Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          owLG/VMAsoGpM7yn4xrljlmBOoVbhpk67g0/KKUI994=
Subject key identifier:   B2:61:63:2E:F7:4D:55:51:98:8F:75:CD:64:F3:21:24:63:C2:6F:4C
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       019D9961E4153A5F24FCDB34D3970E024AAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          0D9B
Signing time:             Fri 17 Apr 2026 03:00:22 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:22 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:22 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: xPqp0kLoJ8emK7BZ3HWPlqQHq6qputCDD0Gc8D8/5oA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:61:e4:15:3a:5f:24:fc:db:34:d3:97:0e:02:4a:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Apr 17 03:00:22 2026 GMT
            Not After : Apr 18 03:00:22 2026 GMT
        Subject: CN=b261632ef74d5551988f75cd64f3212463c26f4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c5:d9:ba:e3:e6:0b:f2:57:e5:5d:8e:c1:42:
                    c0:5d:1e:63:11:aa:3f:db:58:f2:e9:cc:b0:6e:3c:
                    b7:ea:35:fd:6c:37:ad:d1:6d:5d:a1:19:6e:2f:d9:
                    a4:c9:40:17:a5:24:4d:07:82:76:e6:dd:6f:15:70:
                    6b:24:08:d3:78:a9:d5:3f:ed:e9:4c:99:55:d3:be:
                    56:8f:88:30:2d:c2:0a:ec:fb:46:3c:95:45:1c:9d:
                    ef:38:bb:ef:a0:5b:b6:4b:7b:49:5d:d5:62:36:d6:
                    c8:92:2c:19:07:4c:c3:66:96:ad:6b:23:6f:f5:4b:
                    95:16:18:5d:10:7f:a6:47:51:ca:26:db:2e:ac:19:
                    e8:af:8c:98:ac:25:38:4d:86:23:4a:5f:dd:14:5a:
                    16:d7:1e:70:1f:59:12:5a:74:55:f0:6c:f7:3a:5c:
                    a2:58:8c:3d:da:32:61:8f:4e:b4:5d:77:cb:a2:5a:
                    b0:c7:6b:4a:c6:7f:62:23:a5:c0:09:8d:46:51:91:
                    3f:c5:6a:cc:f2:aa:18:94:74:75:7c:8d:d7:ef:2c:
                    83:9a:c0:77:fb:da:51:bd:67:03:ce:36:c4:4c:bf:
                    b5:82:cc:51:6e:10:ba:85:f6:a5:c5:34:e8:fa:57:
                    c0:cb:c5:28:b4:c7:69:fe:e7:7a:08:6b:19:27:ab:
                    5c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:61:63:2E:F7:4D:55:51:98:8F:75:CD:64:F3:21:24:63:C2:6F:4C
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:04:e0:e1:f0:a6:d5:47:da:7e:53:70:8a:40:29:76:88:b3:
         95:de:12:55:6b:be:cf:00:16:52:7a:6a:27:b0:fa:e0:cd:23:
         1f:7d:c9:63:9b:cc:50:02:82:37:42:e2:4e:a1:e9:3f:4a:83:
         a3:a5:41:a9:4b:7c:fc:86:d5:4c:31:b5:7c:d9:d9:c4:02:6c:
         68:a2:6a:e1:e3:22:5c:b6:f6:2b:44:f0:c0:00:6b:ff:7f:f8:
         bf:fa:8c:94:92:ba:dc:60:0f:97:05:42:cd:09:02:a3:ec:47:
         90:26:f1:76:e5:45:d7:38:d6:b0:cd:a3:f8:c9:72:88:5c:c2:
         d1:93:81:ed:74:5a:51:35:1b:3c:a3:13:08:2a:25:56:eb:2d:
         c2:ca:ce:cf:e4:d0:27:81:31:5b:5f:9a:52:9f:a6:30:d6:05:
         b7:f4:1f:20:f0:ad:95:e4:dd:55:43:e7:b2:94:3e:54:72:e4:
         7e:ba:5e:8b:7f:9b:72:93:14:94:58:82:f4:72:66:14:3c:05:
         bd:a7:69:e5:e8:cd:8f:52:b0:60:17:4d:69:80:b4:a9:98:02:
         d9:60:1c:d6:8f:52:44:bd:b0:6d:e1:b9:3f:8e:df:8d:9e:21:
         81:63:68:98:48:20:1e:2e:1e:f0:bf:77:9a:08:70:e5:2f:88:
         bb:6a:fa:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYeQVOl8k/Ns005cOAkqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjYwNDE3MDMwMDIyWhcNMjYwNDE4MDMwMDIyWjAzMTEwLwYDVQQD
EyhiMjYxNjMyZWY3NGQ1NTUxOTg4Zjc1Y2Q2NGYzMjEyNDYzYzI2ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosXZuuPmC/JX5V2OwULAXR5jEao/
21jy6cywbjy36jX9bDet0W1doRluL9mkyUAXpSRNB4J25t1vFXBrJAjTeKnVP+3p
TJlV075Wj4gwLcIK7PtGPJVFHJ3vOLvvoFu2S3tJXdViNtbIkiwZB0zDZpatayNv
9UuVFhhdEH+mR1HKJtsurBnor4yYrCU4TYYjSl/dFFoW1x5wH1kSWnRV8Gz3Olyi
WIw92jJhj060XXfLolqwx2tKxn9iI6XACY1GUZE/xWrM8qoYlHR1fI3X7yyDmsB3
+9pRvWcDzjbETL+1gsxRbhC6hfalxTTo+lfAy8UotMdp/ud6CGsZJ6tc/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJhYy73TVVRmI91zWTzISRjwm9MMB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQTg4fCm
1UfaflNwikApdoizld4SVWu+zwAWUnpqJ7D64M0jH33JY5vMUAKCN0LiTqHpP0qD
o6VBqUt8/IbVTDG1fNnZxAJsaKJq4eMiXLb2K0TwwABr/3/4v/qMlJK63GAPlwVC
zQkCo+xHkCbxduVF1zjWsM2j+MlyiFzC0ZOB7XRaUTUbPKMTCColVustwsrOz+TQ
J4ExW1+aUp+mMNYFt/QfIPCtleTdVUPnspQ+VHLkfrpei3+bcpMUlFiC9HJmFDwF
vadp5ejNj1KwYBdNaYC0qZgC2WAc1o9SRL2wbeG5P47fjZ4hgWNomEggHi4e8L93
mghw5S+Iu2r6GQ==
-----END CERTIFICATE-----