Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
File:                     tj8U3_NUhamVlBKGMDe4XfqfE9g.mft (raw, json)
Hash identifier:          cfz6ZaDDXjCluTlv/PCLPC+4zZgZZDUFrqXzsniMTl0=
Subject key identifier:   FE:2B:07:8F:00:E8:F5:51:D0:3F:C5:93:E8:54:D8:43:2D:1F:3A:B8
Authority key identifier: B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8
Certificate issuer:       /CN=b63f14dff35485a9959412863037b85dfa9f13d8
Certificate serial:       019D9A3E67967944A09B05F31077192867CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
Manifest number:          07F7
Signing time:             Fri 17 Apr 2026 07:01:14 +0000
Manifest this update:     Fri 17 Apr 2026 07:01:14 +0000
Manifest next update:     Sat 18 Apr 2026 07:01:14 +0000
Files and hashes:         1: tj8U3_NUhamVlBKGMDe4XfqfE9g.crl (hash: ff05ezVZFg+ynantG3gqIfGlPI9P/IK3+C8YgsIZBW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 07:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:9a:3e:67:96:79:44:a0:9b:05:f3:10:77:19:28:67:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b63f14dff35485a9959412863037b85dfa9f13d8
        Validity
            Not Before: Apr 17 07:01:14 2026 GMT
            Not After : Apr 18 07:01:14 2026 GMT
        Subject: CN=fe2b078f00e8f551d03fc593e854d8432d1f3ab8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:62:55:22:b9:ab:d9:f1:03:33:27:5a:5e:8c:
                    a5:a9:64:b8:84:1d:98:c6:f4:3a:a4:6c:ce:d9:ef:
                    ae:e6:ca:ce:c0:69:8a:0c:46:9a:e8:db:99:3b:ef:
                    87:13:c2:ed:ee:b1:dd:f3:53:b2:0a:6c:8b:ed:68:
                    fc:ad:f1:27:65:17:32:98:c6:9c:45:25:ce:84:21:
                    87:7a:f4:da:75:4a:58:43:31:b3:97:08:ba:55:b7:
                    67:c2:c6:87:08:f1:a1:86:d7:8a:65:3a:c5:10:fe:
                    f7:db:26:b7:66:35:9a:b1:0a:c9:a3:ea:5e:63:ce:
                    63:f5:42:71:77:a1:c6:05:32:52:ef:1e:a0:5c:4b:
                    fa:1d:9b:02:d9:de:59:77:91:aa:fa:cc:34:ae:c5:
                    48:87:9b:8d:8b:26:bb:f5:93:05:bd:50:21:4e:ef:
                    8e:e6:68:2b:d1:70:be:9b:32:09:b0:f0:c4:70:8b:
                    99:9d:88:bc:b1:cc:9b:2f:37:c8:3e:5f:d9:96:6a:
                    6c:af:e4:29:f7:51:e9:c7:d0:fa:51:87:f7:47:80:
                    58:4b:6b:72:95:ca:57:03:0f:7c:b4:9c:79:db:86:
                    9f:1f:83:c1:1c:58:1b:35:a1:82:51:6d:b8:9c:da:
                    0f:0e:34:59:5b:ae:b0:70:5e:66:fd:70:a6:44:65:
                    51:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:2B:07:8F:00:E8:F5:51:D0:3F:C5:93:E8:54:D8:43:2D:1F:3A:B8
            X509v3 Authority Key Identifier:
                keyid:B6:3F:14:DF:F3:54:85:A9:95:94:12:86:30:37:B8:5D:FA:9F:13:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tj8U3_NUhamVlBKGMDe4XfqfE9g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3bc865-386b-4bea-aba0-66c98c01dfd7/1/tj8U3_NUhamVlBKGMDe4XfqfE9g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:ac:cd:bb:d6:39:d6:f4:62:1b:1f:36:a7:27:c6:d9:e0:ca:
         5f:11:69:fa:7c:05:18:bf:3a:12:8a:2c:81:bc:bb:0e:8e:a7:
         83:d4:6a:8a:85:2c:67:8c:98:e5:e4:db:0d:34:c1:d3:b7:7d:
         dd:06:65:17:57:54:84:5e:42:d2:8c:27:bc:20:f4:57:97:c8:
         79:83:fe:ed:e7:6b:4e:46:f9:ac:7c:8e:a3:48:9a:d1:d0:63:
         09:0b:3a:b2:a9:01:47:72:5f:03:27:56:bb:6e:ef:33:72:91:
         93:11:6d:4c:de:9d:95:0d:b8:99:2b:b2:5f:6f:04:12:c2:23:
         ec:cc:85:fc:48:81:a8:cc:91:4c:03:5e:fa:83:f1:2a:98:5c:
         b1:00:06:f3:36:92:5b:25:82:aa:4a:a7:f1:bd:f3:27:47:e7:
         08:5d:9e:f5:92:40:6c:cc:18:77:e4:76:df:67:aa:62:c8:7e:
         eb:10:a4:14:e3:ff:3c:06:a8:bf:47:d0:24:f5:2c:70:1f:03:
         3b:cb:4d:a1:2b:5c:6a:74:e7:f6:ac:7a:78:53:33:ae:13:e8:
         a9:99:21:f6:a0:0c:c7:a7:1f:28:25:c0:64:ec:6c:d6:3c:48:
         cd:d7:ab:ac:19:9c:e9:7a:6f:67:29:08:76:88:33:5a:de:00:
         c5:52:3d:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPmeWeUSgmwXzEHcZKGfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2M2YxNGRmZjM1NDg1YTk5NTk0MTI4NjMwMzdiODVkZmE5
ZjEzZDgwHhcNMjYwNDE3MDcwMTE0WhcNMjYwNDE4MDcwMTE0WjAzMTEwLwYDVQQD
EyhmZTJiMDc4ZjAwZThmNTUxZDAzZmM1OTNlODU0ZDg0MzJkMWYzYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGJVIrmr2fEDMydaXoylqWS4hB2Y
xvQ6pGzO2e+u5srOwGmKDEaa6NuZO++HE8Lt7rHd81OyCmyL7Wj8rfEnZRcymMac
RSXOhCGHevTadUpYQzGzlwi6VbdnwsaHCPGhhteKZTrFEP732ya3ZjWasQrJo+pe
Y85j9UJxd6HGBTJS7x6gXEv6HZsC2d5Zd5Gq+sw0rsVIh5uNiya79ZMFvVAhTu+O
5mgr0XC+mzIJsPDEcIuZnYi8scybLzfIPl/Zlmpsr+Qp91Hpx9D6UYf3R4BYS2ty
lcpXAw98tJx524afH4PBHFgbNaGCUW24nNoPDjRZW66wcF5m/XCmRGVRVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4rB48A6PVR0D/Fk+hU2EMtHzq4MB8GA1UdIwQY
MBaAFLY/FN/zVIWplZQShjA3uF36nxPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAt
NjZjOThjMDFkZmQ3LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYmM4NjUtMzg2Yi00YmVhLWFiYTAtNjZjOThjMDFkZmQ3
LzEvdGo4VTNfTlVoYW1WbEJLR01EZTRYZnFmRTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg6zNu9Y5
1vRiGx82pyfG2eDKXxFp+nwFGL86Eoosgby7Do6ng9RqioUsZ4yY5eTbDTTB07d9
3QZlF1dUhF5C0ownvCD0V5fIeYP+7edrTkb5rHyOo0ia0dBjCQs6sqkBR3JfAydW
u27vM3KRkxFtTN6dlQ24mSuyX28EEsIj7MyF/EiBqMyRTANe+oPxKphcsQAG8zaS
WyWCqkqn8b3zJ0fnCF2e9ZJAbMwYd+R232eqYsh+6xCkFOP/PAaov0fQJPUscB8D
O8tNoStcanTn9qx6eFMzrhPoqZkh9qAMx6cfKCXAZOxs1jxIzderrBmc6XpvZykI
dogzWt4AxVI9YQ==
-----END CERTIFICATE-----