Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
File:                     l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft (raw, json)
Hash identifier:          0x4arpSjGrbBcvVpMLGXyy/uz2XjdlxZLTBjNCc3JDg=
Subject key identifier:   29:60:0C:F5:CE:07:85:08:9C:2A:A6:71:B2:3F:F0:D7:D5:3B:60:4D
Authority key identifier: 97:B6:CB:48:84:1C:E5:19:B2:83:59:CA:F1:BC:E3:40:E3:36:81:EF
Certificate issuer:       /CN=97b6cb48841ce519b28359caf1bce340e33681ef
Certificate serial:       019D3752D9E4DFAF39E86BFD4EB43AB94AFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
Manifest number:          0A39
Signing time:             Sun 29 Mar 2026 02:01:09 +0000
Manifest this update:     Sun 29 Mar 2026 02:01:09 +0000
Manifest next update:     Mon 30 Mar 2026 02:01:09 +0000
Files and hashes:         1: l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl (hash: csuHfdmgnO/TwkNTj/AeXpfrxap1MdXer2a5oAFBFUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 02:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:52:d9:e4:df:af:39:e8:6b:fd:4e:b4:3a:b9:4a:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97b6cb48841ce519b28359caf1bce340e33681ef
        Validity
            Not Before: Mar 29 02:01:09 2026 GMT
            Not After : Mar 30 02:01:09 2026 GMT
        Subject: CN=29600cf5ce0785089c2aa671b23ff0d7d53b604d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:0a:82:d3:f7:e8:2a:42:34:dc:da:36:df:a8:
                    39:c7:64:93:92:b4:7f:e8:12:cc:d5:04:94:79:71:
                    7d:03:08:d4:72:b2:94:5e:e6:a4:8e:6f:d2:21:76:
                    e7:75:19:f7:e1:74:cb:3f:35:22:0d:5d:9e:56:0c:
                    7f:93:ef:f0:f1:eb:41:d6:39:fa:4f:87:12:77:1e:
                    ff:d4:20:12:0f:90:43:f8:94:e1:eb:40:82:26:b6:
                    bf:a0:09:a1:93:ad:0b:55:75:61:80:86:d7:ef:4f:
                    01:17:d9:44:95:80:0c:04:c9:bc:f4:ef:4f:01:82:
                    83:12:04:36:58:00:3c:51:91:86:9d:5c:db:fd:93:
                    a6:c1:c2:c0:03:96:1f:8f:f6:84:ea:bf:75:36:a7:
                    d6:34:9f:a3:b3:01:30:54:07:13:0b:f0:94:e8:46:
                    b3:51:b0:7f:aa:d8:0a:8a:23:24:3f:c1:9b:cf:1a:
                    b1:9f:08:23:11:d4:40:e4:d1:1d:02:67:7e:f6:ef:
                    a5:42:e3:70:d3:00:b1:ba:42:f2:4f:ba:94:af:2f:
                    9f:34:12:55:18:25:81:1e:d5:31:54:9f:87:c8:e1:
                    ad:9d:b4:b0:b7:bd:4c:16:fe:d9:83:0b:e2:83:ba:
                    8a:64:0e:ab:0e:9e:9b:37:a8:11:f2:9d:b9:ff:3c:
                    5b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:60:0C:F5:CE:07:85:08:9C:2A:A6:71:B2:3F:F0:D7:D5:3B:60:4D
            X509v3 Authority Key Identifier:
                keyid:97:B6:CB:48:84:1C:E5:19:B2:83:59:CA:F1:BC:E3:40:E3:36:81:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bdd92e-3b11-416f-ae93-46ea656bf389/1/l7bLSIQc5Rmyg1nK8bzjQOM2ge8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:b6:07:83:7d:68:12:e1:58:95:b9:f5:59:22:f0:27:f2:5b:
         01:11:c0:ff:77:aa:8b:af:be:71:51:c6:da:48:34:e1:35:59:
         b0:82:52:7c:7f:c6:73:f0:68:37:60:f4:ee:4e:1e:09:d9:92:
         39:36:ac:df:9b:dc:34:0f:43:d5:01:f3:3a:d6:0c:53:45:13:
         0e:fe:7f:c9:1b:11:c2:99:d3:15:d6:e0:a2:e0:1a:98:34:cb:
         29:ed:7e:ef:e3:cd:29:95:a5:33:b9:b8:06:94:90:dd:fd:0d:
         44:63:ec:33:e1:3f:2f:24:57:8f:45:f5:c1:5d:96:e8:7d:a7:
         d9:24:23:f4:94:9d:79:af:36:3a:d0:07:45:c2:04:89:23:a5:
         4c:fb:8f:76:2d:dd:4a:e6:c0:08:68:94:ee:47:8c:04:a2:fd:
         a4:77:e4:f5:7a:71:24:96:e1:92:07:52:c5:b2:37:43:2f:5a:
         56:1a:2b:79:e8:63:47:06:ed:1d:0a:71:30:d2:63:11:c6:d7:
         7e:32:65:9b:f4:14:50:cd:78:79:39:aa:8b:f4:95:bb:c7:65:
         15:fe:8d:bc:c7:61:b2:ce:eb:6f:54:0d:ec:54:e0:a4:bc:f0:
         3d:7f:eb:cf:cd:63:5a:16:21:6a:f4:43:51:d6:a0:93:31:3c:
         5f:7a:f8:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03Utnk36856Gv9TrQ6uUr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YjZjYjQ4ODQxY2U1MTliMjgzNTljYWYxYmNlMzQwZTMz
NjgxZWYwHhcNMjYwMzI5MDIwMTA5WhcNMjYwMzMwMDIwMTA5WjAzMTEwLwYDVQQD
EygyOTYwMGNmNWNlMDc4NTA4OWMyYWE2NzFiMjNmZjBkN2Q1M2I2MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wqC0/foKkI03No236g5x2STkrR/
6BLM1QSUeXF9AwjUcrKUXuakjm/SIXbndRn34XTLPzUiDV2eVgx/k+/w8etB1jn6
T4cSdx7/1CASD5BD+JTh60CCJra/oAmhk60LVXVhgIbX708BF9lElYAMBMm89O9P
AYKDEgQ2WAA8UZGGnVzb/ZOmwcLAA5Yfj/aE6r91NqfWNJ+jswEwVAcTC/CU6Eaz
UbB/qtgKiiMkP8GbzxqxnwgjEdRA5NEdAmd+9u+lQuNw0wCxukLyT7qUry+fNBJV
GCWBHtUxVJ+HyOGtnbSwt71MFv7Zgwvig7qKZA6rDp6bN6gR8p25/zxb3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClgDPXOB4UInCqmcbI/8NfVO2BNMB8GA1UdIwQY
MBaAFJe2y0iEHOUZsoNZyvG840DjNoHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZGQ5MmUtM2IxMS00MTZmLWFlOTMt
NDZlYTY1NmJmMzg5LzEvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iZGQ5MmUtM2IxMS00MTZmLWFlOTMtNDZlYTY1NmJmMzg5
LzEvbDdiTFNJUWM1Um15ZzFuSzhiempRT00yZ2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgbYHg31o
EuFYlbn1WSLwJ/JbARHA/3eqi6++cVHG2kg04TVZsIJSfH/Gc/BoN2D07k4eCdmS
OTas35vcNA9D1QHzOtYMU0UTDv5/yRsRwpnTFdbgouAamDTLKe1+7+PNKZWlM7m4
BpSQ3f0NRGPsM+E/LyRXj0X1wV2W6H2n2SQj9JSdea82OtAHRcIEiSOlTPuPdi3d
SubACGiU7keMBKL9pHfk9XpxJJbhkgdSxbI3Qy9aVhoreehjRwbtHQpxMNJjEcbX
fjJlm/QUUM14eTmqi/SVu8dlFf6NvMdhss7rb1QN7FTgpLzwPX/rz81jWhYhavRD
UdagkzE8X3r48A==
-----END CERTIFICATE-----