Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          z3bzflmR1GrRoDoKtTNCqQZL+oPKTI92laA6Hg868M8=
Subject key identifier:   BC:C0:1B:F6:05:10:FB:A0:AC:82:43:18:22:37:80:4A:EB:31:7E:1F
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       019D3909849CF9BAFAFB73EE972CBF8D5090
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0FC7
Signing time:             Sun 29 Mar 2026 10:00:18 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:18 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:18 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: 1yn009k0yzfv1gxgqNMyDWoLETAoo/UB8rgyggBc4Co=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:84:9c:f9:ba:fa:fb:73:ee:97:2c:bf:8d:50:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Mar 29 10:00:18 2026 GMT
            Not After : Mar 30 10:00:18 2026 GMT
        Subject: CN=bcc01bf60510fba0ac8243182237804aeb317e1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9d:00:e6:ae:ef:ac:09:d8:d6:f6:bd:de:9c:
                    fd:eb:62:35:76:b1:f2:22:cb:55:3a:17:76:71:fc:
                    ed:5e:d6:86:e4:2c:53:ce:41:9a:1c:04:df:4f:ea:
                    84:76:2c:6d:45:28:97:f5:73:c9:c9:67:84:1a:32:
                    21:f7:84:2f:ad:0e:b7:95:89:31:37:a5:83:71:08:
                    e2:2f:ab:ee:ab:40:c2:ce:f8:91:72:f0:bf:d3:6b:
                    af:22:cd:eb:62:f3:45:66:56:d9:4e:15:ac:ae:84:
                    e8:16:1f:3b:ee:f0:e4:69:73:92:f8:de:12:eb:db:
                    cc:d5:d9:06:57:4f:f2:38:31:2c:65:19:6d:57:0b:
                    18:9c:37:c4:6c:42:c7:4e:13:22:c1:50:d3:c8:49:
                    00:a3:9f:37:c3:a5:d8:e9:e6:15:b3:32:18:5a:08:
                    40:9d:3a:60:89:80:07:b6:be:d3:0f:3a:63:64:96:
                    1b:e0:25:9d:8a:55:2f:0d:f7:9b:c9:40:2b:bd:cc:
                    f5:31:65:90:b4:48:2b:99:bd:98:79:df:d1:e8:58:
                    62:b6:02:92:06:41:c3:79:2a:3f:68:55:1f:2b:25:
                    56:c7:41:c2:8d:49:1e:2e:14:23:7a:67:19:84:0e:
                    17:2e:f0:f8:e8:3c:72:f7:34:76:f9:b7:c7:ae:8f:
                    dd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:C0:1B:F6:05:10:FB:A0:AC:82:43:18:22:37:80:4A:EB:31:7E:1F
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:27:f0:48:ce:36:fa:c2:ab:76:9e:b1:37:77:44:52:7a:0c:
         a6:98:91:49:22:b0:50:ef:0f:26:77:eb:bd:04:8d:a4:52:48:
         b0:6d:c2:53:f4:a5:8d:46:3a:6d:36:40:2f:5a:2b:c7:13:1e:
         e7:f3:31:07:99:7f:c7:b9:1c:96:36:a7:c3:b9:1d:fc:9c:2e:
         8a:3a:39:22:17:8f:01:dd:f0:1d:11:1c:3d:98:e7:18:67:e9:
         7b:ca:cb:fc:48:16:a5:22:c2:1c:af:cc:c4:c2:40:6f:68:3e:
         c9:d6:3f:ca:0c:20:d7:7d:d4:4b:b1:20:34:5f:67:98:ae:18:
         37:25:03:95:a9:39:df:f6:6c:d1:64:34:6f:c5:a7:1d:a3:aa:
         23:7d:66:45:fc:8e:24:75:a3:c0:e3:cf:10:b6:b9:6b:79:29:
         d3:57:8a:d4:69:70:04:17:2b:92:00:64:cf:d8:70:88:24:8c:
         34:2d:a6:22:f8:5b:33:dc:f1:f8:a1:2c:32:aa:6a:da:1f:ed:
         cb:7f:75:cd:51:a7:96:83:14:8c:33:15:66:6a:f5:eb:50:6f:
         81:9d:5e:19:c6:72:79:82:01:dc:6b:3e:1a:75:8e:f4:43:17:
         a2:99:80:13:4c:1f:38:49:d9:4d:9c:0b:f4:ad:c3:b1:b8:cf:
         99:97:41:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CYSc+br6+3Pulyy/jVCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjYwMzI5MTAwMDE4WhcNMjYwMzMwMTAwMDE4WjAzMTEwLwYDVQQD
EyhiY2MwMWJmNjA1MTBmYmEwYWM4MjQzMTgyMjM3ODA0YWViMzE3ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp0A5q7vrAnY1va93pz962I1drHy
IstVOhd2cfztXtaG5CxTzkGaHATfT+qEdixtRSiX9XPJyWeEGjIh94QvrQ63lYkx
N6WDcQjiL6vuq0DCzviRcvC/02uvIs3rYvNFZlbZThWsroToFh877vDkaXOS+N4S
69vM1dkGV0/yODEsZRltVwsYnDfEbELHThMiwVDTyEkAo583w6XY6eYVszIYWghA
nTpgiYAHtr7TDzpjZJYb4CWdilUvDfebyUArvcz1MWWQtEgrmb2Yed/R6FhitgKS
BkHDeSo/aFUfKyVWx0HCjUkeLhQjemcZhA4XLvD46Dxy9zR2+bfHro/dMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLzAG/YFEPugrIJDGCI3gErrMX4fMB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbCfwSM42
+sKrdp6xN3dEUnoMppiRSSKwUO8PJnfrvQSNpFJIsG3CU/SljUY6bTZAL1orxxMe
5/MxB5l/x7kcljanw7kd/Jwuijo5IhePAd3wHREcPZjnGGfpe8rL/EgWpSLCHK/M
xMJAb2g+ydY/ygwg133US7EgNF9nmK4YNyUDlak53/Zs0WQ0b8WnHaOqI31mRfyO
JHWjwOPPELa5a3kp01eK1GlwBBcrkgBkz9hwiCSMNC2mIvhbM9zx+KEsMqpq2h/t
y391zVGnloMUjDMVZmr161BvgZ1eGcZyeYIB3Gs+GnWO9EMXopmAE0wfOEnZTZwL
9K3DsbjPmZdBxA==
-----END CERTIFICATE-----