Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
File:                     Z42bouOWhCO-_F7tBXGbMABX18s.mft (raw, json)
Hash identifier:          IUFrXA8n8GzAxhROA8HFacA8S9ZtV9hOBDtvDbpupjc=
Subject key identifier:   50:8C:4E:15:6C:84:81:7D:68:96:5C:B4:6A:72:EC:19:9F:A3:88:F5
Authority key identifier: 67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB
Certificate issuer:       /CN=678d9ba2e3968423befc5eed05719b300057d7cb
Certificate serial:       019D386613D1DEE254E6382EDCC5F96A4776
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
Manifest number:          0585
Signing time:             Sun 29 Mar 2026 07:01:46 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:46 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:46 +0000
Files and hashes:         1: Z42bouOWhCO-_F7tBXGbMABX18s.crl (hash: HL76p7ggieMYK0g3X10hxXVLwTGT7gMwIKxUYJPL7yk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:13:d1:de:e2:54:e6:38:2e:dc:c5:f9:6a:47:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=678d9ba2e3968423befc5eed05719b300057d7cb
        Validity
            Not Before: Mar 29 07:01:46 2026 GMT
            Not After : Mar 30 07:01:46 2026 GMT
        Subject: CN=508c4e156c84817d68965cb46a72ec199fa388f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:07:2e:a8:87:4e:4b:2b:57:75:52:da:17:cf:
                    4b:0d:fa:b9:fc:0c:5b:fc:82:a3:fa:70:28:83:2c:
                    5b:76:dd:8c:90:88:3b:07:61:19:bb:d6:cc:bf:38:
                    a5:fd:1b:fb:be:95:e2:2b:c6:1e:3b:6b:92:21:83:
                    59:65:27:1d:d5:28:b5:cf:51:33:a5:01:29:c8:fc:
                    b9:9b:a0:32:40:88:4f:b8:98:b9:74:35:12:2b:74:
                    de:de:94:a2:b4:6c:a5:5d:2c:1e:36:ed:4b:a7:20:
                    33:a0:28:ac:1a:c2:92:34:1c:86:e8:e2:f2:b8:cc:
                    79:69:fb:2d:ea:e7:5a:cc:32:b4:5e:75:50:2f:94:
                    c9:59:87:d0:dd:76:3a:74:97:ac:07:ea:c4:02:94:
                    f9:e2:0d:be:64:53:d1:1b:58:ab:f7:d5:a0:ef:76:
                    b5:e6:2c:15:a3:a8:0e:11:d9:0e:41:21:1f:82:d0:
                    5d:dd:95:d2:c4:ec:8c:52:1c:f3:f4:99:d4:a9:ae:
                    24:bf:86:96:22:b9:e0:db:9f:5a:1f:ec:b9:ee:a7:
                    9a:c9:86:67:74:f6:1c:b5:0f:1d:bf:fd:58:9c:d7:
                    9b:5f:73:89:77:a8:aa:5c:fe:e8:c8:22:ca:83:b2:
                    b5:1e:21:bc:13:e0:97:87:9b:6a:b4:e1:a9:ae:10:
                    bb:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:8C:4E:15:6C:84:81:7D:68:96:5C:B4:6A:72:EC:19:9F:A3:88:F5
            X509v3 Authority Key Identifier:
                keyid:67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:af:e3:d0:ef:c4:08:bb:07:73:63:2a:d9:83:be:50:d8:e4:
         1d:31:65:1c:6e:1c:a1:aa:95:0d:da:dd:f1:78:f8:cd:0b:66:
         69:ce:87:53:bd:4d:17:5c:1d:75:8b:dd:6b:78:08:14:62:56:
         44:c1:67:11:ab:5a:ab:0b:3c:c6:fe:0b:d6:fa:96:9a:6d:dc:
         cc:f2:ca:27:90:f7:28:16:8d:6f:a1:b8:c9:63:49:08:5f:16:
         39:b7:b6:0e:82:33:7f:59:1b:c7:23:8d:4a:77:66:6a:70:c2:
         57:76:56:56:39:53:8f:41:95:9c:a3:fa:6c:a5:ff:45:11:b3:
         85:a1:f2:09:bd:54:3d:2e:70:a0:20:aa:a4:0f:41:1e:9c:6f:
         83:96:58:e3:8b:e4:b2:4e:b5:43:d7:62:bc:a9:0d:d1:b2:b9:
         9c:c6:5f:cb:47:74:b6:a1:f4:c7:bd:4a:cb:72:af:24:a6:11:
         6f:51:55:e0:77:4e:95:7f:65:78:28:bf:af:a6:fd:38:b2:24:
         f0:71:2b:7f:d1:2f:ae:34:64:16:ae:cc:d6:53:6b:fc:0b:a7:
         3e:f3:b6:54:9d:ab:14:08:b2:a6:21:8a:20:de:03:0a:11:c3:
         b9:aa:e8:18:c1:6e:d2:86:0f:86:f2:0b:4b:fa:ce:ce:f9:bb:
         57:20:81:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhPR3uJU5jgu3MX5akd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGQ5YmEyZTM5Njg0MjNiZWZjNWVlZDA1NzE5YjMwMDA1
N2Q3Y2IwHhcNMjYwMzI5MDcwMTQ2WhcNMjYwMzMwMDcwMTQ2WjAzMTEwLwYDVQQD
Eyg1MDhjNGUxNTZjODQ4MTdkNjg5NjVjYjQ2YTcyZWMxOTlmYTM4OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQcuqIdOSytXdVLaF89LDfq5/Axb
/IKj+nAogyxbdt2MkIg7B2EZu9bMvzil/Rv7vpXiK8YeO2uSIYNZZScd1Si1z1Ez
pQEpyPy5m6AyQIhPuJi5dDUSK3Te3pSitGylXSweNu1LpyAzoCisGsKSNByG6OLy
uMx5afst6udazDK0XnVQL5TJWYfQ3XY6dJesB+rEApT54g2+ZFPRG1ir99Wg73a1
5iwVo6gOEdkOQSEfgtBd3ZXSxOyMUhzz9JnUqa4kv4aWIrng259aH+y57qeayYZn
dPYctQ8dv/1YnNebX3OJd6iqXP7oyCLKg7K1HiG8E+CXh5tqtOGprhC7QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFCMThVshIF9aJZctGpy7Bmfo4j1MB8GA1UdIwQY
MBaAFGeNm6LjloQjvvxe7QVxmzAAV9fLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEt
YzgwYTcyM2QzNGY3LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEtYzgwYTcyM2QzNGY3
LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANa/j0O/E
CLsHc2Mq2YO+UNjkHTFlHG4coaqVDdrd8Xj4zQtmac6HU71NF1wddYvda3gIFGJW
RMFnEataqws8xv4L1vqWmm3czPLKJ5D3KBaNb6G4yWNJCF8WObe2DoIzf1kbxyON
SndmanDCV3ZWVjlTj0GVnKP6bKX/RRGzhaHyCb1UPS5woCCqpA9BHpxvg5ZY44vk
sk61Q9divKkN0bK5nMZfy0d0tqH0x71Ky3KvJKYRb1FV4HdOlX9leCi/r6b9OLIk
8HErf9EvrjRkFq7M1lNr/AunPvO2VJ2rFAiypiGKIN4DChHDuaroGMFu0oYPhvIL
S/rOzvm7VyCBNQ==
-----END CERTIFICATE-----