Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          rym7mk0mx1WWJw2KjzIYdpvfna4tqTQydGvYzweR918=
Subject key identifier:   04:B2:13:AD:E4:2A:60:D2:D3:8A:35:5C:1E:51:2B:82:7D:49:A4:16
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019E3117A5F761D761303B3C6CADC6D0F2FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          06E1
Signing time:             Sat 16 May 2026 14:01:33 +0000
Manifest this update:     Sat 16 May 2026 14:01:33 +0000
Manifest next update:     Sun 17 May 2026 14:01:33 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: zm+YbLrdyP2C8oegzwBuuu/bb7l8neSp6pt8ImWOYTo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 17 May 2026 12:40:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:31:17:a5:f7:61:d7:61:30:3b:3c:6c:ad:c6:d0:f2:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: May 16 14:01:33 2026 GMT
            Not After : May 17 14:01:33 2026 GMT
        Subject: CN=04b213ade42a60d2d38a355c1e512b827d49a416
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:0f:71:d6:b6:aa:e8:f5:85:31:d1:4a:f4:2a:
                    fb:7b:bc:dc:00:0b:a0:e7:9f:12:34:b7:ff:01:77:
                    e2:4b:47:5a:17:63:ba:be:40:b1:97:bc:13:8f:04:
                    89:fe:68:a3:b5:6e:89:e4:7f:b4:58:84:10:34:83:
                    4c:9a:c2:46:6f:0d:d0:0f:db:4a:31:f2:1c:00:da:
                    9e:45:d2:f3:96:df:d4:19:a7:47:ea:66:5f:b0:91:
                    e4:b4:9e:88:68:81:a5:d2:9b:3c:64:97:28:d1:8b:
                    5b:78:80:4c:fb:e3:5f:33:6c:59:70:aa:3d:f7:e4:
                    66:fb:4b:78:27:40:5f:a5:35:9a:6a:48:06:45:c0:
                    3e:5a:37:7d:c5:50:67:b0:09:6f:14:50:2e:98:ea:
                    60:6b:10:cc:80:34:f6:31:ba:1a:d5:73:08:e9:5f:
                    7c:88:12:ed:bc:b9:f1:b1:34:d9:45:f1:73:b9:ef:
                    15:12:23:a5:d9:61:e4:ac:89:61:71:e5:0a:ad:fa:
                    3e:88:ce:6e:4f:3f:eb:91:d9:7c:ec:e2:fb:fa:13:
                    b9:8c:dd:87:00:9e:7a:98:71:b0:02:75:b9:fe:82:
                    3c:06:dd:d6:7f:fd:c4:1e:cb:80:c6:b0:39:3d:17:
                    9d:3b:87:66:78:3c:5d:5e:e3:02:01:2d:43:29:dc:
                    49:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:B2:13:AD:E4:2A:60:D2:D3:8A:35:5C:1E:51:2B:82:7D:49:A4:16
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:82:4d:39:39:49:9e:16:33:96:f6:71:ee:c3:54:c8:4c:e2:
         be:9a:d8:0b:d6:d3:89:e5:b7:8d:89:4f:46:bf:69:1a:14:d3:
         3a:d0:73:28:05:2a:91:0d:ab:f1:38:70:67:c2:9f:64:76:7c:
         27:e7:66:f2:e7:f2:d9:fe:66:a4:ae:95:89:dd:98:f8:d9:74:
         5f:51:bd:6c:4e:d6:36:b5:8b:94:6c:d9:79:25:dd:e7:26:a1:
         e9:ed:b1:b5:db:18:11:cc:87:b3:80:9f:3d:69:b8:e7:99:08:
         dc:6f:2d:e4:29:8e:62:f6:82:54:55:82:18:e5:6e:f6:b3:3b:
         35:bd:40:48:58:53:bf:51:0b:8c:30:5f:d1:b5:c3:ab:a8:89:
         d5:a0:b3:b1:ff:31:3b:9e:b3:f2:f1:37:f7:ab:6b:84:d4:87:
         db:66:b5:9e:d0:23:ee:0f:74:3d:01:56:88:90:37:72:7b:f4:
         a3:89:e5:47:ff:e2:8d:b0:eb:f3:f0:15:77:d5:c1:fe:53:04:
         c6:68:a7:67:75:5b:7d:0f:24:67:c7:dd:0f:1d:21:35:04:61:
         71:5a:42:40:94:51:c5:4d:6d:f6:d1:57:c5:7a:e9:bc:37:4f:
         df:87:6d:30:db:c4:63:da:6a:7a:37:be:65:9a:6f:47:9b:91:
         56:b6:8d:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xF6X3YddhMDs8bK3G0PL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwNTE2MTQwMTMzWhcNMjYwNTE3MTQwMTMzWjAzMTEwLwYDVQQD
EygwNGIyMTNhZGU0MmE2MGQyZDM4YTM1NWMxZTUxMmI4MjdkNDlhNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQ9x1raq6PWFMdFK9Cr7e7zcAAug
558SNLf/AXfiS0daF2O6vkCxl7wTjwSJ/mijtW6J5H+0WIQQNINMmsJGbw3QD9tK
MfIcANqeRdLzlt/UGadH6mZfsJHktJ6IaIGl0ps8ZJco0YtbeIBM++NfM2xZcKo9
9+Rm+0t4J0BfpTWaakgGRcA+Wjd9xVBnsAlvFFAumOpgaxDMgDT2Mboa1XMI6V98
iBLtvLnxsTTZRfFzue8VEiOl2WHkrIlhceUKrfo+iM5uTz/rkdl87OL7+hO5jN2H
AJ56mHGwAnW5/oI8Bt3Wf/3EHsuAxrA5PRedO4dmeDxdXuMCAS1DKdxJ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFASyE63kKmDS04o1XB5RK4J9SaQWMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO4JNOTlJ
nhYzlvZx7sNUyEzivprYC9bTieW3jYlPRr9pGhTTOtBzKAUqkQ2r8ThwZ8KfZHZ8
J+dm8ufy2f5mpK6Vid2Y+Nl0X1G9bE7WNrWLlGzZeSXd5yah6e2xtdsYEcyHs4Cf
PWm455kI3G8t5CmOYvaCVFWCGOVu9rM7Nb1ASFhTv1ELjDBf0bXDq6iJ1aCzsf8x
O56z8vE396trhNSH22a1ntAj7g90PQFWiJA3cnv0o4nlR//ijbDr8/AVd9XB/lME
xminZ3VbfQ8kZ8fdDx0hNQRhcVpCQJRRxU1t9tFXxXrpvDdP34dtMNvEY9pqeje+
ZZpvR5uRVraNCA==
-----END CERTIFICATE-----