Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          jZfawnVOuM1TzuwiiwQOwYs+M5Fv/6RXx0/YSs5MkYg=
Subject key identifier:   8D:E7:21:0D:76:BD:DF:4C:0A:C9:34:94:EE:04:5A:D7:35:87:EE:C7
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       019D98F46CE7928CD670357612CAE9F0ACB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          0645
Signing time:             Fri 17 Apr 2026 01:00:48 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:48 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:48 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: YUF6GwagQeORdHIKVC7ovOWfDO3uHkxcp5uxD7YpJP4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 01:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:6c:e7:92:8c:d6:70:35:76:12:ca:e9:f0:ac:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Apr 17 01:00:48 2026 GMT
            Not After : Apr 18 01:00:48 2026 GMT
        Subject: CN=8de7210d76bddf4c0ac93494ee045ad73587eec7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8d:48:ee:ab:9c:8e:fc:11:67:57:be:07:90:
                    f4:51:56:b4:c9:ce:e7:e1:ce:6f:58:9d:43:a2:3f:
                    ce:c3:84:c6:80:5f:a9:6f:76:c1:38:e5:87:2a:af:
                    3b:ef:03:6b:0e:9c:73:6f:d0:e7:22:74:eb:ea:37:
                    fe:3e:71:c1:bb:e9:aa:a9:3e:89:90:ef:02:64:ae:
                    06:eb:7a:31:92:3a:8d:ef:d5:74:f8:b6:3b:6c:7c:
                    9d:1b:5c:b0:62:cb:1f:de:7c:45:10:d8:15:b8:06:
                    52:ad:0e:cb:62:71:5b:e9:ed:73:3e:14:3e:6a:db:
                    d7:c7:b3:24:38:0e:0f:04:0e:7a:13:8b:d0:bc:cc:
                    01:dc:df:82:3d:1c:00:8c:fc:16:97:27:c9:08:69:
                    cc:f9:33:aa:91:b3:aa:b3:a2:2d:62:8e:94:c5:fa:
                    e4:04:5c:a9:20:46:c3:3a:0f:4e:b3:c5:80:75:ea:
                    4b:61:37:74:14:69:d2:24:8f:3f:d5:51:a1:9e:72:
                    bf:8c:b2:74:14:4d:31:ad:bf:f3:28:2e:d7:b4:ab:
                    e6:e7:aa:7c:d0:32:c2:55:69:b5:4c:77:a3:b2:88:
                    54:05:0f:f5:89:1a:39:fe:40:52:ac:9c:77:4b:e1:
                    85:5e:70:d6:47:36:56:b7:ba:9f:68:f8:4e:c1:98:
                    4f:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:E7:21:0D:76:BD:DF:4C:0A:C9:34:94:EE:04:5A:D7:35:87:EE:C7
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:02:b7:97:ca:d4:86:26:07:7f:d1:1c:61:67:f6:64:b6:5a:
         06:68:9a:df:d0:31:88:33:54:f2:b8:df:54:84:ed:d1:cd:58:
         a1:f7:e2:5a:57:e7:31:a5:27:ad:46:bc:b5:1c:e4:8a:64:5d:
         94:d4:9b:fd:08:0b:28:6b:c2:64:d2:3c:88:77:9b:c3:c5:69:
         2b:4b:cd:d0:10:aa:6c:97:c3:4c:e0:54:66:c5:90:b0:87:e4:
         a6:bd:f5:8f:e4:87:98:a6:28:d5:63:87:37:25:52:95:e5:0a:
         6d:58:25:8c:b9:8b:99:40:5a:ef:d5:5d:45:36:86:35:95:9d:
         a5:bc:6b:3c:5a:f5:fe:ab:b2:bb:44:e0:52:f0:25:07:e6:8a:
         34:dd:7d:53:74:5e:4e:25:c6:f5:d9:c9:15:ec:91:0b:35:f5:
         0d:9c:9e:95:00:0a:04:4e:2e:20:27:34:ad:a9:19:11:66:4d:
         de:ea:17:7b:48:99:e8:47:42:45:53:23:f3:4d:7f:de:30:25:
         76:c4:9b:16:20:03:59:96:25:6d:ce:7f:13:9e:7b:70:41:ae:
         38:63:31:cc:7c:48:5b:4d:1d:5a:e9:93:83:ef:50:43:41:98:
         39:15:7d:34:e4:a3:9e:f6:1d:db:4c:79:20:79:1a:62:f7:77:
         34:62:4d:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9GznkozWcDV2Esrp8Ky5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjYwNDE3MDEwMDQ4WhcNMjYwNDE4MDEwMDQ4WjAzMTEwLwYDVQQD
Eyg4ZGU3MjEwZDc2YmRkZjRjMGFjOTM0OTRlZTA0NWFkNzM1ODdlZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz41I7qucjvwRZ1e+B5D0UVa0yc7n
4c5vWJ1Doj/Ow4TGgF+pb3bBOOWHKq877wNrDpxzb9DnInTr6jf+PnHBu+mqqT6J
kO8CZK4G63oxkjqN79V0+LY7bHydG1ywYssf3nxFENgVuAZSrQ7LYnFb6e1zPhQ+
atvXx7MkOA4PBA56E4vQvMwB3N+CPRwAjPwWlyfJCGnM+TOqkbOqs6ItYo6Uxfrk
BFypIEbDOg9Os8WAdepLYTd0FGnSJI8/1VGhnnK/jLJ0FE0xrb/zKC7XtKvm56p8
0DLCVWm1THejsohUBQ/1iRo5/kBSrJx3S+GFXnDWRzZWt7qfaPhOwZhPlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3nIQ12vd9MCsk0lO4EWtc1h+7HMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAK3l8rU
hiYHf9EcYWf2ZLZaBmia39AxiDNU8rjfVITt0c1YoffiWlfnMaUnrUa8tRzkimRd
lNSb/QgLKGvCZNI8iHebw8VpK0vN0BCqbJfDTOBUZsWQsIfkpr31j+SHmKYo1WOH
NyVSleUKbVgljLmLmUBa79VdRTaGNZWdpbxrPFr1/quyu0TgUvAlB+aKNN19U3Re
TiXG9dnJFeyRCzX1DZyelQAKBE4uICc0rakZEWZN3uoXe0iZ6EdCRVMj801/3jAl
dsSbFiADWZYlbc5/E557cEGuOGMxzHxIW00dWumTg+9QQ0GYORV9NOSjnvYd20x5
IHkaYvd3NGJNfQ==
-----END CERTIFICATE-----