Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          4g9FhyBWVBYGKEaLX5ilvFwu0z8+6iKI6CeYSbF6F28=
Subject key identifier:   2E:D4:47:7E:BA:BF:BC:CC:53:D9:E1:93:35:B3:33:29:17:46:22:4C
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       019D3A5388DBF58D7E2007ED15AACEC55833
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          0D06
Signing time:             Sun 29 Mar 2026 16:00:46 +0000
Manifest this update:     Sun 29 Mar 2026 16:00:46 +0000
Manifest next update:     Mon 30 Mar 2026 16:00:46 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: IQETU2ZR8i1f+I4meFMn2WrGfbWMkfXruLYafEX2jLw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 08:48:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:3a:53:88:db:f5:8d:7e:20:07:ed:15:aa:ce:c5:58:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: Mar 29 16:00:46 2026 GMT
            Not After : Mar 30 16:00:46 2026 GMT
        Subject: CN=2ed4477ebabfbccc53d9e19335b333291746224c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c6:e9:ee:6b:eb:c6:aa:5a:9c:02:15:c0:c7:
                    1a:1b:4c:03:23:b7:70:9e:95:ea:20:ac:6c:da:ec:
                    58:67:35:35:5b:fc:cf:e3:a2:20:8f:15:9e:ad:b3:
                    ae:eb:e9:f4:f1:e7:77:34:f1:6b:ad:dd:1a:53:9e:
                    2d:04:de:f9:f1:50:ee:62:fd:da:9f:7e:c3:48:38:
                    47:c9:54:f5:79:1e:d6:cf:85:6c:c9:37:ea:e6:16:
                    df:bc:f9:ed:bf:56:5e:21:d7:02:a1:5e:58:f7:aa:
                    54:72:fb:ca:3d:98:9e:7e:4c:c8:c8:a2:56:cd:28:
                    08:0c:02:97:a1:93:5b:a8:3b:a4:48:54:85:5d:10:
                    e0:49:b0:73:48:f7:1c:5c:d0:d0:23:c7:15:a0:3f:
                    ce:f3:76:f4:39:ed:95:1c:f2:d7:e8:06:8a:de:ce:
                    ee:3c:4a:82:56:83:d3:c2:c9:71:b7:7b:7a:79:ff:
                    23:01:71:af:f1:1d:b1:b1:b1:ee:f9:ef:99:c2:54:
                    08:04:a5:be:83:0e:4d:75:c8:28:4b:62:d9:04:ba:
                    ce:b2:a8:86:ba:38:9f:d5:b3:8a:b3:16:29:59:0f:
                    a8:94:33:49:5d:58:01:ec:d6:02:1f:63:09:b1:a3:
                    70:1b:46:97:6b:f6:2e:83:3e:97:a7:85:01:21:8d:
                    9c:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:D4:47:7E:BA:BF:BC:CC:53:D9:E1:93:35:B3:33:29:17:46:22:4C
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:12:77:81:1c:56:16:be:ec:ec:d2:b0:56:b4:a2:28:c9:b9:
         8a:36:9f:94:37:d1:91:6e:66:31:7b:61:4a:93:49:b6:b5:07:
         57:13:05:0e:d0:2b:81:ac:b6:ca:8f:15:66:0e:ae:42:0e:4d:
         35:35:59:25:bb:9b:91:89:f2:32:2e:da:b1:1b:28:56:54:7d:
         3d:61:f9:ce:c0:5a:3b:d2:9a:d7:e5:d4:9c:8c:d8:42:02:32:
         ec:49:86:9b:c1:77:e3:d7:9e:c0:dc:3b:c5:9f:c6:0f:c5:5c:
         63:06:8c:33:43:1a:a5:00:56:33:67:67:83:22:20:69:9d:ff:
         25:78:a1:fb:55:e8:5a:07:b7:6c:74:0f:8a:5f:5f:b5:3a:9c:
         46:5d:59:2b:71:0b:78:76:ca:08:58:b3:dc:a8:4c:a4:4e:80:
         1e:b6:d7:57:2b:f7:87:6b:62:6a:77:eb:37:71:87:d4:49:7f:
         7f:7f:1d:87:50:ef:60:46:e4:9b:c3:e6:80:fb:9d:ad:e2:f9:
         ac:d2:a4:0e:b6:71:e3:f6:dd:8a:88:74:96:5a:01:b0:7b:d6:
         88:13:7f:4a:4a:42:a1:7f:89:da:50:67:93:93:6c:5e:21:fb:
         ac:29:2c:54:26:c4:36:c2:9d:87:75:96:d6:7d:48:c7:b4:22:
         63:3c:d7:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U4jb9Y1+IAftFarOxVgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjYwMzI5MTYwMDQ2WhcNMjYwMzMwMTYwMDQ2WjAzMTEwLwYDVQQD
EygyZWQ0NDc3ZWJhYmZiY2NjNTNkOWUxOTMzNWIzMzMyOTE3NDYyMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMbp7mvrxqpanAIVwMcaG0wDI7dw
npXqIKxs2uxYZzU1W/zP46IgjxWerbOu6+n08ed3NPFrrd0aU54tBN758VDuYv3a
n37DSDhHyVT1eR7Wz4VsyTfq5hbfvPntv1ZeIdcCoV5Y96pUcvvKPZiefkzIyKJW
zSgIDAKXoZNbqDukSFSFXRDgSbBzSPccXNDQI8cVoD/O83b0Oe2VHPLX6AaK3s7u
PEqCVoPTwslxt3t6ef8jAXGv8R2xsbHu+e+ZwlQIBKW+gw5NdcgoS2LZBLrOsqiG
ujif1bOKsxYpWQ+olDNJXVgB7NYCH2MJsaNwG0aXa/Yugz6Xp4UBIY2cUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC7UR366v7zMU9nhkzWzMykXRiJMMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfxJ3gRxW
Fr7s7NKwVrSiKMm5ijaflDfRkW5mMXthSpNJtrUHVxMFDtArgay2yo8VZg6uQg5N
NTVZJbubkYnyMi7asRsoVlR9PWH5zsBaO9Ka1+XUnIzYQgIy7EmGm8F349eewNw7
xZ/GD8VcYwaMM0MapQBWM2dngyIgaZ3/JXih+1XoWge3bHQPil9ftTqcRl1ZK3EL
eHbKCFiz3KhMpE6AHrbXVyv3h2tianfrN3GH1El/f38dh1DvYEbkm8PmgPudreL5
rNKkDrZx4/bdioh0lloBsHvWiBN/SkpCoX+J2lBnk5NsXiH7rCksVCbENsKdh3WW
1n1Ix7QiYzzXJg==
-----END CERTIFICATE-----