Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
File:                     _4MmzOvF_DL70ONP7n85u6iPuaI.mft (raw, json)
Hash identifier:          zigt6JlnnWRlEXlw93UbANV1Dw4xocJpubuRAANKM64=
Subject key identifier:   25:1D:BC:8C:44:A9:8E:85:EF:14:9C:EC:A6:59:39:FA:98:96:14:27
Authority key identifier: FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2
Certificate issuer:       /CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
Certificate serial:       019D37521D8FFDDE9BB3917D04CF427D0CED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
Manifest number:          140E
Signing time:             Sun 29 Mar 2026 02:00:21 +0000
Manifest this update:     Sun 29 Mar 2026 02:00:21 +0000
Manifest next update:     Mon 30 Mar 2026 02:00:21 +0000
Files and hashes:         1: _4MmzOvF_DL70ONP7n85u6iPuaI.crl (hash: G34hlk+lkmFuifg+uiNoJTXwHJVe0Xzj6q31OjNrd0Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:1d:8f:fd:de:9b:b3:91:7d:04:cf:42:7d:0c:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
        Validity
            Not Before: Mar 29 02:00:21 2026 GMT
            Not After : Mar 30 02:00:21 2026 GMT
        Subject: CN=251dbc8c44a98e85ef149ceca65939fa98961427
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:0c:2e:a4:65:67:4b:6c:8b:eb:67:5f:18:bc:
                    db:78:3b:52:33:f2:b2:50:39:e7:8c:6f:49:8e:87:
                    47:66:ce:00:89:41:a2:50:5b:d3:48:e7:b7:24:eb:
                    93:e0:58:a7:c0:7f:73:f5:97:c4:df:d3:b0:29:24:
                    3a:20:44:72:00:03:a9:d1:c4:32:da:1f:cf:1f:5a:
                    d6:51:52:30:b7:c1:06:9b:65:07:3c:62:05:35:68:
                    fa:75:89:39:89:42:b1:cf:13:9b:c1:94:3f:3c:9d:
                    50:8d:1f:51:32:cb:c8:03:5f:b1:3c:b5:8d:c4:c5:
                    cb:fc:ed:0f:a0:67:68:03:6a:78:da:b2:2b:41:d1:
                    ed:b9:92:94:bc:bc:f5:38:67:d1:ca:94:17:07:85:
                    fc:c0:cb:64:3d:e3:d5:58:6e:01:cf:04:23:29:95:
                    94:94:b6:54:bf:90:2f:db:30:c1:ef:d4:84:5a:cc:
                    00:99:cd:b5:e8:23:b7:b6:04:4f:66:f9:9e:ef:09:
                    6f:b9:51:e5:9c:3c:80:d3:d7:5e:d6:69:d2:e3:e1:
                    d2:ff:39:b9:9e:c9:39:b3:97:5d:17:85:51:a8:fa:
                    55:31:a6:dc:17:62:57:9d:fd:02:d4:c3:b2:43:55:
                    48:ef:69:a4:0f:7f:ff:01:ae:5a:c3:ce:16:68:0e:
                    d7:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:1D:BC:8C:44:A9:8E:85:EF:14:9C:EC:A6:59:39:FA:98:96:14:27
            X509v3 Authority Key Identifier:
                keyid:FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:6a:5f:37:c9:71:6a:b2:52:e4:ac:ee:c2:23:09:39:21:9b:
         4c:0f:a0:39:f5:ad:f7:f2:0a:03:39:20:37:0c:4d:17:55:eb:
         e0:8c:4a:7b:5c:b7:ad:84:45:e9:36:dc:9a:1e:d3:f2:7a:52:
         fd:7a:ae:2e:e9:ca:19:de:8b:a4:28:bd:51:d8:e2:33:5a:b8:
         cd:61:06:a7:8a:c6:b5:9a:8f:02:b5:00:95:85:df:63:f5:36:
         8c:8b:ad:cf:8c:13:dd:ff:b4:85:5d:f7:56:41:a5:b1:0c:75:
         01:f9:6a:73:df:bf:51:0d:3f:93:fa:bf:b3:8e:0c:db:2f:f7:
         27:8e:75:21:54:0d:23:b0:75:a1:f9:75:0d:0a:4a:db:16:2d:
         6b:61:6a:a1:9e:19:ad:06:34:47:24:c7:e1:2f:e2:2b:22:6f:
         c4:9f:8a:5e:e8:23:c7:d4:93:2d:31:d9:d2:5e:90:20:99:07:
         31:dd:48:bc:62:d2:79:c5:fa:63:1f:2a:cd:48:f3:01:e8:57:
         83:d2:a4:07:4d:28:60:f8:fc:12:ca:27:52:5a:13:70:1c:33:
         60:ba:d1:68:1c:94:3e:f2:9e:8d:c3:9b:67:51:70:98:aa:31:
         43:9d:82:1f:13:a4:c6:28:31:b6:8e:bb:d1:20:0f:59:b3:2c:
         cd:38:93:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Uh2P/d6bs5F9BM9CfQztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODMyNmNjZWJjNWZjMzJmYmQwZTM0ZmVlN2YzOWJiYTg4
ZmI5YTIwHhcNMjYwMzI5MDIwMDIxWhcNMjYwMzMwMDIwMDIxWjAzMTEwLwYDVQQD
EygyNTFkYmM4YzQ0YTk4ZTg1ZWYxNDljZWNhNjU5MzlmYTk4OTYxNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswwupGVnS2yL62dfGLzbeDtSM/Ky
UDnnjG9JjodHZs4AiUGiUFvTSOe3JOuT4FinwH9z9ZfE39OwKSQ6IERyAAOp0cQy
2h/PH1rWUVIwt8EGm2UHPGIFNWj6dYk5iUKxzxObwZQ/PJ1QjR9RMsvIA1+xPLWN
xMXL/O0PoGdoA2p42rIrQdHtuZKUvLz1OGfRypQXB4X8wMtkPePVWG4BzwQjKZWU
lLZUv5Av2zDB79SEWswAmc216CO3tgRPZvme7wlvuVHlnDyA09de1mnS4+HS/zm5
nsk5s5ddF4VRqPpVMabcF2JXnf0C1MOyQ1VI72mkD3//Aa5aw84WaA7XqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUdvIxEqY6F7xSc7KZZOfqYlhQnMB8GA1UdIwQY
MBaAFP+DJszrxfwy+9DjT+5/Obuoj7miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEt
OGIxMzQ0YjdkNWE2LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEtOGIxMzQ0YjdkNWE2
LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmpfN8lx
arJS5KzuwiMJOSGbTA+gOfWt9/IKAzkgNwxNF1Xr4IxKe1y3rYRF6Tbcmh7T8npS
/XquLunKGd6LpCi9UdjiM1q4zWEGp4rGtZqPArUAlYXfY/U2jIutz4wT3f+0hV33
VkGlsQx1Aflqc9+/UQ0/k/q/s44M2y/3J451IVQNI7B1ofl1DQpK2xYta2FqoZ4Z
rQY0RyTH4S/iKyJvxJ+KXugjx9STLTHZ0l6QIJkHMd1IvGLSecX6Yx8qzUjzAehX
g9KkB00oYPj8EsonUloTcBwzYLrRaByUPvKejcObZ1FwmKoxQ52CHxOkxigxto67
0SAPWbMszTiTZw==
-----END CERTIFICATE-----