Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft
File:                     iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft (raw, json)
Hash identifier:          oWZN9LhtwT1eARWtq3A8Bzn5QNi0/83zBrP6fYsksLQ=
Subject key identifier:   4D:82:61:CD:C1:4C:C0:48:64:D3:19:5D:B7:BA:97:46:DF:D6:09:2B
Authority key identifier: 89:8E:C1:02:37:91:F6:D4:3F:97:97:E0:52:D1:35:4B:EB:FF:C7:32
Certificate issuer:       /CN=898ec1023791f6d43f9797e052d1354bebffc732
Certificate serial:       019D37C1233EFBC03CB0681501694AC821D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft
Manifest number:          01DE
Signing time:             Sun 29 Mar 2026 04:01:37 +0000
Manifest this update:     Sun 29 Mar 2026 04:01:37 +0000
Manifest next update:     Mon 30 Mar 2026 04:01:37 +0000
Files and hashes:         1: iY7BAjeR9tQ_l5fgUtE1S-v_xzI.crl (hash: 8NWBMIsCDRdnQVtyWR8S96Ys9iz1Tlo2l6CWqGRTZRI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 04:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:c1:23:3e:fb:c0:3c:b0:68:15:01:69:4a:c8:21:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=898ec1023791f6d43f9797e052d1354bebffc732
        Validity
            Not Before: Mar 29 04:01:37 2026 GMT
            Not After : Mar 30 04:01:37 2026 GMT
        Subject: CN=4d8261cdc14cc04864d3195db7ba9746dfd6092b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:5c:c6:ed:87:e9:13:82:a4:c0:94:3a:ee:28:
                    ee:03:86:17:5a:f5:1c:0f:a8:88:f8:9a:84:a2:dc:
                    0a:b9:b1:09:88:ad:de:22:f2:f4:e5:4f:23:9f:35:
                    b2:d1:16:d1:88:f8:53:07:ae:81:a8:9a:f8:94:84:
                    cc:cb:3e:a2:74:3f:59:23:35:37:c2:94:5c:07:89:
                    60:af:b7:0f:cb:af:ad:16:ad:49:e6:fc:ec:41:08:
                    97:ee:89:60:5e:79:22:b6:ac:95:17:33:6b:6d:b9:
                    79:9e:3e:7b:66:bf:5c:62:b9:ff:a6:ce:c5:33:f5:
                    96:1a:72:48:3e:be:8f:53:cc:15:55:f2:48:49:10:
                    a8:87:80:56:68:20:47:55:77:d9:2f:f1:ea:aa:7e:
                    07:2d:94:f7:8a:7a:bb:07:59:cf:12:fc:8c:3e:56:
                    ea:5f:4a:8d:73:65:e7:13:47:1f:b2:13:ee:53:f2:
                    07:4f:eb:39:c7:b7:86:a3:86:8a:13:5e:5c:9c:bd:
                    b1:ab:1a:46:f5:29:16:99:6e:f8:f9:ab:a7:00:24:
                    70:07:9b:8b:71:be:4f:fd:b9:73:4d:5f:04:7d:23:
                    b0:aa:c6:f3:04:34:bd:d8:93:4a:cf:04:94:9a:64:
                    a7:3b:f0:e2:86:8d:87:25:66:57:17:a3:08:a0:a2:
                    c6:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:82:61:CD:C1:4C:C0:48:64:D3:19:5D:B7:BA:97:46:DF:D6:09:2B
            X509v3 Authority Key Identifier:
                keyid:89:8E:C1:02:37:91:F6:D4:3F:97:97:E0:52:D1:35:4B:EB:FF:C7:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/ab6a7b-65ab-4977-9937-ea9b6bb2e39c/1/iY7BAjeR9tQ_l5fgUtE1S-v_xzI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3f:12:38:42:af:40:9a:6f:3a:84:fd:70:5b:77:a8:ef:8b:85:
         32:a7:62:da:2e:3d:a1:5d:91:ef:0a:6d:d5:ef:30:43:83:2a:
         59:20:79:3f:95:93:59:fc:bc:8d:48:bd:e5:b7:38:69:f0:25:
         07:8a:e7:a7:af:cc:d0:4e:b4:38:80:76:72:d7:b7:94:d0:b0:
         8a:3c:bd:4c:65:d5:e2:62:86:0f:5d:22:4d:d9:56:c2:b4:85:
         4c:a7:cb:6f:d5:82:e7:bc:0a:48:aa:a6:18:f6:6f:bd:de:ea:
         d7:5a:dd:fe:54:b7:85:55:1a:b9:80:32:fa:f5:a1:09:29:f1:
         ee:66:7f:16:49:32:b3:b3:ab:f1:e4:78:25:f0:9c:e1:fd:c0:
         f2:d3:e4:fc:1c:8c:f5:33:76:69:ff:89:7c:11:55:64:06:b8:
         0a:14:5c:b6:f2:1b:2c:bc:10:6f:8f:dc:f7:c1:3f:fd:34:0a:
         cd:ec:5e:d8:ad:ab:c7:f3:ed:de:4f:e5:74:0e:10:6c:4b:f4:
         75:8f:12:c7:5a:03:b5:72:13:ed:c8:79:ca:f2:1e:26:d0:63:
         4c:ab:84:2b:98:c4:80:a0:3d:0e:40:e7:5c:ca:bc:d4:fc:a7:
         e2:52:29:77:2f:02:ab:16:a0:b7:ad:4d:b0:0b:d9:12:18:25:
         1f:b9:37:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wSM++8A8sGgVAWlKyCHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OGVjMTAyMzc5MWY2ZDQzZjk3OTdlMDUyZDEzNTRiZWJm
ZmM3MzIwHhcNMjYwMzI5MDQwMTM3WhcNMjYwMzMwMDQwMTM3WjAzMTEwLwYDVQQD
Eyg0ZDgyNjFjZGMxNGNjMDQ4NjRkMzE5NWRiN2JhOTc0NmRmZDYwOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFzG7YfpE4KkwJQ67ijuA4YXWvUc
D6iI+JqEotwKubEJiK3eIvL05U8jnzWy0RbRiPhTB66BqJr4lITMyz6idD9ZIzU3
wpRcB4lgr7cPy6+tFq1J5vzsQQiX7olgXnkitqyVFzNrbbl5nj57Zr9cYrn/ps7F
M/WWGnJIPr6PU8wVVfJISRCoh4BWaCBHVXfZL/Hqqn4HLZT3inq7B1nPEvyMPlbq
X0qNc2XnE0cfshPuU/IHT+s5x7eGo4aKE15cnL2xqxpG9SkWmW74+aunACRwB5uL
cb5P/blzTV8EfSOwqsbzBDS92JNKzwSUmmSnO/Diho2HJWZXF6MIoKLGXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE2CYc3BTMBIZNMZXbe6l0bf1gkrMB8GA1UdIwQY
MBaAFImOwQI3kfbUP5eX4FLRNUvr/8cyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVk3QkFqZVI5dFFfbDVmZ1V0RTFTLXZfeHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hYjZhN2ItNjVhYi00OTc3LTk5Mzct
ZWE5YjZiYjJlMzljLzEvaVk3QkFqZVI5dFFfbDVmZ1V0RTFTLXZfeHpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hYjZhN2ItNjVhYi00OTc3LTk5MzctZWE5YjZiYjJlMzlj
LzEvaVk3QkFqZVI5dFFfbDVmZ1V0RTFTLXZfeHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPxI4Qq9A
mm86hP1wW3eo74uFMqdi2i49oV2R7wpt1e8wQ4MqWSB5P5WTWfy8jUi95bc4afAl
B4rnp6/M0E60OIB2cte3lNCwijy9TGXV4mKGD10iTdlWwrSFTKfLb9WC57wKSKqm
GPZvvd7q11rd/lS3hVUauYAy+vWhCSnx7mZ/Fkkys7Or8eR4JfCc4f3A8tPk/ByM
9TN2af+JfBFVZAa4ChRctvIbLLwQb4/c98E//TQKzexe2K2rx/Pt3k/ldA4QbEv0
dY8Sx1oDtXIT7ch5yvIeJtBjTKuEK5jEgKA9DkDnXMq81Pyn4lIpdy8Cqxagt61N
sAvZEhglH7k3qQ==
-----END CERTIFICATE-----