Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
File:                     bwXPdx2ZkucP9nQOayBiDOUtDYs.mft (raw, json)
Hash identifier:          cnQbLXx3eZAGjU1omP3RXW/kqgjg5l1YQ2R3jMJXqAE=
Subject key identifier:   E3:8D:F4:B3:2A:B8:41:DC:C5:6E:CF:DC:9C:21:0D:A1:02:59:55:31
Authority key identifier: 6F:05:CF:77:1D:99:92:E7:0F:F6:74:0E:6B:20:62:0C:E5:2D:0D:8B
Certificate issuer:       /CN=6f05cf771d9992e70ff6740e6b20620ce52d0d8b
Certificate serial:       019D386653D920AA8F51764575D37DF6776F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bwXPdx2ZkucP9nQOayBiDOUtDYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
Manifest number:          0E2E
Signing time:             Sun 29 Mar 2026 07:02:03 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:03 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:03 +0000
Files and hashes:         1: bwXPdx2ZkucP9nQOayBiDOUtDYs.crl (hash: ZX4FDmeN8ndncX51smOuY0JWPF5q7FooYE8ddN8Ejs4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bwXPdx2ZkucP9nQOayBiDOUtDYs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:53:d9:20:aa:8f:51:76:45:75:d3:7d:f6:77:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f05cf771d9992e70ff6740e6b20620ce52d0d8b
        Validity
            Not Before: Mar 29 07:02:03 2026 GMT
            Not After : Mar 30 07:02:03 2026 GMT
        Subject: CN=e38df4b32ab841dcc56ecfdc9c210da102595531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ef:8a:b1:5e:f6:7c:95:2c:37:01:7b:ac:29:
                    fe:c2:45:6c:67:62:e8:7e:c7:41:f1:5d:59:d9:e0:
                    43:c1:ce:21:de:0e:6f:c3:73:fa:9f:a2:7e:33:63:
                    4f:5f:97:ee:3a:19:80:e6:8e:2d:db:b9:c6:b8:47:
                    c2:0b:de:12:79:1a:23:1d:b5:58:60:5a:0e:a4:77:
                    26:03:ab:85:21:e2:ea:61:8f:30:c2:01:5f:1d:8e:
                    6a:72:f1:85:42:4c:98:09:a1:27:87:7a:41:31:27:
                    fa:15:e3:07:5b:f1:31:6a:47:2e:1d:bb:73:53:eb:
                    c4:fb:c6:96:3b:80:16:16:9f:ac:f3:c3:74:c1:41:
                    a9:f5:34:ec:02:ef:fa:9e:af:9e:28:d6:f6:31:d3:
                    7d:94:21:55:84:6f:ce:6a:0d:ac:44:58:af:8e:db:
                    bf:c8:fb:fa:67:ae:8e:2f:2d:6b:37:83:6b:c3:40:
                    08:a7:26:09:31:62:95:da:fb:d8:93:20:04:c7:51:
                    28:1e:37:e6:8e:37:f2:ab:bf:2a:d4:1a:5a:e3:1f:
                    bb:91:c9:37:1f:fb:a5:4b:05:3b:53:82:4e:cc:95:
                    61:52:c7:af:68:5d:18:80:67:36:7e:e7:7d:32:81:
                    24:8c:0f:96:f8:70:b2:4e:37:d0:52:d7:ca:5c:94:
                    fb:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:8D:F4:B3:2A:B8:41:DC:C5:6E:CF:DC:9C:21:0D:A1:02:59:55:31
            X509v3 Authority Key Identifier:
                keyid:6F:05:CF:77:1D:99:92:E7:0F:F6:74:0E:6B:20:62:0C:E5:2D:0D:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bwXPdx2ZkucP9nQOayBiDOUtDYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/a23404-f219-49f5-bf33-245650f842d5/1/bwXPdx2ZkucP9nQOayBiDOUtDYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c3:ff:2d:f4:4f:7f:22:2b:2b:2c:3c:22:9d:85:3b:4d:84:59:
         96:f9:7c:8c:c7:c6:75:31:c2:b3:8d:e3:c4:59:a9:3c:09:05:
         9a:50:17:60:f4:ea:c8:4f:60:54:b8:a0:95:74:25:7b:8b:c3:
         f9:98:4a:9b:53:97:8c:47:67:6a:9c:ed:88:55:e5:5e:39:78:
         c3:87:e7:61:fd:d9:3e:ab:b5:1c:54:28:60:64:88:ba:e1:a9:
         13:3d:e5:d9:eb:ec:2e:7f:24:46:70:85:0d:e4:2b:71:ba:1a:
         98:7d:e0:48:16:37:2f:86:8b:09:af:25:c2:70:d9:58:bb:f0:
         99:6d:db:b7:d1:50:91:18:06:c2:fa:da:1f:a1:83:40:58:26:
         95:b0:ae:83:ff:cb:33:f7:9e:d1:c8:6c:0b:dc:87:68:31:af:
         b6:26:ab:18:98:ca:3b:51:f6:57:b7:77:41:64:2f:3e:19:e0:
         3b:90:c3:d0:22:15:9a:22:35:e8:b5:9b:3a:3d:73:ce:59:49:
         d4:04:1c:34:ca:18:5c:46:d3:ad:90:f1:8d:47:f8:06:fc:3d:
         15:dd:cd:62:a3:c8:01:46:f0:b9:90:5b:67:4d:8e:58:09:b1:
         b6:25:e4:45:8b:23:7f:48:25:06:cc:3d:90:ee:04:e9:04:10:
         8e:eb:d1:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZlPZIKqPUXZFddN99ndvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMDVjZjc3MWQ5OTkyZTcwZmY2NzQwZTZiMjA2MjBjZTUy
ZDBkOGIwHhcNMjYwMzI5MDcwMjAzWhcNMjYwMzMwMDcwMjAzWjAzMTEwLwYDVQQD
EyhlMzhkZjRiMzJhYjg0MWRjYzU2ZWNmZGM5YzIxMGRhMTAyNTk1NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm++KsV72fJUsNwF7rCn+wkVsZ2Lo
fsdB8V1Z2eBDwc4h3g5vw3P6n6J+M2NPX5fuOhmA5o4t27nGuEfCC94SeRojHbVY
YFoOpHcmA6uFIeLqYY8wwgFfHY5qcvGFQkyYCaEnh3pBMSf6FeMHW/ExakcuHbtz
U+vE+8aWO4AWFp+s88N0wUGp9TTsAu/6nq+eKNb2MdN9lCFVhG/Oag2sRFivjtu/
yPv6Z66OLy1rN4Nrw0AIpyYJMWKV2vvYkyAEx1EoHjfmjjfyq78q1Bpa4x+7kck3
H/ulSwU7U4JOzJVhUsevaF0YgGc2fud9MoEkjA+W+HCyTjfQUtfKXJT7CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOON9LMquEHcxW7P3JwhDaECWVUxMB8GA1UdIwQY
MBaAFG8Fz3cdmZLnD/Z0DmsgYgzlLQ2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYndYUGR4MlprdWNQOW5RT2F5QmlET1V0RFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9hMjM0MDQtZjIxOS00OWY1LWJmMzMt
MjQ1NjUwZjg0MmQ1LzEvYndYUGR4MlprdWNQOW5RT2F5QmlET1V0RFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9hMjM0MDQtZjIxOS00OWY1LWJmMzMtMjQ1NjUwZjg0MmQ1
LzEvYndYUGR4MlprdWNQOW5RT2F5QmlET1V0RFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw/8t9E9/
IisrLDwinYU7TYRZlvl8jMfGdTHCs43jxFmpPAkFmlAXYPTqyE9gVLiglXQle4vD
+ZhKm1OXjEdnapztiFXlXjl4w4fnYf3ZPqu1HFQoYGSIuuGpEz3l2evsLn8kRnCF
DeQrcboamH3gSBY3L4aLCa8lwnDZWLvwmW3bt9FQkRgGwvraH6GDQFgmlbCug//L
M/ee0chsC9yHaDGvtiarGJjKO1H2V7d3QWQvPhngO5DD0CIVmiI16LWbOj1zzllJ
1AQcNMoYXEbTrZDxjUf4Bvw9Fd3NYqPIAUbwuZBbZ02OWAmxtiXkRYsjf0glBsw9
kO4E6QQQjuvR/w==
-----END CERTIFICATE-----