Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          /mLK+HFqRKYPaXUPZceJIL4gSGHcCZ88pXzpZRIFCGg=
Subject key identifier:   14:D8:D7:AF:4D:BB:FF:07:C6:2F:AF:B6:68:6B:EB:A4:EB:4E:7D:ED
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       019D38655E94B79425807563ECA0C3C7DD5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          101C
Signing time:             Sun 29 Mar 2026 07:01:00 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:00 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:00 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: dbP1i968arRJUmuZG/pCfbpTcOnpiqHtUx2UWkI2rHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:5e:94:b7:94:25:80:75:63:ec:a0:c3:c7:dd:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Mar 29 07:01:00 2026 GMT
            Not After : Mar 30 07:01:00 2026 GMT
        Subject: CN=14d8d7af4dbbff07c62fafb6686beba4eb4e7ded
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:0c:f3:19:b9:c9:fa:9c:58:b3:ba:c9:f9:18:
                    f7:74:c8:2c:34:83:59:0b:fc:62:3f:d0:79:ae:3b:
                    f2:41:b7:e7:d5:cc:ea:44:7f:d1:82:39:30:27:91:
                    e8:e5:e1:79:f7:bc:6a:32:40:ec:82:1c:06:3b:1c:
                    1c:d8:56:73:c1:ef:c4:67:82:85:53:b4:96:02:b2:
                    d0:30:00:d4:a4:9c:3f:19:ba:04:60:5c:26:b4:aa:
                    1c:62:bf:5b:b2:61:19:31:be:1b:62:43:99:60:8c:
                    2f:52:45:66:1a:a7:37:c5:be:48:b7:bb:42:01:9e:
                    93:3d:0d:ca:44:d3:84:0b:1e:5c:6e:33:31:63:91:
                    93:36:35:03:d4:44:75:eb:63:5c:27:53:43:b1:bf:
                    90:a6:b6:6f:48:a0:20:df:28:1c:3e:fe:6f:6a:30:
                    ce:b5:b3:e6:67:eb:15:ef:97:55:02:59:d9:3b:41:
                    40:27:a5:9b:b6:fb:da:db:a4:b6:f7:2c:91:96:87:
                    b5:06:d6:1b:95:a5:f0:c2:9a:ef:cf:c5:de:4b:8f:
                    9f:c0:4a:16:c8:2c:45:74:0a:f3:93:b7:ef:09:df:
                    0f:70:dd:40:75:6f:14:f9:eb:f3:39:12:b7:69:41:
                    d6:87:5b:66:1f:5b:f7:ca:30:22:76:43:6a:8f:c4:
                    2a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:D8:D7:AF:4D:BB:FF:07:C6:2F:AF:B6:68:6B:EB:A4:EB:4E:7D:ED
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:25:d4:ce:2f:0e:c4:17:fd:c5:79:fb:d9:f4:87:a4:00:53:
         15:68:9b:43:29:ef:6e:70:20:6e:e4:3b:10:e1:24:70:ba:b9:
         13:8e:82:aa:d0:c7:86:d1:10:26:06:18:a5:90:54:fd:36:c5:
         1d:82:85:7a:9e:d6:d7:74:03:0a:ca:6c:da:04:64:02:c9:27:
         c9:c3:74:1e:3e:d6:9d:42:60:31:19:97:8f:df:64:af:30:cb:
         e8:e3:0f:84:67:a4:54:e2:f2:93:df:07:29:0b:57:3f:8a:b8:
         ca:eb:59:a3:8d:09:98:26:e4:14:b2:e5:55:04:9e:3f:d7:67:
         73:f1:92:a9:e6:54:39:24:2a:24:0a:93:2b:37:23:70:2b:39:
         69:02:5f:b4:7a:64:fc:31:73:27:95:8a:19:ac:c9:81:4d:c6:
         41:18:f7:40:7b:26:42:19:35:be:45:df:01:71:f2:54:a8:0b:
         49:6c:89:dc:51:f5:03:8e:f2:9d:13:50:e9:fe:c5:88:45:50:
         29:cc:62:9a:e4:ae:dc:6b:d3:43:40:74:31:45:ef:b6:fc:03:
         cd:91:db:02:0e:dc:54:e6:dd:a0:41:47:f8:7e:66:13:9e:a2:
         23:07:d9:76:85:97:68:98:20:04:4e:0e:62:e0:d8:1d:f6:bb:
         8f:11:6d:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZV6Ut5QlgHVj7KDDx91dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjYwMzI5MDcwMTAwWhcNMjYwMzMwMDcwMTAwWjAzMTEwLwYDVQQD
EygxNGQ4ZDdhZjRkYmJmZjA3YzYyZmFmYjY2ODZiZWJhNGViNGU3ZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wzzGbnJ+pxYs7rJ+Rj3dMgsNINZ
C/xiP9B5rjvyQbfn1czqRH/RgjkwJ5Ho5eF597xqMkDsghwGOxwc2FZzwe/EZ4KF
U7SWArLQMADUpJw/GboEYFwmtKocYr9bsmEZMb4bYkOZYIwvUkVmGqc3xb5It7tC
AZ6TPQ3KRNOECx5cbjMxY5GTNjUD1ER162NcJ1NDsb+QprZvSKAg3ygcPv5vajDO
tbPmZ+sV75dVAlnZO0FAJ6Wbtvva26S29yyRloe1BtYblaXwwprvz8XeS4+fwEoW
yCxFdArzk7fvCd8PcN1AdW8U+evzORK3aUHWh1tmH1v3yjAidkNqj8QqMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTY169Nu/8Hxi+vtmhr66TrTn3tMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGCXUzi8O
xBf9xXn72fSHpABTFWibQynvbnAgbuQ7EOEkcLq5E46CqtDHhtEQJgYYpZBU/TbF
HYKFep7W13QDCsps2gRkAsknycN0Hj7WnUJgMRmXj99krzDL6OMPhGekVOLyk98H
KQtXP4q4yutZo40JmCbkFLLlVQSeP9dnc/GSqeZUOSQqJAqTKzcjcCs5aQJftHpk
/DFzJ5WKGazJgU3GQRj3QHsmQhk1vkXfAXHyVKgLSWyJ3FH1A47ynRNQ6f7FiEVQ
KcximuSu3GvTQ0B0MUXvtvwDzZHbAg7cVObdoEFH+H5mE56iIwfZdoWXaJggBE4O
YuDYHfa7jxFtUA==
-----END CERTIFICATE-----