Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
File:                     ba7zApYp3gKduYq3tOm9IhwomRw.mft (raw, json)
Hash identifier:          5HwSaEx3yRaPD/yoeD/gBwWBNyRqEaE7V4o2+dyMfZY=
Subject key identifier:   4E:31:15:8B:6F:3C:47:32:77:79:63:3D:6C:4A:C3:0C:6A:EE:F2:81
Authority key identifier: 6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C
Certificate issuer:       /CN=6daef3029629de029db98ab7b4e9bd221c28991c
Certificate serial:       019D3865CB7D42EB949FE5C87D350D5F6A9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
Manifest number:          0E78
Signing time:             Sun 29 Mar 2026 07:01:28 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:28 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:28 +0000
Files and hashes:         1: ba7zApYp3gKduYq3tOm9IhwomRw.crl (hash: bff9ENL8HW6I0aofUK2qxZnrS27Y3PdTKTyvMaeWYlI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:65:cb:7d:42:eb:94:9f:e5:c8:7d:35:0d:5f:6a:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6daef3029629de029db98ab7b4e9bd221c28991c
        Validity
            Not Before: Mar 29 07:01:28 2026 GMT
            Not After : Mar 30 07:01:28 2026 GMT
        Subject: CN=4e31158b6f3c47327779633d6c4ac30c6aeef281
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:e7:7b:c9:61:52:73:ca:7a:dc:aa:6f:c9:2b:
                    d7:87:a5:a2:01:6f:02:a5:21:f5:32:5f:23:23:57:
                    a2:ce:f3:38:52:58:eb:48:d0:9e:52:9a:92:ad:4b:
                    d7:a3:b1:63:ec:d3:8f:16:ab:a7:c3:bb:54:87:92:
                    7a:bb:23:5b:27:ae:a5:e4:d6:d3:42:9c:43:79:f7:
                    4f:74:e8:c9:ea:c1:71:38:18:d3:e7:b6:c0:ca:62:
                    c5:ab:b4:97:a2:8c:23:f7:5e:50:4d:e2:14:47:3c:
                    80:c1:40:6c:01:bc:2e:93:81:b3:d0:1f:e5:10:b2:
                    c6:86:ea:34:46:2e:4e:15:c9:ae:e5:44:30:5f:67:
                    50:66:a2:44:6e:e1:e9:40:98:59:11:dc:bd:98:e0:
                    8d:97:13:20:b6:ad:3c:95:8d:54:62:bc:90:0e:04:
                    a0:b3:94:52:96:d7:c2:ad:37:93:c5:01:cd:04:93:
                    ca:6f:2d:1d:ed:2b:b5:51:f1:0d:7a:c2:b4:66:9d:
                    18:c0:24:33:a9:f8:b8:52:fa:2f:f8:26:9d:5d:e7:
                    4b:2c:6c:c2:94:a9:7b:c9:dd:74:4b:e2:c0:aa:b3:
                    27:c1:91:bc:11:8d:0f:3e:6e:e2:d5:86:4f:75:93:
                    52:c1:33:13:cb:0c:bf:e2:45:96:44:f8:3e:12:db:
                    02:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:31:15:8B:6F:3C:47:32:77:79:63:3D:6C:4A:C3:0C:6A:EE:F2:81
            X509v3 Authority Key Identifier:
                keyid:6D:AE:F3:02:96:29:DE:02:9D:B9:8A:B7:B4:E9:BD:22:1C:28:99:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba7zApYp3gKduYq3tOm9IhwomRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b73411-cf4e-4999-9f42-cde404805b10/1/ba7zApYp3gKduYq3tOm9IhwomRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ec:77:29:2f:df:ca:89:b8:49:38:f4:46:34:49:c9:53:64:
         d5:82:9b:1e:f2:a7:91:0d:d5:33:a1:c1:0b:bf:d1:51:ef:7f:
         c9:7a:b0:7b:1a:ba:78:5c:ec:bd:9a:d0:86:f0:b2:53:0f:fa:
         50:e5:14:c3:20:d1:b1:ae:42:8c:6e:c3:2d:65:7a:df:dd:83:
         bf:74:7e:63:c8:7a:2d:03:ae:9e:41:5b:21:0d:be:a3:2b:05:
         b7:c6:fd:f7:f0:4d:14:cb:e8:e3:b6:9b:84:63:41:f9:4c:05:
         bb:0a:5d:dc:28:31:81:95:7e:4f:f9:a8:57:4f:52:53:fc:f1:
         ab:d8:61:d6:6c:1d:5f:3b:0b:6f:14:64:8c:43:a6:aa:b1:e0:
         51:47:00:bc:28:dd:fe:23:32:2c:82:0a:7b:87:a2:6d:ea:cf:
         25:97:04:db:2c:36:58:de:0c:80:77:cc:fb:b1:9b:2d:e8:38:
         93:c1:dc:3e:a0:20:07:20:b7:e4:1f:29:43:6a:82:e2:27:39:
         97:4e:4c:1d:13:d0:d4:a6:06:f8:a9:4f:e5:11:ec:67:a9:52:
         63:32:8e:4b:1c:bf:fc:1f:1b:8b:7d:4d:be:7e:ed:e6:ab:76:
         86:05:19:04:18:56:cf:f7:40:79:8a:e6:73:e0:44:27:91:46:
         c9:4e:1d:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Zct9QuuUn+XIfTUNX2qbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYWVmMzAyOTYyOWRlMDI5ZGI5OGFiN2I0ZTliZDIyMWMy
ODk5MWMwHhcNMjYwMzI5MDcwMTI4WhcNMjYwMzMwMDcwMTI4WjAzMTEwLwYDVQQD
Eyg0ZTMxMTU4YjZmM2M0NzMyNzc3OTYzM2Q2YzRhYzMwYzZhZWVmMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+d7yWFSc8p63KpvySvXh6WiAW8C
pSH1Ml8jI1eizvM4UljrSNCeUpqSrUvXo7Fj7NOPFqunw7tUh5J6uyNbJ66l5NbT
QpxDefdPdOjJ6sFxOBjT57bAymLFq7SXoowj915QTeIURzyAwUBsAbwuk4Gz0B/l
ELLGhuo0Ri5OFcmu5UQwX2dQZqJEbuHpQJhZEdy9mOCNlxMgtq08lY1UYryQDgSg
s5RSltfCrTeTxQHNBJPKby0d7Su1UfENesK0Zp0YwCQzqfi4Uvov+CadXedLLGzC
lKl7yd10S+LAqrMnwZG8EY0PPm7i1YZPdZNSwTMTywy/4kWWRPg+EtsCjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE4xFYtvPEcyd3ljPWxKwwxq7vKBMB8GA1UdIwQY
MBaAFG2u8wKWKd4CnbmKt7TpvSIcKJkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDIt
Y2RlNDA0ODA1YjEwLzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzM0MTEtY2Y0ZS00OTk5LTlmNDItY2RlNDA0ODA1YjEw
LzEvYmE3ekFwWXAzZ0tkdVlxM3RPbTlJaHdvbVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMOx3KS/f
yom4STj0RjRJyVNk1YKbHvKnkQ3VM6HBC7/RUe9/yXqwexq6eFzsvZrQhvCyUw/6
UOUUwyDRsa5CjG7DLWV6392Dv3R+Y8h6LQOunkFbIQ2+oysFt8b99/BNFMvo47ab
hGNB+UwFuwpd3CgxgZV+T/moV09SU/zxq9hh1mwdXzsLbxRkjEOmqrHgUUcAvCjd
/iMyLIIKe4eiberPJZcE2yw2WN4MgHfM+7GbLeg4k8HcPqAgByC35B8pQ2qC4ic5
l05MHRPQ1KYG+KlP5RHsZ6lSYzKOSxy//B8bi31Nvn7t5qt2hgUZBBhWz/dAeYrm
c+BEJ5FGyU4dlQ==
-----END CERTIFICATE-----