Manifest

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft
File:                     0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft (raw, json)
Hash identifier:          JRjbRNAxaLmMA4jdBc6XXuXHDs8kzLymTSQnhK68a7c=
Subject key identifier:   9B:95:90:3A:74:74:D7:73:AC:8E:5B:2A:12:62:3E:4B:84:CA:69:2C
Authority key identifier: 08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
Certificate issuer:       /CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Certificate serial:       43D88DC8270EE8214FCED2183BD9E4527ED7109E
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft
Manifest number:          0172
Signing time:             Sun 12 Apr 2026 16:00:40 +0000
Manifest this update:     Sun 12 Apr 2026 15:55:40 +0000
Manifest next update:     Mon 13 Apr 2026 18:51:40 +0000
Files and hashes:         1: 326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa (hash: Em5jZEM0Z1oJ1UofjCQGnCq9Pql9aI7sK4Y5UkTysUg=)
                          2: 0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl (hash: hc2bQdad/nK7N74iXcvzQRlWfgFX3mqtKD7ugphGRyo=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:d8:8d:c8:27:0e:e8:21:4f:ce:d2:18:3b:d9:e4:52:7e:d7:10:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
        Validity
            Not Before: Apr 12 15:55:40 2026 GMT
            Not After : Apr 13 18:51:40 2026 GMT
        Subject: CN=9B95903A7474D773AC8E5B2A12623E4B84CA692C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:c2:b1:dc:5a:c1:78:d5:6f:5a:cc:58:43:d9:
                    d2:c0:60:d1:23:0a:bd:06:e7:9a:90:b5:b8:87:3e:
                    7c:7e:c6:44:57:8b:5a:8f:b3:5a:5c:76:ea:78:89:
                    5e:2b:97:31:91:3d:4a:3b:65:b4:88:64:52:ad:4e:
                    5e:60:26:2e:e3:d2:3f:14:a8:1e:dc:6d:4c:e9:83:
                    3f:df:0a:be:b5:fe:91:8e:47:a5:60:97:40:88:16:
                    61:c9:cf:7e:bc:91:ad:13:f5:69:bd:f8:80:d6:5b:
                    a7:bb:21:6c:7e:57:ae:d1:14:16:b9:90:47:22:b8:
                    80:06:7b:70:3c:d8:42:dc:1d:8e:4f:24:4d:b6:e4:
                    52:f0:9a:61:cb:7a:af:7c:9c:0a:df:41:d1:b2:fa:
                    a4:11:2a:4b:ce:ad:e7:f9:12:c4:60:ff:8b:7f:b8:
                    0f:a1:c4:75:a9:ec:7d:e4:a7:c6:16:97:b6:59:29:
                    ba:07:3c:9a:ba:d3:89:50:c2:09:c6:e1:95:56:f0:
                    cc:dd:a3:12:65:9b:e2:80:42:99:5f:fd:bf:b1:65:
                    db:a8:fc:53:af:f7:f4:d5:fa:d3:f5:68:6d:81:4e:
                    13:60:01:00:13:1b:a2:e6:57:36:76:d7:85:91:10:
                    92:27:18:45:3f:fe:c4:90:71:49:90:3d:4f:05:fd:
                    02:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:95:90:3A:74:74:D7:73:AC:8E:5B:2A:12:62:3E:4B:84:CA:69:2C
            X509v3 Authority Key Identifier:
                keyid:08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:37:2c:97:d0:8c:30:95:7d:44:e2:0f:fe:15:0f:c7:68:cc:
         f5:76:76:ce:27:0b:2e:a1:ee:64:4a:48:b6:d1:27:30:a4:ea:
         87:78:89:9f:f3:d2:eb:1e:61:10:a9:d4:07:a4:48:51:22:92:
         bd:9b:73:39:1b:fa:d0:ec:e9:c0:64:eb:01:a9:50:95:0f:e3:
         74:6a:1c:d2:29:33:11:c9:83:af:0f:a6:5c:45:49:6e:80:1f:
         42:ff:f3:1a:34:9f:08:a2:da:e1:9d:0b:66:8f:6a:e9:d3:7e:
         61:a5:df:22:df:55:93:87:b1:eb:ef:d3:0b:c2:50:31:53:f9:
         eb:41:c1:f3:60:71:fd:2a:64:ff:91:9e:13:1d:98:dc:e8:cf:
         45:fe:66:d7:ee:64:cd:60:dc:35:e6:0b:75:79:2e:ba:17:9c:
         d8:88:4b:4d:1e:37:cb:70:3f:45:84:5b:39:8e:a9:9f:c7:2f:
         bd:ce:83:73:38:b1:fa:2a:f7:af:1f:f6:6d:d6:6f:9d:64:60:
         d9:20:c4:df:34:57:6d:bb:df:b7:61:4e:94:10:03:56:8f:70:
         89:22:f9:1e:fb:d3:d3:38:ac:a0:d1:a6:03:e2:39:54:19:cf:
         86:c1:30:ae:d5:12:e3:d0:71:e2:19:f7:ee:c1:9e:83:dd:da:
         b4:37:db:2c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUQ9iNyCcO6CFPztIYO9nkUn7XEJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3
OEU5RjM5QjAeFw0yNjA0MTIxNTU1NDBaFw0yNjA0MTMxODUxNDBaMDMxMTAvBgNV
BAMTKDlCOTU5MDNBNzQ3NEQ3NzNBQzhFNUIyQTEyNjIzRTRCODRDQTY5MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKwrHcWsF41W9azFhD2dLAYNEj
Cr0G55qQtbiHPnx+xkRXi1qPs1pcdup4iV4rlzGRPUo7ZbSIZFKtTl5gJi7j0j8U
qB7cbUzpgz/fCr61/pGOR6Vgl0CIFmHJz368ka0T9Wm9+IDWW6e7IWx+V67RFBa5
kEciuIAGe3A82ELcHY5PJE225FLwmmHLeq98nArfQdGy+qQRKkvOref5EsRg/4t/
uA+hxHWp7H3kp8YWl7ZZKboHPJq604lQwgnG4ZVW8MzdoxJlm+KAQplf/b+xZduo
/FOv9/TV+tP1aG2BThNgAQATG6LmVzZ214WREJInGEU//sSQcUmQPU8F/QJnAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUm5WQOnR013OsjlsqEmI+S4TKaSwwHwYDVR0j
BBgwFoAUCHSAEWTclfCrnM1L0wSj73jp85swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzEvMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3OEU5RjM5Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJE
MzA0QTNFRjc4RTlGMzlCLmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUF
BzALhn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzNjOGU0ZTExLTNhY2EtNDMwNS1hY2Q0LWYwNWU2YzkwOTExNS8xLzA4NzQ4MDEx
NjREQzk1RjBBQjlDQ0Q0QkQzMDRBM0VGNzhFOUYzOUIubWZ0MBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIF
ADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAyNyyX
0IwwlX1E4g/+FQ/HaMz1dnbOJwsuoe5kSki20ScwpOqHeImf89LrHmEQqdQHpEhR
IpK9m3M5G/rQ7OnAZOsBqVCVD+N0ahzSKTMRyYOvD6ZcRUlugB9C//MaNJ8Iotrh
nQtmj2rp035hpd8i31WTh7Hr79MLwlAxU/nrQcHzYHH9KmT/kZ4THZjc6M9F/mbX
7mTNYNw15gt1eS66F5zYiEtNHjfLcD9FhFs5jqmfxy+9zoNzOLH6KvevH/Zt1m+d
ZGDZIMTfNFdtu9+3YU6UEANWj3CJIvke+9PTOKyg0aYD4jlUGc+GwTCu1RLj0HHi
GffuwZ6D3dq0N9ss
-----END CERTIFICATE-----