Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft
File:                     SRodzN7JXOWDRq33ARJj1k6TtNE.mft (raw, json)
Hash identifier:          dWDG9w7f6Q2bhcXzOzYa18sNvNkSDFfd6OgQGRPRyW8=
Subject key identifier:   97:2B:0C:FB:62:4B:44:1A:E7:3A:BC:8C:2D:5F:E0:08:14:62:F6:58
Authority key identifier: 49:1A:1D:CC:DE:C9:5C:E5:83:46:AD:F7:01:12:63:D6:4E:93:B4:D1
Certificate issuer:       /CN=491a1dccdec95ce58346adf7011263d64e93b4d1
Certificate serial:       019D37F74F34255660C8DCF4BAB5A92C372D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SRodzN7JXOWDRq33ARJj1k6TtNE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft
Manifest number:          0202
Signing time:             Sun 29 Mar 2026 05:00:47 +0000
Manifest this update:     Sun 29 Mar 2026 05:00:47 +0000
Manifest next update:     Mon 30 Mar 2026 05:00:47 +0000
Files and hashes:         1: SRodzN7JXOWDRq33ARJj1k6TtNE.crl (hash: 8i1mKJHqRlsT2A3O0LQqnsD2iFS6ATevY5p2uth5xAo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SRodzN7JXOWDRq33ARJj1k6TtNE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 05:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:f7:4f:34:25:56:60:c8:dc:f4:ba:b5:a9:2c:37:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=491a1dccdec95ce58346adf7011263d64e93b4d1
        Validity
            Not Before: Mar 29 05:00:47 2026 GMT
            Not After : Mar 30 05:00:47 2026 GMT
        Subject: CN=972b0cfb624b441ae73abc8c2d5fe0081462f658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:0b:22:15:b0:29:3e:93:29:73:5d:c5:8b:45:
                    8b:9b:66:73:d2:3c:e0:8c:ae:2d:7e:2d:cc:fe:39:
                    a7:3a:5d:aa:16:87:45:72:62:77:5f:9e:7b:c9:d5:
                    8a:98:26:09:dc:34:aa:15:11:0a:f7:88:99:94:ff:
                    d7:2f:ef:10:e9:4a:2b:f6:24:c9:56:1a:f3:1b:03:
                    28:90:dc:4e:61:e5:79:58:0b:63:68:4b:d0:9a:4d:
                    f4:be:96:ec:b6:fd:bd:fb:36:34:b1:57:ff:ba:41:
                    7e:40:bb:23:bd:6d:11:6b:ae:09:04:2a:60:ae:35:
                    2a:70:2e:db:20:23:d3:17:05:0d:3c:ac:af:74:ce:
                    c2:72:d2:b6:8c:55:70:cf:ed:4e:fa:c2:99:3e:98:
                    98:ba:a4:ab:4a:85:84:06:77:9c:97:7f:5a:db:d9:
                    06:b0:0b:5e:ea:4f:f0:26:02:6c:ed:c2:74:9b:73:
                    f0:87:10:6d:87:2f:81:f3:2d:a0:24:65:06:84:df:
                    3c:86:df:1d:ac:16:c2:9f:41:21:ae:2d:3b:a7:6b:
                    db:c3:78:62:b9:e5:bd:17:8c:37:e4:48:ca:4b:09:
                    e3:1c:db:45:b5:fb:8f:42:52:93:f1:cf:9e:01:8f:
                    6b:e0:0d:22:5e:5a:da:09:8d:78:8e:5b:68:07:0d:
                    58:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:2B:0C:FB:62:4B:44:1A:E7:3A:BC:8C:2D:5F:E0:08:14:62:F6:58
            X509v3 Authority Key Identifier:
                keyid:49:1A:1D:CC:DE:C9:5C:E5:83:46:AD:F7:01:12:63:D6:4E:93:B4:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SRodzN7JXOWDRq33ARJj1k6TtNE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/20b2c7-9009-45a0-899d-9c40ef69155b/1/SRodzN7JXOWDRq33ARJj1k6TtNE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:94:c9:16:8a:ab:30:79:fd:c2:c2:b3:22:08:93:03:af:06:
         19:31:40:c3:91:0b:dd:03:99:4b:47:d1:a3:ad:ef:fd:3c:a2:
         80:fd:de:5c:be:a4:bc:da:fd:68:66:d6:e9:46:da:8a:cc:98:
         fe:05:73:ff:07:61:03:55:fe:c1:4b:a2:2e:3d:46:d0:20:e5:
         08:f3:db:76:fd:8e:b3:55:62:7b:ef:17:00:09:61:d8:45:1e:
         ef:94:06:f8:2b:38:0d:ab:e2:ca:72:d3:d3:a5:d3:5c:ff:6c:
         c4:55:b7:e5:7e:2f:96:26:70:10:43:d9:5e:45:47:3b:a9:03:
         f2:3d:80:cb:ec:68:d9:d0:91:f0:98:93:b2:6b:b0:3c:73:35:
         45:a0:f1:1f:e6:b3:70:a1:61:4a:53:be:08:ea:e5:e8:10:c9:
         b7:66:ea:39:e9:ea:f9:5c:84:f7:34:14:19:2c:88:0c:8b:d1:
         50:6a:fc:5e:25:d8:ee:50:4e:fa:2e:d6:f2:d9:d0:cd:80:83:
         bf:17:aa:3f:59:2a:ce:aa:9e:37:c7:fe:3b:b2:24:c4:b1:94:
         3e:94:a4:2b:cf:0f:c7:3d:41:bc:51:38:92:c3:4e:1a:e4:ba:
         54:56:d0:9b:8b:02:f0:64:ac:87:32:4e:29:af:71:45:8a:a1:
         74:8f:3e:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039080JVZgyNz0urWpLDctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MWExZGNjZGVjOTVjZTU4MzQ2YWRmNzAxMTI2M2Q2NGU5
M2I0ZDEwHhcNMjYwMzI5MDUwMDQ3WhcNMjYwMzMwMDUwMDQ3WjAzMTEwLwYDVQQD
Eyg5NzJiMGNmYjYyNGI0NDFhZTczYWJjOGMyZDVmZTAwODE0NjJmNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowsiFbApPpMpc13Fi0WLm2Zz0jzg
jK4tfi3M/jmnOl2qFodFcmJ3X557ydWKmCYJ3DSqFREK94iZlP/XL+8Q6Uor9iTJ
VhrzGwMokNxOYeV5WAtjaEvQmk30vpbstv29+zY0sVf/ukF+QLsjvW0Ra64JBCpg
rjUqcC7bICPTFwUNPKyvdM7CctK2jFVwz+1O+sKZPpiYuqSrSoWEBnecl39a29kG
sAte6k/wJgJs7cJ0m3PwhxBthy+B8y2gJGUGhN88ht8drBbCn0Ehri07p2vbw3hi
ueW9F4w35EjKSwnjHNtFtfuPQlKT8c+eAY9r4A0iXlraCY14jltoBw1YrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcrDPtiS0Qa5zq8jC1f4AgUYvZYMB8GA1UdIwQY
MBaAFEkaHczeyVzlg0at9wESY9ZOk7TRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1JvZHpON0pYT1dEUnEzM0FSSmoxazZUdE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8yMGIyYzctOTAwOS00NWEwLTg5OWQt
OWM0MGVmNjkxNTViLzEvU1JvZHpON0pYT1dEUnEzM0FSSmoxazZUdE5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8yMGIyYzctOTAwOS00NWEwLTg5OWQtOWM0MGVmNjkxNTVi
LzEvU1JvZHpON0pYT1dEUnEzM0FSSmoxazZUdE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALpTJFoqr
MHn9wsKzIgiTA68GGTFAw5EL3QOZS0fRo63v/TyigP3eXL6kvNr9aGbW6UbaisyY
/gVz/wdhA1X+wUuiLj1G0CDlCPPbdv2Os1Vie+8XAAlh2EUe75QG+Cs4DaviynLT
06XTXP9sxFW35X4vliZwEEPZXkVHO6kD8j2Ay+xo2dCR8JiTsmuwPHM1RaDxH+az
cKFhSlO+COrl6BDJt2bqOenq+VyE9zQUGSyIDIvRUGr8XiXY7lBO+i7W8tnQzYCD
vxeqP1kqzqqeN8f+O7IkxLGUPpSkK88Pxz1BvFE4ksNOGuS6VFbQm4sC8GSshzJO
Ka9xRYqhdI8+RA==
-----END CERTIFICATE-----