Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          lq1ug6nr/vljw5w10dh8OIprxNyHOnHYP5cDpkK/3hQ=
Subject key identifier:   3B:B9:81:B6:C4:C6:C1:9B:5B:69:40:05:7D:8C:3F:3E:EC:CC:78:4D
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       019D98F420E898C02A010E9E88F294004DD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0EAC
Signing time:             Fri 17 Apr 2026 01:00:29 +0000
Manifest this update:     Fri 17 Apr 2026 01:00:29 +0000
Manifest next update:     Sat 18 Apr 2026 01:00:29 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: uSQLq2zby2tUt4NQ/ysJmMuuBFLqb7sDhIoMcPYGXHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 17 Apr 2026 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:98:f4:20:e8:98:c0:2a:01:0e:9e:88:f2:94:00:4d:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Apr 17 01:00:29 2026 GMT
            Not After : Apr 18 01:00:29 2026 GMT
        Subject: CN=3bb981b6c4c6c19b5b6940057d8c3f3eeccc784d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0c:fd:3b:58:ba:91:0b:f9:16:83:b3:6a:a6:
                    02:84:fb:30:8f:71:c3:b6:ec:9a:01:c1:c8:74:a4:
                    97:2b:ee:0b:c1:88:1e:f8:aa:9d:33:3f:d4:b7:64:
                    4a:90:84:c6:eb:8c:db:18:33:15:ea:4b:44:c3:da:
                    0a:1b:e8:75:7a:f4:19:b6:bf:1f:00:d5:22:17:a9:
                    f2:4e:83:6c:da:14:08:8e:cd:46:28:0c:af:03:2a:
                    c1:d3:5e:43:f9:82:59:a5:96:a3:50:a9:0e:be:60:
                    86:89:5e:2e:0c:19:36:c6:7a:56:05:d1:17:73:9c:
                    0e:93:86:c9:a4:de:2b:09:a8:1d:a6:95:ff:1a:27:
                    b6:c2:d2:99:b3:d6:a2:b3:ae:b5:6b:6e:6a:8b:7f:
                    83:58:32:92:32:2c:7b:ae:52:52:8b:da:a7:05:e8:
                    e8:87:39:8d:35:2e:d5:42:27:cf:28:c4:bc:c8:f7:
                    ee:54:01:dc:24:a0:eb:5c:d7:bf:78:6b:aa:e7:2d:
                    58:58:13:fd:1b:21:77:b8:95:1b:2e:63:bb:21:3f:
                    d8:13:fb:61:8e:44:66:93:05:62:b4:f7:68:45:f9:
                    da:2f:bd:10:87:75:55:d0:18:54:fd:b9:a7:a0:b2:
                    9d:22:30:a8:9b:b9:7d:bf:a9:1b:9c:02:82:71:c5:
                    17:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:B9:81:B6:C4:C6:C1:9B:5B:69:40:05:7D:8C:3F:3E:EC:CC:78:4D
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:fc:b5:ea:29:3d:ec:c0:12:b3:83:74:1a:8b:03:0f:0e:dd:
         f0:43:e1:83:09:33:d4:f5:b6:8c:ef:aa:70:99:d8:fd:d2:a9:
         bd:f1:c1:27:1c:02:16:5c:fb:14:f7:63:b6:54:68:d9:08:22:
         76:09:b7:c1:72:60:e9:b7:db:d9:18:2c:46:15:0f:54:26:29:
         de:70:88:00:b5:96:a5:8e:cc:d2:26:7d:d8:24:4d:5d:8b:19:
         04:20:0c:9b:a7:58:63:41:1a:55:cd:7b:c2:35:8e:51:4b:ef:
         d4:ec:e8:b9:da:64:cd:1f:99:78:86:60:65:d9:b0:d2:83:ca:
         84:6f:ce:9d:0b:da:f6:c7:b1:00:1d:14:30:69:b5:1b:be:ab:
         f6:bd:19:da:49:b1:39:85:81:6b:a6:08:2b:ad:af:b4:56:ee:
         b9:1a:2d:ed:41:80:56:64:91:31:19:f8:da:1c:1c:8c:ab:4c:
         d9:95:5b:26:15:c1:64:85:16:4a:74:72:ce:89:87:93:f6:d8:
         08:ce:c2:04:48:2c:97:aa:67:87:d7:3e:3b:c7:69:9e:cd:14:
         21:3a:9f:62:2e:d0:13:c0:9c:3f:4b:aa:3f:b6:00:6d:5e:76:
         d4:35:91:7b:b0:c6:96:fe:27:68:26:c5:9b:81:00:9d:a5:58:
         80:3c:7b:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Y9CDomMAqAQ6eiPKUAE3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjYwNDE3MDEwMDI5WhcNMjYwNDE4MDEwMDI5WjAzMTEwLwYDVQQD
EygzYmI5ODFiNmM0YzZjMTliNWI2OTQwMDU3ZDhjM2YzZWVjY2M3ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Qz9O1i6kQv5FoOzaqYChPswj3HD
tuyaAcHIdKSXK+4LwYge+KqdMz/Ut2RKkITG64zbGDMV6ktEw9oKG+h1evQZtr8f
ANUiF6nyToNs2hQIjs1GKAyvAyrB015D+YJZpZajUKkOvmCGiV4uDBk2xnpWBdEX
c5wOk4bJpN4rCagdppX/Gie2wtKZs9ais661a25qi3+DWDKSMix7rlJSi9qnBejo
hzmNNS7VQifPKMS8yPfuVAHcJKDrXNe/eGuq5y1YWBP9GyF3uJUbLmO7IT/YE/th
jkRmkwVitPdoRfnaL70Qh3VV0BhU/bmnoLKdIjCom7l9v6kbnAKCccUX2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDu5gbbExsGbW2lABX2MPz7szHhNMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfy16ik9
7MASs4N0GosDDw7d8EPhgwkz1PW2jO+qcJnY/dKpvfHBJxwCFlz7FPdjtlRo2Qgi
dgm3wXJg6bfb2RgsRhUPVCYp3nCIALWWpY7M0iZ92CRNXYsZBCAMm6dYY0EaVc17
wjWOUUvv1OzoudpkzR+ZeIZgZdmw0oPKhG/OnQva9sexAB0UMGm1G76r9r0Z2kmx
OYWBa6YIK62vtFbuuRot7UGAVmSRMRn42hwcjKtM2ZVbJhXBZIUWSnRyzomHk/bY
CM7CBEgsl6pnh9c+O8dpns0UITqfYi7QE8CcP0uqP7YAbV521DWRe7DGlv4naCbF
m4EAnaVYgDx7Rw==
-----END CERTIFICATE-----