Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
File:                     Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft (raw, json)
Hash identifier:          7JeAnIyf2O9wVRLGcVSUYiItExvX0ijQQucwQdyjkgI=
Subject key identifier:   08:49:0B:C4:CF:F8:C6:7C:33:EA:47:E7:EB:56:11:43:18:85:11:69
Authority key identifier: 16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56
Certificate issuer:       /CN=1686f7be9ba171c32746ab4ed20be882bd304356
Certificate serial:       019D378989B5D324BC0C963B72160797A130
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
Manifest number:          061E
Signing time:             Sun 29 Mar 2026 03:00:53 +0000
Manifest this update:     Sun 29 Mar 2026 03:00:53 +0000
Manifest next update:     Mon 30 Mar 2026 03:00:53 +0000
Files and hashes:         1: Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl (hash: MBxUjDXCO9pX5F/ANajA4ERN4adzk5gA3zkmwGDklow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:89:89:b5:d3:24:bc:0c:96:3b:72:16:07:97:a1:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1686f7be9ba171c32746ab4ed20be882bd304356
        Validity
            Not Before: Mar 29 03:00:53 2026 GMT
            Not After : Mar 30 03:00:53 2026 GMT
        Subject: CN=08490bc4cff8c67c33ea47e7eb56114318851169
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:61:13:63:93:47:e7:d5:2d:e7:cb:d5:df:6d:
                    b6:f6:cf:bc:06:ea:58:66:44:24:90:f1:44:1a:53:
                    8d:32:fe:e0:7a:4c:95:a7:83:8e:d2:c0:4b:e1:76:
                    ed:71:50:bb:dd:4d:f0:7c:55:cf:95:e4:ef:d4:18:
                    35:b5:02:f8:35:16:00:08:79:01:ca:57:b8:d5:10:
                    67:b4:4c:26:e4:0c:2d:9c:93:13:c5:ab:0a:63:1b:
                    05:6f:46:0a:03:fa:01:7f:af:ae:bf:b0:c2:5d:4f:
                    08:25:d0:7e:15:ea:ca:4a:40:b6:38:95:aa:42:93:
                    d4:8d:59:71:9c:1b:05:13:56:19:8c:b3:da:d4:94:
                    d1:3e:26:ce:f4:07:1c:a5:a0:8e:24:72:7d:64:44:
                    24:13:4e:15:78:d7:cc:4d:ee:b2:36:1b:ee:9c:a8:
                    0c:70:ed:d5:16:07:46:9d:59:b7:76:14:5a:8e:f0:
                    14:9a:61:38:02:3f:61:10:69:bf:22:1c:b4:03:67:
                    d4:de:bf:07:2a:b1:49:65:dd:b2:d0:2e:8a:8c:c6:
                    2d:b3:c1:53:26:5e:ef:a0:ca:ad:9f:7b:e3:e2:d3:
                    32:e9:2f:b6:08:5d:b2:ab:33:e9:e8:11:04:d7:0b:
                    26:1e:d2:dc:26:e3:86:a7:42:4f:fa:7d:22:fb:44:
                    85:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:49:0B:C4:CF:F8:C6:7C:33:EA:47:E7:EB:56:11:43:18:85:11:69
            X509v3 Authority Key Identifier:
                keyid:16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:41:c0:ba:86:1e:75:dc:fe:31:b8:c8:ec:56:12:1e:b2:72:
         c2:fc:b3:cf:01:47:33:91:2e:f9:12:c3:e7:35:5d:46:be:a2:
         d8:35:1c:71:dd:46:55:87:35:5d:7c:a2:a3:32:86:be:ab:78:
         fa:0a:80:98:9d:b6:9e:d3:93:59:69:c9:49:9f:09:a1:2f:61:
         78:c8:7b:f9:d8:f3:ff:e5:e8:37:94:c6:e7:de:bb:f8:0e:cb:
         39:c6:b6:e9:4c:9a:79:99:6b:ff:17:6a:43:7e:1f:c8:ba:b7:
         03:d5:ca:82:77:f3:85:0a:d4:83:b7:96:da:0f:87:55:bd:f9:
         16:d2:3c:ed:f0:6c:ed:af:8b:a8:8b:71:bc:e5:cd:62:80:11:
         9f:c0:85:68:bc:be:19:e0:87:27:95:82:74:52:b5:d6:ce:16:
         e5:fd:fe:8c:30:b0:c4:b2:e8:94:7c:50:07:b5:9a:ee:35:8e:
         64:ec:4e:a9:d7:66:56:ea:38:f2:b4:f7:43:3b:cd:e4:93:0f:
         ba:74:32:54:92:f8:f5:ad:f7:1f:c9:15:04:77:83:07:89:1c:
         8d:d6:8c:d3:7d:71:03:63:3d:0f:a5:d2:2c:9c:e6:05:f1:9a:
         cd:de:1a:94:af:e6:81:c6:e7:6d:fa:86:b3:cc:87:cb:2a:95:
         b4:eb:fb:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iYm10yS8DJY7chYHl6EwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODZmN2JlOWJhMTcxYzMyNzQ2YWI0ZWQyMGJlODgyYmQz
MDQzNTYwHhcNMjYwMzI5MDMwMDUzWhcNMjYwMzMwMDMwMDUzWjAzMTEwLwYDVQQD
EygwODQ5MGJjNGNmZjhjNjdjMzNlYTQ3ZTdlYjU2MTE0MzE4ODUxMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ETY5NH59Ut58vV32229s+8BupY
ZkQkkPFEGlONMv7gekyVp4OO0sBL4XbtcVC73U3wfFXPleTv1Bg1tQL4NRYACHkB
yle41RBntEwm5AwtnJMTxasKYxsFb0YKA/oBf6+uv7DCXU8IJdB+FerKSkC2OJWq
QpPUjVlxnBsFE1YZjLPa1JTRPibO9AccpaCOJHJ9ZEQkE04VeNfMTe6yNhvunKgM
cO3VFgdGnVm3dhRajvAUmmE4Aj9hEGm/Ihy0A2fU3r8HKrFJZd2y0C6KjMYts8FT
Jl7voMqtn3vj4tMy6S+2CF2yqzPp6BEE1wsmHtLcJuOGp0JP+n0i+0SFcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhJC8TP+MZ8M+pH5+tWEUMYhRFpMB8GA1UdIwQY
MBaAFBaG976boXHDJ0arTtIL6IK9MENWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDkt
NzRhOThjYjY2ZmZmLzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDktNzRhOThjYjY2ZmZm
LzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGkHAuoYe
ddz+MbjI7FYSHrJywvyzzwFHM5Eu+RLD5zVdRr6i2DUccd1GVYc1XXyiozKGvqt4
+gqAmJ22ntOTWWnJSZ8JoS9heMh7+djz/+XoN5TG5967+A7LOca26UyaeZlr/xdq
Q34fyLq3A9XKgnfzhQrUg7eW2g+HVb35FtI87fBs7a+LqItxvOXNYoARn8CFaLy+
GeCHJ5WCdFK11s4W5f3+jDCwxLLolHxQB7Wa7jWOZOxOqddmVuo48rT3QzvN5JMP
unQyVJL49a33H8kVBHeDB4kcjdaM031xA2M9D6XSLJzmBfGazd4alK/mgcbnbfqG
s8yHyyqVtOv70A==
-----END CERTIFICATE-----