Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
File:                     gz8MJRPUNTtAzvg5F57r-HOCRcY.mft (raw, json)
Hash identifier:          cgKn2ulDlOs3IcXisRWH0HSc37e0WNlPa/S7Wrla8WI=
Subject key identifier:   FF:1A:1F:52:37:A0:6E:E9:E7:8A:14:A9:AC:67:E2:76:5A:46:E0:E2
Authority key identifier: 83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6
Certificate issuer:       /CN=833f0c2513d4353b40cef839179eebf8738245c6
Certificate serial:       019D386660F733296B0C29D57469AC8EB86A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
Manifest number:          1363
Signing time:             Sun 29 Mar 2026 07:02:06 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:06 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:06 +0000
Files and hashes:         1: gz8MJRPUNTtAzvg5F57r-HOCRcY.crl (hash: SCjVb5p4C2ezGvtsT7epA1ciWREIM+E2+928iKX9lRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:60:f7:33:29:6b:0c:29:d5:74:69:ac:8e:b8:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=833f0c2513d4353b40cef839179eebf8738245c6
        Validity
            Not Before: Mar 29 07:02:06 2026 GMT
            Not After : Mar 30 07:02:06 2026 GMT
        Subject: CN=ff1a1f5237a06ee9e78a14a9ac67e2765a46e0e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:26:e2:5c:62:c2:b3:40:22:f6:ed:7a:1e:d7:
                    78:1c:5e:68:ce:c6:ae:77:9b:e4:50:57:ef:e8:49:
                    02:85:5c:9e:8c:a6:b1:86:78:34:e6:a6:47:d7:9b:
                    65:3f:4d:7d:8f:d4:19:1d:f3:61:1e:e2:23:dd:cc:
                    5e:bf:95:0d:aa:93:97:1d:d4:05:fc:98:af:e7:2e:
                    63:6a:07:8f:26:86:94:f0:39:ba:43:f6:10:08:90:
                    93:8d:ef:be:a4:2c:fc:7b:05:86:6b:26:74:f7:b1:
                    ed:4d:72:e0:52:e6:5a:d6:bf:6a:ca:75:ab:7a:a2:
                    a0:61:2d:06:b2:b5:73:fc:38:a7:9a:86:27:3c:c9:
                    3f:3a:fb:86:e7:0a:73:98:54:60:d6:a4:d6:ba:09:
                    91:9e:26:e1:04:3b:86:a1:e4:e1:c7:c4:0f:83:c9:
                    0a:12:6f:c1:e8:e6:df:5f:8f:e3:0e:53:81:e1:a0:
                    77:53:6c:3f:1e:f4:f6:4d:9f:3a:ab:1c:af:1a:0a:
                    8c:0a:26:b2:73:35:d6:02:74:46:dd:37:8e:49:b7:
                    bc:84:db:d8:71:c5:8b:cc:ab:cc:bd:27:39:c3:c0:
                    24:28:d7:dd:45:31:d5:f7:be:2c:6e:bf:4c:c2:0c:
                    ea:f2:05:1b:98:4f:3a:43:ba:40:3c:15:cc:23:c4:
                    d5:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:1A:1F:52:37:A0:6E:E9:E7:8A:14:A9:AC:67:E2:76:5A:46:E0:E2
            X509v3 Authority Key Identifier:
                keyid:83:3F:0C:25:13:D4:35:3B:40:CE:F8:39:17:9E:EB:F8:73:82:45:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz8MJRPUNTtAzvg5F57r-HOCRcY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9f2fc8-8f2c-47e0-97da-ed07ecf2dc36/1/gz8MJRPUNTtAzvg5F57r-HOCRcY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:2f:16:a8:4e:c3:f6:f3:b9:c6:dd:32:1e:86:85:92:0e:15:
         5c:83:6f:58:43:c7:5e:76:12:4f:e7:1c:98:24:78:15:62:e9:
         8e:87:8a:f1:0a:29:76:d5:6b:fd:55:4f:98:ec:14:5b:1e:c1:
         f7:d0:e7:e9:99:99:52:25:11:91:40:f1:a4:69:dc:4f:69:3c:
         23:3e:3b:64:e8:ea:ab:5a:65:20:c0:b8:8c:9a:06:4e:61:28:
         da:fb:7c:13:34:02:e9:82:55:dc:f0:0a:a4:0d:61:6c:51:64:
         df:5e:f5:66:40:12:aa:78:18:e9:6d:ba:63:2c:f3:72:20:13:
         f6:3c:56:f7:af:ab:18:e2:52:b2:a3:16:86:0a:48:cc:d0:4f:
         e3:31:36:d1:fb:a8:ae:89:19:b0:12:9a:5b:bc:65:15:3e:43:
         0d:52:3c:45:78:ff:11:bf:13:68:03:af:7c:0a:23:d1:c9:84:
         b7:84:10:e1:83:87:63:30:8e:a7:2a:4e:14:01:b9:5f:18:14:
         a7:ee:4d:7d:22:8b:a5:50:ac:8d:ee:f7:aa:ed:86:57:dc:a6:
         10:29:5c:00:da:f4:5a:ee:26:4c:1e:9a:34:34:41:ed:51:55:
         ce:c7:16:7c:d7:fd:09:91:c4:3a:64:33:60:ae:49:84:14:ff:
         ff:e3:ec:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZmD3MylrDCnVdGmsjrhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2YwYzI1MTNkNDM1M2I0MGNlZjgzOTE3OWVlYmY4NzM4
MjQ1YzYwHhcNMjYwMzI5MDcwMjA2WhcNMjYwMzMwMDcwMjA2WjAzMTEwLwYDVQQD
EyhmZjFhMWY1MjM3YTA2ZWU5ZTc4YTE0YTlhYzY3ZTI3NjVhNDZlMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApibiXGLCs0Ai9u16Htd4HF5ozsau
d5vkUFfv6EkChVyejKaxhng05qZH15tlP019j9QZHfNhHuIj3cxev5UNqpOXHdQF
/Jiv5y5jagePJoaU8Dm6Q/YQCJCTje++pCz8ewWGayZ097HtTXLgUuZa1r9qynWr
eqKgYS0GsrVz/DinmoYnPMk/OvuG5wpzmFRg1qTWugmRnibhBDuGoeThx8QPg8kK
Em/B6ObfX4/jDlOB4aB3U2w/HvT2TZ86qxyvGgqMCiayczXWAnRG3TeOSbe8hNvY
ccWLzKvMvSc5w8AkKNfdRTHV974sbr9Mwgzq8gUbmE86Q7pAPBXMI8TVawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP8aH1I3oG7p54oUqaxn4nZaRuDiMB8GA1UdIwQY
MBaAFIM/DCUT1DU7QM74ORee6/hzgkXGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEt
ZWQwN2VjZjJkYzM2LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZjJmYzgtOGYyYy00N2UwLTk3ZGEtZWQwN2VjZjJkYzM2
LzEvZ3o4TUpSUFVOVHRBenZnNUY1N3ItSE9DUmNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKS8WqE7D
9vO5xt0yHoaFkg4VXINvWEPHXnYST+ccmCR4FWLpjoeK8QopdtVr/VVPmOwUWx7B
99Dn6ZmZUiURkUDxpGncT2k8Iz47ZOjqq1plIMC4jJoGTmEo2vt8EzQC6YJV3PAK
pA1hbFFk3171ZkASqngY6W26YyzzciAT9jxW96+rGOJSsqMWhgpIzNBP4zE20fuo
rokZsBKaW7xlFT5DDVI8RXj/Eb8TaAOvfAoj0cmEt4QQ4YOHYzCOpypOFAG5XxgU
p+5NfSKLpVCsje73qu2GV9ymEClcANr0Wu4mTB6aNDRB7VFVzscWfNf9CZHEOmQz
YK5JhBT//+Psfg==
-----END CERTIFICATE-----