17:E1:F7:80:6D:2E:33:2C:76:A3
            X509v3 Authority Key Identifier:
                keyid:3E:AF:58:3D:7C:1B:7B:4F:57:31:01:3C:8B:29:8B:A5:05:46:4E:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pq9YPXwbe09XMQE8iymLpQVGTlI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d98e86-e41c-45e1-bbe7-8e19c4da8798/1/Pq9YPXwbe09XMQE8iymLpQVGTlI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:57:5b:10:10:d2:9e:a1:1e:ae:72:24:f0:73:41:91:6c:49:
         6c:22:f8:34:a0:a1:ba:77:ce:ae:0a:33:b7:0b:81:50:68:a6:
         61:6e:78:30:bf:96:1e:23:df:28:87:54:29:0f:8c:09:68:86:
         94:25:a9:e8:be:66:eb:75:04:bb:ce:3b:59:01:17:1c:dd:66:
         35:3f:be:14:f7:45:36:49:d6:30:26:92:bd:1b:a3:43:dc:e2:
         93:f1:cd:28:57:ee:21:d8:4d:a4:a6:02:27:7f:93:98:c5:df:
         34:20:e3:1b:4f:00:1c:9a:86:ad:56:55:81:04:21:4d:fd:be:
         f5:81:53:fe:17:b7:ab:e1:f0:21:eb:2d:6d:5f:5a:9a:f7:33:
         44:d4:83:bd:75:00:2d:1d:ee:eb:67:f2:b1:e0:89:7a:1a:bb:
         7e:24:80:3d:c5:8b:a2:0c:79:3c:7e:8e:6f:a7:49:a7:4f:1d:
         09:45:8f:d9:5a:5a:15:44:25:49:6c:65:2d:ea:e8:75:6b:ac:
         8b:3d:cc:48:f8:b0:7b:ed:ac:0d:db:c1:bf:30:2b:3c:ff:c5:
         d4:db:69:66:70:3c:7c:19:4c:d9:6c:2c:8c:57:8f:d6:e1:47:
         0d:25:2e:8d:f6:9d:0e:4d:22:a1:20:df:ad:08:67:cd:52:d5:
         01:9a:f3:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wLbGJRVZqmseNru6z8I6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYWY1ODNkN2MxYjdiNGY1NzMxMDEzYzhiMjk4YmE1MDU0
NjRlNTIwHhcNMjYwMzI5MDQwMTA5WhcNMjYwMzMwMDQwMTA5WjAzMTEwLwYDVQQD
Eyg0MGZiODZhNmI0Y2I2NDUyOWY3ODE3ZTFmNzgwNmQyZTMzMmM3NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVcuXo5Hp3qoeCzlbeB0Lc37y3po
S1XLmamoWZNXznop9CKrd8ypZZU9eCut84pBwMjoag0ZaeU4VQrXdSDi3ZH25wKS
HUqkiLm92d73ts/+M4LnPhcUjyp3qLtZiNuCvz9u+IYoLiwqp/t2qmzAMHVZ1Zg3
zS0rlN4PI110Nd/WW1r5ZTWyAERqAemtpZZ2WWV6NzGyz+2YmcMjGeXlrxgJl/98
0U8n9ez1296aYk6MCMWeb6Y6fxIOampOs4NYI3A5c+mihC10n5AfzQbWrhbXYotM
CfsCa1C/ClCXze1/1fAnOCz7QwUNbE3xs6qwDcFwdNmhPCNQarw7TCsD4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFED7hqa0y2RSn3gX4feAbS4zLHajMB8GA1UdIwQY
MBaAFD6vWD18G3tPVzEBPIspi6UFRk5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTct
OGUxOWM0ZGE4Nzk4LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kOThlODYtZTQxYy00NWUxLWJiZTctOGUxOWM0ZGE4Nzk4
LzEvUHE5WVBYd2JlMDlYTVFFOGl5bUxwUVZHVGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVFdbEBDS
nqEernIk8HNBkWxJbCL4NKChunfOrgoztwuBUGimYW54ML+WHiPfKIdUKQ+MCWiG
lCWp6L5m63UEu847WQEXHN1mNT++FPdFNknWMCaSvRujQ9zik/HNKFfuIdhNpKYC
J3+TmMXfNCDjG08AHJqGrVZVgQQhTf2+9YFT/he3q+HwIestbV9amvczRNSDvXUA
LR3u62fyseCJehq7fiSAPcWLogx5PH6Ob6dJp08dCUWP2VpaFUQlSWxlLerodWus
iz3MSPiwe+2sDdvBvzArPP/F1NtpZnA8fBlM2WwsjFeP1uFHDSUujfadDk0ioSDf
rQhnzVLVAZrzYQ==
-----END CERTIFICATE-----