Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          Gvej0YR8BNVxjw7z+YgX2OPIAqsWkGgKyRWw+XuP3Nw=
Subject key identifier:   D5:E9:64:E7:21:D8:EE:D7:7D:43:EE:74:C0:31:AA:C3:48:D4:C8:EB
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       019D38D3B649E094338715AF22B85B573978
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          0BBF
Signing time:             Sun 29 Mar 2026 09:01:31 +0000
Manifest this update:     Sun 29 Mar 2026 09:01:31 +0000
Manifest next update:     Mon 30 Mar 2026 09:01:31 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: +oObUOtUxSY5ckMmZMu7VlUaTfV7fCHjS0IErprQU7E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:d3:b6:49:e0:94:33:87:15:af:22:b8:5b:57:39:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Mar 29 09:01:31 2026 GMT
            Not After : Mar 30 09:01:31 2026 GMT
        Subject: CN=d5e964e721d8eed77d43ee74c031aac348d4c8eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7d:da:bb:02:d6:f4:6a:04:05:64:92:bd:30:
                    23:91:0d:6a:61:85:7c:23:a4:36:63:11:03:75:64:
                    35:73:19:71:a3:1b:ac:a2:36:3e:d8:9a:8a:4c:5d:
                    2a:38:18:fb:18:6c:70:25:8f:6f:9e:a8:49:72:bd:
                    94:72:c3:a6:52:6f:da:83:b1:d4:3d:50:39:4d:74:
                    22:ab:8f:24:2b:80:30:8e:b5:03:5f:c4:73:27:09:
                    3c:c5:88:0b:47:ee:d6:6f:dc:e4:63:34:24:cf:73:
                    3c:35:6b:79:de:fb:67:b8:ba:70:4f:d4:5d:3e:86:
                    1c:b7:09:2d:73:0d:9b:f5:65:fd:e7:89:a0:a5:72:
                    ad:60:77:b6:7e:00:c1:e4:16:3e:e5:f4:c0:8e:36:
                    24:ad:ca:da:ff:5c:c3:7a:d0:ac:00:b4:d0:dd:43:
                    1f:2e:11:ec:2b:20:05:e3:66:c4:7a:e8:eb:ed:3d:
                    72:7f:5c:33:f7:e6:a9:bf:30:90:d7:e8:85:57:a1:
                    18:bd:bf:14:39:24:10:a0:37:a1:ff:11:76:66:80:
                    84:16:f8:8e:85:eb:81:d1:15:ca:4f:5f:b1:0a:48:
                    9b:09:cf:c6:e5:fa:0c:ff:f9:63:52:20:f3:2e:5a:
                    ec:83:bd:a3:03:fe:21:6d:35:31:79:54:76:4b:53:
                    4f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:E9:64:E7:21:D8:EE:D7:7D:43:EE:74:C0:31:AA:C3:48:D4:C8:EB
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:04:fc:1d:3d:a4:69:a0:6a:e0:0a:5c:44:2b:9e:8e:5c:b7:
         d1:bb:8f:80:46:ab:4c:af:88:70:7e:d9:8f:ca:e3:9f:90:ef:
         85:44:f2:91:d3:31:17:14:24:0a:34:3c:49:0a:50:d9:1d:93:
         8d:d4:6e:7b:d8:4e:0d:5d:27:01:e5:59:2f:d8:ce:49:fe:b7:
         7e:bf:bc:fd:20:07:c6:49:5b:47:40:bf:28:68:29:ad:81:e3:
         29:07:9f:f5:6c:6a:27:de:af:83:0e:64:34:f6:83:34:12:1c:
         0b:e5:2e:9f:43:69:b2:52:f8:cc:d9:9f:f5:93:da:43:22:16:
         f0:e9:a0:10:75:5d:48:f1:2b:27:f7:e8:49:3d:49:ff:f4:4e:
         6e:f2:9f:c6:bc:d5:cf:69:2e:6a:73:ed:0c:73:d2:de:45:35:
         d3:87:8b:c2:67:df:ca:14:6b:62:d1:bf:71:b8:8f:26:50:d9:
         4b:a7:fe:ed:cd:eb:f6:10:bf:b6:c3:f5:47:29:18:ee:f3:06:
         61:04:98:2d:36:ae:03:9a:39:57:09:b0:53:f3:ce:b2:bb:4e:
         d8:30:38:59:79:55:dc:e3:bd:16:23:16:ca:95:8e:71:3c:08:
         b3:40:f9:d6:8b:6a:1c:7b:5a:59:a9:8d:f7:a1:0e:8d:35:86:
         f1:ab:f3:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407ZJ4JQzhxWvIrhbVzl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
EyhkNWU5NjRlNzIxZDhlZWQ3N2Q0M2VlNzRjMDMxYWFjMzQ4ZDRjOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX3auwLW9GoEBWSSvTAjkQ1qYYV8
I6Q2YxEDdWQ1cxlxoxusojY+2JqKTF0qOBj7GGxwJY9vnqhJcr2UcsOmUm/ag7HU
PVA5TXQiq48kK4AwjrUDX8RzJwk8xYgLR+7Wb9zkYzQkz3M8NWt53vtnuLpwT9Rd
PoYctwktcw2b9WX954mgpXKtYHe2fgDB5BY+5fTAjjYkrcra/1zDetCsALTQ3UMf
LhHsKyAF42bEeujr7T1yf1wz9+apvzCQ1+iFV6EYvb8UOSQQoDeh/xF2ZoCEFviO
heuB0RXKT1+xCkibCc/G5foM//ljUiDzLlrsg72jA/4hbTUxeVR2S1NPIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXpZOch2O7XfUPudMAxqsNI1MjrMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqAT8HT2k
aaBq4ApcRCuejly30buPgEarTK+IcH7Zj8rjn5DvhUTykdMxFxQkCjQ8SQpQ2R2T
jdRue9hODV0nAeVZL9jOSf63fr+8/SAHxklbR0C/KGgprYHjKQef9WxqJ96vgw5k
NPaDNBIcC+Uun0NpslL4zNmf9ZPaQyIW8OmgEHVdSPErJ/foST1J//RObvKfxrzV
z2kuanPtDHPS3kU104eLwmffyhRrYtG/cbiPJlDZS6f+7c3r9hC/tsP1RykY7vMG
YQSYLTauA5o5VwmwU/POsrtO2DA4WXlV3OO9FiMWypWOcTwIs0D51otqHHtaWamN
96EOjTWG8avzBQ==
-----END CERTIFICATE-----