Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
File:                     RDNmA3i76zplxtyp7Qp3b70gRhA.mft (raw, json)
Hash identifier:          lh4g8mfaFc1FUM2N+4ixEKmHRUpOLkcjtlpUrHrJyP8=
Subject key identifier:   64:E6:8E:7F:B8:1C:99:3B:A5:41:C6:76:E3:32:9D:B0:D3:BE:DB:1F
Authority key identifier: 44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10
Certificate issuer:       /CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
Certificate serial:       019DA378540267F712E9B19C61E5A7DBE1D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
Manifest number:          0603
Signing time:             Sun 19 Apr 2026 02:01:05 +0000
Manifest this update:     Sun 19 Apr 2026 02:01:05 +0000
Manifest next update:     Mon 20 Apr 2026 02:01:05 +0000
Files and hashes:         1: RDNmA3i76zplxtyp7Qp3b70gRhA.crl (hash: 94DOZa5YGxoZA13bOvJkcKpScuVqe+JI9qOv12VO9EU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 02:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a3:78:54:02:67:f7:12:e9:b1:9c:61:e5:a7:db:e1:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4433660378bbeb3a65c6dca9ed0a776fbd204610
        Validity
            Not Before: Apr 19 02:01:05 2026 GMT
            Not After : Apr 20 02:01:05 2026 GMT
        Subject: CN=64e68e7fb81c993ba541c676e3329db0d3bedb1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:7e:aa:40:7d:5b:d1:a1:66:a9:e6:a4:79:df:
                    2a:bb:49:4b:3b:b9:1c:07:fd:16:21:77:6e:72:38:
                    4a:8b:6c:2f:ce:49:bc:7b:d3:f1:a3:ac:72:49:cb:
                    8b:c8:de:97:6e:a9:f6:dc:33:0f:fb:d0:ac:23:35:
                    7a:38:93:61:f5:01:58:b6:8f:af:6a:f2:ec:25:df:
                    c0:af:d1:37:72:31:82:f3:6c:f7:71:b4:1e:12:f6:
                    57:6c:2d:01:2c:a6:88:a6:ac:ea:ac:db:55:cf:b7:
                    29:4e:26:4e:b3:5e:de:b7:d2:78:ca:6d:03:61:16:
                    d2:d7:db:e6:37:4b:20:7b:ca:22:22:bf:a6:43:fd:
                    1f:e5:cc:72:bc:07:34:8f:05:2a:85:21:8a:08:9e:
                    1c:bd:5c:1b:ab:40:4a:d2:53:16:21:30:b6:21:af:
                    00:ec:d9:21:ce:91:a9:5d:34:2e:5f:19:5f:8c:a8:
                    22:29:be:f7:2a:37:03:55:0c:86:18:46:c5:f9:e0:
                    8c:1f:be:5b:47:0f:31:53:3c:d7:e6:67:de:eb:1c:
                    02:23:17:50:d2:db:fe:8e:ea:b5:b9:38:1f:81:3b:
                    3b:e4:01:17:0a:0b:9f:ff:ba:ed:45:bd:d9:de:81:
                    3f:12:9a:f6:3a:f2:cb:47:dc:41:a0:47:1b:30:ff:
                    d0:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E6:8E:7F:B8:1C:99:3B:A5:41:C6:76:E3:32:9D:B0:D3:BE:DB:1F
            X509v3 Authority Key Identifier:
                keyid:44:33:66:03:78:BB:EB:3A:65:C6:DC:A9:ED:0A:77:6F:BD:20:46:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDNmA3i76zplxtyp7Qp3b70gRhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/029fc6-77d3-44d1-b8c8-e07f0ac78530/1/RDNmA3i76zplxtyp7Qp3b70gRhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:92:a3:09:71:de:de:71:30:ed:d7:2b:9c:bc:b9:80:28:89:
         69:96:c0:09:33:09:e6:fa:6e:39:04:dc:2b:65:08:27:0b:79:
         70:ff:d2:9d:15:4a:21:5f:cd:ea:90:8c:f9:b8:4a:60:e3:1b:
         ec:0a:53:bd:e0:49:7d:ed:c3:75:7d:50:c6:c1:9d:6c:c1:f0:
         80:6e:dd:c5:23:5b:ed:17:93:74:1f:5b:f0:16:61:b7:46:98:
         23:ba:d3:8a:44:75:94:2e:d2:36:6e:77:9f:71:54:3e:fc:37:
         fe:b5:40:34:07:6f:3c:ec:18:a0:c3:14:d6:d2:d7:4c:8d:13:
         ea:4e:61:3b:37:8e:bb:f2:02:d0:de:c0:ea:3b:c9:be:dc:a6:
         3d:77:76:ab:f4:31:3f:b7:3a:44:ea:92:3b:e2:c1:b4:73:e9:
         14:5d:e1:d2:1b:cc:18:bb:c9:c5:40:7a:84:31:d4:20:07:a8:
         a3:b7:94:7f:c1:0c:ed:63:f8:0f:f6:1f:32:10:a9:ae:dc:7e:
         ac:54:91:88:ca:98:a6:fa:3a:66:f1:71:83:7e:3c:af:db:1e:
         d3:c6:e6:ae:88:db:8e:b6:e2:9f:54:fa:10:a3:7d:23:ba:d1:
         4a:16:3e:b2:5a:6b:5f:bf:0d:a7:4a:ca:90:ae:88:50:ce:d5:
         8d:a0:a2:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jeFQCZ/cS6bGcYeWn2+HRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzM2NjAzNzhiYmViM2E2NWM2ZGNhOWVkMGE3NzZmYmQy
MDQ2MTAwHhcNMjYwNDE5MDIwMTA1WhcNMjYwNDIwMDIwMTA1WjAzMTEwLwYDVQQD
Eyg2NGU2OGU3ZmI4MWM5OTNiYTU0MWM2NzZlMzMyOWRiMGQzYmVkYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn6qQH1b0aFmqeaked8qu0lLO7kc
B/0WIXducjhKi2wvzkm8e9Pxo6xyScuLyN6Xbqn23DMP+9CsIzV6OJNh9QFYto+v
avLsJd/Ar9E3cjGC82z3cbQeEvZXbC0BLKaIpqzqrNtVz7cpTiZOs17et9J4ym0D
YRbS19vmN0sge8oiIr+mQ/0f5cxyvAc0jwUqhSGKCJ4cvVwbq0BK0lMWITC2Ia8A
7NkhzpGpXTQuXxlfjKgiKb73KjcDVQyGGEbF+eCMH75bRw8xUzzX5mfe6xwCIxdQ
0tv+juq1uTgfgTs75AEXCguf/7rtRb3Z3oE/Epr2OvLLR9xBoEcbMP/Q1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTmjn+4HJk7pUHGduMynbDTvtsfMB8GA1UdIwQY
MBaAFEQzZgN4u+s6Zcbcqe0Kd2+9IEYQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4Yzgt
ZTA3ZjBhYzc4NTMwLzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wMjlmYzYtNzdkMy00NGQxLWI4YzgtZTA3ZjBhYzc4NTMw
LzEvUkRObUEzaTc2enBseHR5cDdRcDNiNzBnUmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQpKjCXHe
3nEw7dcrnLy5gCiJaZbACTMJ5vpuOQTcK2UIJwt5cP/SnRVKIV/N6pCM+bhKYOMb
7ApTveBJfe3DdX1QxsGdbMHwgG7dxSNb7ReTdB9b8BZht0aYI7rTikR1lC7SNm53
n3FUPvw3/rVANAdvPOwYoMMU1tLXTI0T6k5hOzeOu/IC0N7A6jvJvtymPXd2q/Qx
P7c6ROqSO+LBtHPpFF3h0hvMGLvJxUB6hDHUIAeoo7eUf8EM7WP4D/YfMhCprtx+
rFSRiMqYpvo6ZvFxg348r9se08bmrojbjrbin1T6EKN9I7rRShY+slprX78Np0rK
kK6IUM7VjaCi6Q==
-----END CERTIFICATE-----