Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
File:                     a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft (raw, json)
Hash identifier:          kdUcdMoCLvBfdKT6bz5oCaWAq1cZK0kjxWFqbc2Pzko=
Subject key identifier:   CF:77:D5:6D:16:E7:1C:54:05:56:1B:47:43:0D:4A:49:C5:D6:3F:3C
Authority key identifier: 6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB
Certificate issuer:       /CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
Certificate serial:       019D3865CF1F90922888001734E82FFCFB03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
Manifest number:          0494
Signing time:             Sun 29 Mar 2026 07:01:29 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:29 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:29 +0000
Files and hashes:         1: a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl (hash: l83pE9fja2/jdvkw1fevtHKoeoa47oIaBp9pW67a9UE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:cf:1f:90:92:28:88:00:17:34:e8:2f:fc:fb:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b6a35cc30ec3116420c0ff04c59e4793e9193fb
        Validity
            Not Before: Mar 29 07:01:29 2026 GMT
            Not After : Mar 30 07:01:29 2026 GMT
        Subject: CN=cf77d56d16e71c5405561b47430d4a49c5d63f3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e7:43:07:52:8b:d5:21:b4:07:9f:32:9c:48:
                    52:bd:db:89:37:d7:60:4a:5e:e4:cf:b0:ce:30:50:
                    3b:a6:23:9b:cc:60:2d:0a:eb:6e:0b:60:95:93:89:
                    1b:36:67:44:1c:54:07:11:c2:35:99:c8:e9:0f:93:
                    ba:2a:2e:45:d6:e0:2c:96:80:60:56:57:00:24:9c:
                    b4:01:cc:c0:c1:83:a9:ca:e4:71:92:1f:23:cf:ea:
                    3b:e6:ff:25:f2:89:d0:be:cc:88:a5:8b:82:25:58:
                    9a:51:c5:64:04:12:ae:46:b4:53:57:15:9b:a6:e1:
                    87:10:d0:b4:90:0f:17:ed:fc:51:59:13:74:63:95:
                    8b:e1:2d:11:6d:a8:70:3b:a6:44:d3:b4:0c:70:c1:
                    6e:e9:49:f2:81:63:54:50:79:72:22:5f:b3:61:58:
                    84:17:05:59:4c:dc:9e:44:8c:7a:d0:87:a5:af:8b:
                    1b:f1:93:d0:13:27:38:88:3a:61:50:6c:6a:41:c3:
                    19:34:94:78:cb:25:bf:cc:67:ee:e9:11:88:6a:87:
                    ba:8b:d5:d7:94:4e:56:c4:56:8b:d8:a6:cb:91:4b:
                    14:e2:5c:50:ad:9a:ee:c4:30:c6:86:6f:db:57:75:
                    61:6f:25:ab:54:94:30:d7:7c:e9:7b:b8:e2:14:9f:
                    bd:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:77:D5:6D:16:E7:1C:54:05:56:1B:47:43:0D:4A:49:C5:D6:3F:3C
            X509v3 Authority Key Identifier:
                keyid:6B:6A:35:CC:30:EC:31:16:42:0C:0F:F0:4C:59:E4:79:3E:91:93:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/89226d-1fee-4571-8106-51fb82eff3d6/1/a2o1zDDsMRZCDA_wTFnkeT6Rk_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:cb:a6:2e:9c:8d:d3:5c:29:ba:27:fe:90:f8:6f:03:3e:78:
         9e:82:c4:dd:af:db:7c:b2:f4:0c:89:ec:45:98:dd:af:88:5e:
         78:6f:9c:33:cb:14:d6:27:e4:27:21:81:01:d9:43:15:ca:38:
         49:fa:3b:27:af:6f:d1:67:b4:93:92:e9:22:71:d6:2d:17:54:
         d8:96:7e:85:63:1d:9d:63:35:a4:59:fa:d9:f8:7c:d5:8f:07:
         59:7d:d9:f2:13:f1:2d:44:11:ef:1c:c5:f4:c5:6f:40:a1:bd:
         53:28:7e:70:22:bd:e8:bc:55:5b:d5:5b:07:be:ae:7c:91:71:
         09:c6:85:bc:e9:16:ef:19:56:d7:ac:ee:73:df:03:02:ba:3a:
         73:d9:53:7f:6c:18:e7:c5:33:4d:f0:bc:dc:d8:64:b7:73:4a:
         92:3d:81:f5:30:c7:f6:4c:e5:ec:e1:43:e4:f7:b4:b2:74:76:
         f7:e5:19:a4:0e:a2:82:ba:16:00:39:90:dc:a4:a3:82:88:f2:
         6b:10:78:51:1f:8a:9b:f4:04:34:ea:1d:03:52:73:09:95:1f:
         45:0c:5b:0a:6a:5e:e2:ab:35:b9:a0:41:5e:e1:df:3d:fc:0c:
         d8:fd:1e:bf:e1:74:37:0b:db:99:72:93:37:ee:a6:78:3c:c2:
         e7:85:e6:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zc8fkJIoiAAXNOgv/PsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNmEzNWNjMzBlYzMxMTY0MjBjMGZmMDRjNTllNDc5M2U5
MTkzZmIwHhcNMjYwMzI5MDcwMTI5WhcNMjYwMzMwMDcwMTI5WjAzMTEwLwYDVQQD
EyhjZjc3ZDU2ZDE2ZTcxYzU0MDU1NjFiNDc0MzBkNGE0OWM1ZDYzZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzedDB1KL1SG0B58ynEhSvduJN9dg
Sl7kz7DOMFA7piObzGAtCutuC2CVk4kbNmdEHFQHEcI1mcjpD5O6Ki5F1uAsloBg
VlcAJJy0AczAwYOpyuRxkh8jz+o75v8l8onQvsyIpYuCJViaUcVkBBKuRrRTVxWb
puGHENC0kA8X7fxRWRN0Y5WL4S0RbahwO6ZE07QMcMFu6UnygWNUUHlyIl+zYViE
FwVZTNyeRIx60Ielr4sb8ZPQEyc4iDphUGxqQcMZNJR4yyW/zGfu6RGIaoe6i9XX
lE5WxFaL2KbLkUsU4lxQrZruxDDGhm/bV3VhbyWrVJQw13zpe7jiFJ+91wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM931W0W5xxUBVYbR0MNSknF1j88MB8GA1UdIwQY
MBaAFGtqNcww7DEWQgwP8ExZ5Hk+kZP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYt
NTFmYjgyZWZmM2Q2LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84OTIyNmQtMWZlZS00NTcxLTgxMDYtNTFmYjgyZWZmM2Q2
LzEvYTJvMXpERHNNUlpDREFfd1RGbmtlVDZSa19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASMumLpyN
01wpuif+kPhvAz54noLE3a/bfLL0DInsRZjdr4heeG+cM8sU1ifkJyGBAdlDFco4
Sfo7J69v0We0k5LpInHWLRdU2JZ+hWMdnWM1pFn62fh81Y8HWX3Z8hPxLUQR7xzF
9MVvQKG9Uyh+cCK96LxVW9VbB76ufJFxCcaFvOkW7xlW16zuc98DAro6c9lTf2wY
58UzTfC83Nhkt3NKkj2B9TDH9kzl7OFD5Pe0snR29+UZpA6igroWADmQ3KSjgojy
axB4UR+Km/QENOodA1JzCZUfRQxbCmpe4qs1uaBBXuHfPfwM2P0ev+F0NwvbmXKT
N+6meDzC54XmKw==
-----END CERTIFICATE-----