Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
File:                     T03F1MB2_YQmOrcubxe1_0rLhEg.mft (raw, json)
Hash identifier:          OkaoG1rxMWP2ahQSkwkQnSjmDfEF+t13AIiy5BHH5gM=
Subject key identifier:   40:72:69:1C:2E:11:58:F4:F2:52:0A:E8:5A:98:02:3A:83:8F:CE:C4
Authority key identifier: 4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48
Certificate issuer:       /CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
Certificate serial:       019D98BD27A8AB9AA81E3CDC8E1379ED98FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
Manifest number:          0BDE
Signing time:             Fri 17 Apr 2026 00:00:26 +0000
Manifest this update:     Fri 17 Apr 2026 00:00:26 +0000
Manifest next update:     Sat 18 Apr 2026 00:00:26 +0000
Files and hashes:         1: T03F1MB2_YQmOrcubxe1_0rLhEg.crl (hash: hMdpXiUjDk57JsA1OA+IWQ3rKRrpMDD0yG7xTCtd5uw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:bd:27:a8:ab:9a:a8:1e:3c:dc:8e:13:79:ed:98:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448
        Validity
            Not Before: Apr 17 00:00:26 2026 GMT
            Not After : Apr 18 00:00:26 2026 GMT
        Subject: CN=4072691c2e1158f4f2520ae85a98023a838fcec4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f2:a5:df:c3:c1:4c:6e:bf:36:a1:bb:9d:35:
                    9f:e5:7e:e4:e4:eb:6d:40:8a:3f:1e:fe:ff:61:6c:
                    c2:87:f4:ec:f0:d6:c9:8b:36:fd:c0:4b:c3:66:a5:
                    82:68:33:7d:88:c6:fc:61:b8:a0:ea:3d:6a:96:e7:
                    25:69:7d:8e:ec:92:9f:7c:64:09:36:91:34:69:53:
                    bd:09:d7:aa:cd:5d:88:1f:35:91:21:0d:fd:a1:24:
                    54:3a:1c:aa:e5:c9:a7:47:d3:43:16:d7:b2:d2:0d:
                    71:1e:e0:91:a3:61:96:57:7e:4b:7c:75:b6:a8:5c:
                    df:d8:97:28:49:3a:70:c1:7c:de:e7:f1:65:33:9e:
                    d1:a7:bf:09:8d:38:85:af:6a:0c:fa:0d:54:8c:f1:
                    4b:77:ac:b0:27:aa:38:82:35:c2:4b:45:6d:3b:7b:
                    d5:a8:5d:7c:99:d9:c3:91:8d:c4:9e:06:f3:ba:58:
                    6f:ce:30:ad:e6:ec:60:ca:10:00:67:37:18:49:a6:
                    36:a8:90:0e:cd:9f:21:b0:37:87:6b:dc:98:8a:25:
                    03:d7:37:ac:2e:ca:f8:db:28:3a:a0:31:b7:18:d6:
                    f7:54:9e:93:a4:91:55:e1:e0:51:2e:85:3e:8a:e4:
                    58:ca:a4:8d:12:ca:8d:a6:5c:d2:7c:68:57:1d:9e:
                    02:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:72:69:1C:2E:11:58:F4:F2:52:0A:E8:5A:98:02:3A:83:8F:CE:C4
            X509v3 Authority Key Identifier:
                keyid:4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:da:33:8c:65:b6:3b:b4:a9:67:e7:45:22:f5:d2:6a:e7:5e:
         bd:69:d5:7d:27:a1:0a:e7:75:6d:7e:e2:d0:3f:fc:d1:17:92:
         ac:88:40:ee:e5:5e:95:c8:f9:48:f2:d4:41:33:bc:02:4d:11:
         bb:f7:ad:49:ef:b3:54:8a:ea:da:c5:92:de:39:bf:2c:b8:bd:
         1e:3b:f6:b8:85:a0:1d:82:fc:e7:22:5a:7e:e1:a4:7b:ac:b8:
         06:80:67:43:01:5f:d6:29:d8:d5:30:81:9b:3a:32:05:5c:b5:
         e8:6c:18:d0:98:bc:4e:63:16:8c:c9:fa:b6:d3:cf:34:8a:bc:
         79:ca:76:f3:d6:37:af:7a:0a:a8:9f:aa:89:db:09:86:06:ae:
         c3:32:85:ed:91:81:81:9f:5b:2d:f8:fc:f4:aa:4f:58:1a:50:
         8b:e8:ce:bb:4d:33:2c:bb:05:b5:32:40:3d:73:18:8f:a6:bd:
         ae:95:5c:ab:28:a9:9d:72:be:7d:b1:31:57:b9:32:fa:0f:16:
         28:a0:58:2c:0a:fc:77:58:78:09:83:9e:65:33:ff:a3:02:08:
         10:a8:cd:20:bf:30:15:e7:cc:19:bd:e0:18:4f:61:5e:33:04:
         3b:bc:3f:38:20:df:66:a3:c5:9b:e7:19:76:48:49:0f:85:65:
         0b:0f:50:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2YvSeoq5qoHjzcjhN57Zj9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNGRjNWQ0YzA3NmZkODQyNjNhYjcyZTZmMTdiNWZmNGFj
Yjg0NDgwHhcNMjYwNDE3MDAwMDI2WhcNMjYwNDE4MDAwMDI2WjAzMTEwLwYDVQQD
Eyg0MDcyNjkxYzJlMTE1OGY0ZjI1MjBhZTg1YTk4MDIzYTgzOGZjZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvKl38PBTG6/NqG7nTWf5X7k5Ott
QIo/Hv7/YWzCh/Ts8NbJizb9wEvDZqWCaDN9iMb8Ybig6j1qluclaX2O7JKffGQJ
NpE0aVO9CdeqzV2IHzWRIQ39oSRUOhyq5cmnR9NDFtey0g1xHuCRo2GWV35LfHW2
qFzf2JcoSTpwwXze5/FlM57Rp78JjTiFr2oM+g1UjPFLd6ywJ6o4gjXCS0VtO3vV
qF18mdnDkY3EngbzulhvzjCt5uxgyhAAZzcYSaY2qJAOzZ8hsDeHa9yYiiUD1zes
Lsr42yg6oDG3GNb3VJ6TpJFV4eBRLoU+iuRYyqSNEsqNplzSfGhXHZ4CuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEByaRwuEVj08lIK6FqYAjqDj87EMB8GA1UdIwQY
MBaAFE9NxdTAdv2EJjq3Lm8Xtf9Ky4RIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUt
ZmE5NmJkZDJmZmEzLzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUtZmE5NmJkZDJmZmEz
LzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdozjGW2
O7SpZ+dFIvXSaudevWnVfSehCud1bX7i0D/80ReSrIhA7uVelcj5SPLUQTO8Ak0R
u/etSe+zVIrq2sWS3jm/LLi9Hjv2uIWgHYL85yJafuGke6y4BoBnQwFf1inY1TCB
mzoyBVy16GwY0Ji8TmMWjMn6ttPPNIq8ecp289Y3r3oKqJ+qidsJhgauwzKF7ZGB
gZ9bLfj89KpPWBpQi+jOu00zLLsFtTJAPXMYj6a9rpVcqyipnXK+fbExV7ky+g8W
KKBYLAr8d1h4CYOeZTP/owIIEKjNIL8wFefMGb3gGE9hXjMEO7w/OCDfZqPFm+cZ
dkhJD4VlCw9QLw==
-----END CERTIFICATE-----