Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
File:                     tWpL1vXr8vf_2ajRzZparN5iKFw.mft (raw, json)
Hash identifier:          q+3l6tkOX/nelIvxikJgTEoG3elvUZqYT6dF5YeDZlU=
Subject key identifier:   8C:17:2C:A7:85:5D:47:89:F0:72:1F:EE:E7:D9:62:39:11:F9:3A:C4
Authority key identifier: B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C
Certificate issuer:       /CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
Certificate serial:       019D371BBDA30593B777ED6BC683A8AA2031
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
Manifest number:          0A48
Signing time:             Sun 29 Mar 2026 01:00:58 +0000
Manifest this update:     Sun 29 Mar 2026 01:00:58 +0000
Manifest next update:     Mon 30 Mar 2026 01:00:58 +0000
Files and hashes:         1: tWpL1vXr8vf_2ajRzZparN5iKFw.crl (hash: gLzGXwiBCcEmgHS5N3GclupzRh2a37gDYt4on3G7MCA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:37:1b:bd:a3:05:93:b7:77:ed:6b:c6:83:a8:aa:20:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56a4bd6f5ebf2f7ffd9a8d1cd9a5aacde62285c
        Validity
            Not Before: Mar 29 01:00:58 2026 GMT
            Not After : Mar 30 01:00:58 2026 GMT
        Subject: CN=8c172ca7855d4789f0721feee7d9623911f93ac4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b7:8f:21:47:45:cf:b7:44:1e:a6:00:be:16:
                    e2:a3:60:17:d5:90:34:d1:19:1c:a1:88:85:9c:9d:
                    f8:d3:7d:bb:38:f4:cc:32:23:d8:93:59:d8:79:de:
                    d6:21:51:6d:74:67:20:f5:e3:4e:58:1b:d6:82:c1:
                    e7:c3:46:7d:92:da:d6:26:ae:e3:1f:fe:f2:56:fd:
                    0f:6d:f4:12:bc:94:44:08:68:d5:a1:cc:35:4c:9c:
                    ea:82:79:53:58:e4:fd:56:29:52:35:90:40:70:06:
                    3e:0f:00:f1:d1:d6:24:93:d8:1b:df:da:ee:78:bc:
                    c5:ce:e3:47:93:37:9d:dd:10:57:5a:81:76:6e:2a:
                    5a:cb:7c:0a:df:fa:b6:c8:bf:11:cb:72:c0:5b:9a:
                    be:d7:ed:40:a7:12:93:f7:ad:0b:6e:71:24:4e:de:
                    65:57:64:f8:cc:b0:80:f3:13:65:6f:12:d8:84:5e:
                    dc:4b:f2:5c:27:10:4b:97:b4:60:16:b8:48:44:04:
                    2e:7f:7e:53:8e:5e:52:fd:c7:f2:30:db:f8:dd:f3:
                    0b:f8:2d:ea:37:ec:50:3f:86:df:da:ce:be:cc:b1:
                    05:eb:3a:30:07:6d:a3:ce:fe:e2:66:70:2e:9f:30:
                    4a:01:c6:3f:60:8a:39:d5:5f:8c:05:88:d2:7a:cd:
                    d1:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:17:2C:A7:85:5D:47:89:F0:72:1F:EE:E7:D9:62:39:11:F9:3A:C4
            X509v3 Authority Key Identifier:
                keyid:B5:6A:4B:D6:F5:EB:F2:F7:FF:D9:A8:D1:CD:9A:5A:AC:DE:62:28:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tWpL1vXr8vf_2ajRzZparN5iKFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dde736-2730-4bfe-a5b3-082e11363f0a/1/tWpL1vXr8vf_2ajRzZparN5iKFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:15:29:ea:bf:24:25:31:62:85:73:6c:c8:71:84:fe:5f:0b:
         3c:96:c5:12:2b:05:1e:15:e7:c1:78:fa:f6:42:b4:48:08:4a:
         2a:94:e4:b9:3d:16:23:59:d8:8c:bf:39:a0:84:67:37:4e:c1:
         a8:78:3d:fa:14:c0:ca:04:3a:80:6d:33:31:d0:9b:82:6c:b4:
         e4:a3:0f:26:51:ec:0c:07:1a:13:2b:43:e8:c9:ac:73:9b:51:
         85:a8:72:c1:ec:1b:15:72:bc:24:13:23:9c:d2:78:8f:42:f3:
         f9:35:91:b5:80:cd:b9:cb:0f:a2:02:61:f2:68:fd:f2:eb:f9:
         32:4d:b8:7f:54:9f:ef:b2:dd:cf:2d:f1:b2:f9:91:b5:62:d6:
         90:c5:ac:ef:ad:b9:1e:ba:9f:be:1d:29:65:ad:dd:b9:23:90:
         1b:95:b3:44:2c:cc:97:b0:86:b9:34:34:94:2f:b1:79:c3:fa:
         8c:63:6b:c5:64:d6:9a:63:a6:8a:8f:1e:a4:15:19:a4:08:96:
         27:d7:7c:bc:95:44:69:67:95:be:11:6d:ff:8a:f7:60:4a:3c:
         e5:64:a3:6c:40:2e:a3:91:51:1a:30:c6:68:71:22:19:ef:db:
         7b:f9:a4:6d:bd:e7:d3:50:e5:ed:b2:e5:38:51:17:ec:c6:ac:
         9f:3a:fa:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G72jBZO3d+1rxoOoqiAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmE0YmQ2ZjVlYmYyZjdmZmQ5YThkMWNkOWE1YWFjZGU2
MjI4NWMwHhcNMjYwMzI5MDEwMDU4WhcNMjYwMzMwMDEwMDU4WjAzMTEwLwYDVQQD
Eyg4YzE3MmNhNzg1NWQ0Nzg5ZjA3MjFmZWVlN2Q5NjIzOTExZjkzYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLePIUdFz7dEHqYAvhbio2AX1ZA0
0RkcoYiFnJ340327OPTMMiPYk1nYed7WIVFtdGcg9eNOWBvWgsHnw0Z9ktrWJq7j
H/7yVv0PbfQSvJRECGjVocw1TJzqgnlTWOT9VilSNZBAcAY+DwDx0dYkk9gb39ru
eLzFzuNHkzed3RBXWoF2bipay3wK3/q2yL8Ry3LAW5q+1+1ApxKT960LbnEkTt5l
V2T4zLCA8xNlbxLYhF7cS/JcJxBLl7RgFrhIRAQuf35Tjl5S/cfyMNv43fML+C3q
N+xQP4bf2s6+zLEF6zowB22jzv7iZnAunzBKAcY/YIo51V+MBYjSes3RqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIwXLKeFXUeJ8HIf7ufZYjkR+TrEMB8GA1UdIwQY
MBaAFLVqS9b16/L3/9mo0c2aWqzeYihcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMt
MDgyZTExMzYzZjBhLzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kZGU3MzYtMjczMC00YmZlLWE1YjMtMDgyZTExMzYzZjBh
LzEvdFdwTDF2WHI4dmZfMmFqUnpacGFyTjVpS0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAABUp6r8k
JTFihXNsyHGE/l8LPJbFEisFHhXnwXj69kK0SAhKKpTkuT0WI1nYjL85oIRnN07B
qHg9+hTAygQ6gG0zMdCbgmy05KMPJlHsDAcaEytD6Mmsc5tRhahywewbFXK8JBMj
nNJ4j0Lz+TWRtYDNucsPogJh8mj98uv5Mk24f1Sf77Ldzy3xsvmRtWLWkMWs7625
Hrqfvh0pZa3duSOQG5WzRCzMl7CGuTQ0lC+xecP6jGNrxWTWmmOmio8epBUZpAiW
J9d8vJVEaWeVvhFt/4r3YEo85WSjbEAuo5FRGjDGaHEiGe/be/mkbb3n01Dl7bLl
OFEX7Masnzr65w==
-----END CERTIFICATE-----