Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
File:                     76psy3hXNGAC5rvEmPiLnobfGAY.mft (raw, json)
Hash identifier:          BGX88zTX6geCFhP0pmg1ELkTdBfZ6Vh5bz2QLd/4xnM=
Subject key identifier:   3D:67:73:32:98:88:F3:09:5D:C7:4B:F9:E5:10:45:68:34:CA:A8:F5
Authority key identifier: EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06
Certificate issuer:       /CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
Certificate serial:       019D973CA5A6ABF18355DC855D9DE16F457A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
Manifest number:          0682
Signing time:             Thu 16 Apr 2026 17:00:27 +0000
Manifest this update:     Thu 16 Apr 2026 17:00:27 +0000
Manifest next update:     Fri 17 Apr 2026 17:00:27 +0000
Files and hashes:         1: 76psy3hXNGAC5rvEmPiLnobfGAY.crl (hash: YzYJ/hFe2J6NpFM5ZC7hLH+2aoaeOpo1nBi3P56PUD4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 17:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:97:3c:a5:a6:ab:f1:83:55:dc:85:5d:9d:e1:6f:45:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=efaa6ccb7857346002e6bbc498f88b9e86df1806
        Validity
            Not Before: Apr 16 17:00:27 2026 GMT
            Not After : Apr 17 17:00:27 2026 GMT
        Subject: CN=3d6773329888f3095dc74bf9e510456834caa8f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:26:95:76:c0:5e:15:54:17:3a:35:3e:fa:fa:
                    c5:ab:46:52:00:a3:c7:a4:87:c8:6b:59:99:c7:3d:
                    55:20:bf:b1:63:10:cb:1e:61:5a:99:74:37:02:47:
                    5a:c6:13:58:68:14:a2:fd:8d:6f:22:a5:b2:e9:4a:
                    7d:76:4e:79:97:c8:93:29:c5:23:3d:67:8f:85:d1:
                    c1:83:7e:9c:b2:79:ab:7c:22:67:38:01:de:9e:cc:
                    d9:f5:7b:10:26:d1:e9:58:86:a4:61:46:a5:ec:bc:
                    11:69:a3:59:5b:e3:72:b3:f3:41:55:7c:9a:2e:8c:
                    ca:2c:9d:3f:64:dd:27:2e:ce:fb:3f:bd:9b:e3:4e:
                    2c:49:de:5d:8c:5c:8b:a8:34:b5:fb:f3:b8:49:84:
                    41:00:a8:8d:dd:b0:59:60:57:77:93:75:ef:4a:81:
                    7e:82:5f:21:9b:e1:fe:66:b1:6c:25:fa:59:7a:00:
                    f2:a0:39:13:21:02:77:33:c5:5b:29:82:09:72:f5:
                    8b:ce:71:2c:f4:e2:84:16:70:79:b7:c5:df:68:c7:
                    2a:b6:18:97:49:6a:82:8d:ed:23:a1:0b:a8:a6:5a:
                    97:6c:64:5c:4d:d7:d2:22:5f:dc:1c:76:93:5b:e2:
                    95:8f:3f:20:d8:7e:18:14:07:43:67:ff:13:ed:f2:
                    c5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:67:73:32:98:88:F3:09:5D:C7:4B:F9:E5:10:45:68:34:CA:A8:F5
            X509v3 Authority Key Identifier:
                keyid:EF:AA:6C:CB:78:57:34:60:02:E6:BB:C4:98:F8:8B:9E:86:DF:18:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76psy3hXNGAC5rvEmPiLnobfGAY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa9614-f6d7-4c33-b94b-d820f65ced81/1/76psy3hXNGAC5rvEmPiLnobfGAY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:87:df:ef:8e:35:33:20:dd:62:f1:8d:9e:38:95:68:59:5f:
         f1:f9:05:cc:1f:47:2e:d6:31:0f:9a:1a:e7:6c:b4:c4:2a:6b:
         ca:93:3d:98:db:cd:d1:84:da:11:16:99:b0:e9:ad:dd:76:dc:
         39:c3:65:e4:9d:5b:bb:68:7c:58:22:f3:46:a7:84:14:84:3b:
         3c:6c:34:65:8b:7d:af:f3:98:39:41:fa:76:1c:88:a2:a8:38:
         b3:0d:5f:9f:c0:83:9e:6a:f7:fa:e5:7d:3d:54:08:27:de:2b:
         6f:5f:53:d8:2c:a4:ce:b1:01:59:d7:c1:31:59:3c:de:a7:bb:
         d2:08:53:72:ad:6a:bd:3b:55:a3:8a:81:10:51:3c:45:89:9a:
         bd:9a:dd:60:69:67:d7:76:d9:a0:27:dd:92:e8:e2:a2:e1:a1:
         37:24:97:c4:bc:31:20:ed:f4:5b:ac:34:17:5c:b2:af:0c:1d:
         7b:cc:7f:93:20:89:49:ef:a3:b4:55:12:27:14:25:2d:d1:fb:
         24:92:d0:f8:42:33:49:31:0f:22:82:bd:e5:69:09:3b:bf:f8:
         53:79:19:ee:89:87:83:6e:7d:a1:37:80:bb:41:38:92:38:27:
         37:cb:bf:10:03:ac:14:35:b6:ce:47:bc:5e:3c:f8:d1:c5:8b:
         c8:ba:ac:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2XPKWmq/GDVdyFXZ3hb0V6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWE2Y2NiNzg1NzM0NjAwMmU2YmJjNDk4Zjg4YjllODZk
ZjE4MDYwHhcNMjYwNDE2MTcwMDI3WhcNMjYwNDE3MTcwMDI3WjAzMTEwLwYDVQQD
EygzZDY3NzMzMjk4ODhmMzA5NWRjNzRiZjllNTEwNDU2ODM0Y2FhOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yaVdsBeFVQXOjU++vrFq0ZSAKPH
pIfIa1mZxz1VIL+xYxDLHmFamXQ3AkdaxhNYaBSi/Y1vIqWy6Up9dk55l8iTKcUj
PWePhdHBg36csnmrfCJnOAHenszZ9XsQJtHpWIakYUal7LwRaaNZW+Nys/NBVXya
LozKLJ0/ZN0nLs77P72b404sSd5djFyLqDS1+/O4SYRBAKiN3bBZYFd3k3XvSoF+
gl8hm+H+ZrFsJfpZegDyoDkTIQJ3M8VbKYIJcvWLznEs9OKEFnB5t8XfaMcqthiX
SWqCje0joQuoplqXbGRcTdfSIl/cHHaTW+KVjz8g2H4YFAdDZ/8T7fLF6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1nczKYiPMJXcdL+eUQRWg0yqj1MB8GA1UdIwQY
MBaAFO+qbMt4VzRgAua7xJj4i56G3xgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGIt
ZDgyMGY2NWNlZDgxLzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hYTk2MTQtZjZkNy00YzMzLWI5NGItZDgyMGY2NWNlZDgx
LzEvNzZwc3kzaFhOR0FDNXJ2RW1QaUxub2JmR0FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkIff7441
MyDdYvGNnjiVaFlf8fkFzB9HLtYxD5oa52y0xCprypM9mNvN0YTaERaZsOmt3Xbc
OcNl5J1bu2h8WCLzRqeEFIQ7PGw0ZYt9r/OYOUH6dhyIoqg4sw1fn8CDnmr3+uV9
PVQIJ94rb19T2CykzrEBWdfBMVk83qe70ghTcq1qvTtVo4qBEFE8RYmavZrdYGln
13bZoCfdkujiouGhNySXxLwxIO30W6w0F1yyrwwde8x/kyCJSe+jtFUSJxQlLdH7
JJLQ+EIzSTEPIoK95WkJO7/4U3kZ7omHg259oTeAu0E4kjgnN8u/EAOsFDW2zke8
Xjz40cWLyLqswA==
-----END CERTIFICATE-----