Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
File:                     b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft (raw, json)
Hash identifier:          7Ytpxi2ERuocsoYvUzfPuXkz+q3Huu0E4CS1WHJz8DA=
Subject key identifier:   AA:DF:35:08:E3:A7:CB:7D:B9:51:7F:A8:98:12:15:43:10:6A:AD:32
Authority key identifier: 6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1
Certificate issuer:       /CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1
Certificate serial:       019D394114BC6E69480AB1A8A95D03C8CD41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
Manifest number:          1287
Signing time:             Sun 29 Mar 2026 11:00:59 +0000
Manifest this update:     Sun 29 Mar 2026 11:00:59 +0000
Manifest next update:     Mon 30 Mar 2026 11:00:59 +0000
Files and hashes:         1: b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl (hash: 0rIHEj/vijTX34iXKccdhDB1Ip7lP9Kcj4tTO2JKafI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:41:14:bc:6e:69:48:0a:b1:a8:a9:5d:03:c8:cd:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f648e3cab609bd1483ca3e51911ceaa53f0c6a1
        Validity
            Not Before: Mar 29 11:00:59 2026 GMT
            Not After : Mar 30 11:00:59 2026 GMT
        Subject: CN=aadf3508e3a7cb7db9517fa898121543106aad32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:68:da:24:5f:b1:53:d5:de:1a:fb:7c:e5:f1:
                    fb:89:2f:30:c9:31:de:ff:b4:dc:92:32:7b:51:4f:
                    bb:a0:48:47:38:13:a9:32:64:76:7d:23:57:e0:e7:
                    5f:f4:3a:f5:69:67:59:50:19:5e:0a:e6:d9:54:95:
                    29:7a:94:cc:44:44:98:1a:82:3f:9f:a2:54:5e:d9:
                    e5:fa:1c:19:e9:12:4d:25:d4:b3:2b:5a:16:59:76:
                    a1:7e:7b:51:3e:19:6a:26:18:6e:ea:07:22:7a:5a:
                    e5:02:eb:31:bb:ec:85:87:a3:be:9f:da:d5:19:9a:
                    ad:e9:14:2c:e9:e5:bb:c9:a9:a7:6a:ea:41:8a:23:
                    6e:88:4a:bd:f5:d0:bb:f6:91:2d:3e:db:ab:47:26:
                    0e:3a:c7:3a:eb:b2:e0:12:73:bc:89:c3:96:4e:af:
                    23:45:1d:a7:b8:0b:10:66:5c:bf:2a:95:f7:d6:9e:
                    e3:33:d1:e6:cd:6f:f6:77:a1:59:54:55:f9:f3:98:
                    40:ee:c3:80:41:35:4f:e0:a0:0e:32:f3:94:00:7d:
                    11:b3:e7:be:34:cd:2c:f4:e3:7b:c4:06:6a:4e:eb:
                    41:6b:ad:ba:55:7e:31:52:f4:26:a6:b9:54:f4:fe:
                    5b:82:14:9c:e4:20:8c:03:79:f0:f1:56:4a:29:d7:
                    ab:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:DF:35:08:E3:A7:CB:7D:B9:51:7F:A8:98:12:15:43:10:6A:AD:32
            X509v3 Authority Key Identifier:
                keyid:6F:64:8E:3C:AB:60:9B:D1:48:3C:A3:E5:19:11:CE:AA:53:F0:C6:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2SOPKtgm9FIPKPlGRHOqlPwxqE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/eaa246-3304-49eb-aada-a069af854b05/1/b2SOPKtgm9FIPKPlGRHOqlPwxqE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:fa:44:07:88:e3:ec:d9:79:03:dd:e4:be:7a:cc:77:a6:fc:
         87:e3:72:5b:79:56:99:5b:ed:43:eb:cd:b9:ca:ab:c3:c6:ae:
         5a:d2:b5:4a:5f:44:fa:7d:e4:b1:36:83:6d:a6:3f:05:20:b4:
         c3:71:62:f1:d6:d3:fe:f4:04:9b:a1:98:70:0b:ca:94:74:3f:
         71:5a:9a:52:82:af:38:4a:19:df:a7:4b:c2:49:1f:ef:33:06:
         83:56:41:96:31:52:63:5c:5b:9e:35:69:02:ea:42:c6:a9:5e:
         48:ca:fc:d7:f6:11:b8:d0:d5:58:45:a3:b6:c2:38:b5:d7:e5:
         57:11:02:d4:f2:61:5b:a3:59:4f:33:e6:36:36:24:11:97:60:
         eb:ab:5e:da:69:07:f7:30:dd:a4:34:8a:f6:e7:e4:2c:4c:c1:
         59:96:be:e9:24:7a:e2:6e:96:f3:79:be:b8:e6:97:77:f6:93:
         3a:1a:29:23:62:d8:02:5a:77:e4:7f:a4:9f:b9:9e:19:2e:8d:
         cb:30:6d:ba:e3:f1:04:50:17:9a:24:94:aa:e2:ea:13:10:95:
         da:b6:b8:fe:b2:c5:94:0a:cc:34:3e:57:74:45:82:be:6d:83:
         ee:09:aa:05:2f:2b:53:21:e0:5c:8c:ec:5f:38:fb:2f:da:f6:
         d6:eb:9e:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QRS8bmlICrGoqV0DyM1BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNjQ4ZTNjYWI2MDliZDE0ODNjYTNlNTE5MTFjZWFhNTNm
MGM2YTEwHhcNMjYwMzI5MTEwMDU5WhcNMjYwMzMwMTEwMDU5WjAzMTEwLwYDVQQD
EyhhYWRmMzUwOGUzYTdjYjdkYjk1MTdmYTg5ODEyMTU0MzEwNmFhZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomjaJF+xU9XeGvt85fH7iS8wyTHe
/7TckjJ7UU+7oEhHOBOpMmR2fSNX4Odf9Dr1aWdZUBleCubZVJUpepTMRESYGoI/
n6JUXtnl+hwZ6RJNJdSzK1oWWXahfntRPhlqJhhu6gcielrlAusxu+yFh6O+n9rV
GZqt6RQs6eW7yamnaupBiiNuiEq99dC79pEtPturRyYOOsc667LgEnO8icOWTq8j
RR2nuAsQZly/KpX31p7jM9HmzW/2d6FZVFX585hA7sOAQTVP4KAOMvOUAH0Rs+e+
NM0s9ON7xAZqTutBa626VX4xUvQmprlU9P5bghSc5CCMA3nw8VZKKderRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrfNQjjp8t9uVF/qJgSFUMQaq0yMB8GA1UdIwQY
MBaAFG9kjjyrYJvRSDyj5RkRzqpT8MahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEt
YTA2OWFmODU0YjA1LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9lYWEyNDYtMzMwNC00OWViLWFhZGEtYTA2OWFmODU0YjA1
LzEvYjJTT1BLdGdtOUZJUEtQbEdSSE9xbFB3eHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPpEB4jj
7Nl5A93kvnrMd6b8h+NyW3lWmVvtQ+vNucqrw8auWtK1Sl9E+n3ksTaDbaY/BSC0
w3Fi8dbT/vQEm6GYcAvKlHQ/cVqaUoKvOEoZ36dLwkkf7zMGg1ZBljFSY1xbnjVp
AupCxqleSMr81/YRuNDVWEWjtsI4tdflVxEC1PJhW6NZTzPmNjYkEZdg66te2mkH
9zDdpDSK9ufkLEzBWZa+6SR64m6W83m+uOaXd/aTOhopI2LYAlp35H+kn7meGS6N
yzBtuuPxBFAXmiSUquLqExCV2ra4/rLFlArMND5XdEWCvm2D7gmqBS8rUyHgXIzs
Xzj7L9r21uueVA==
-----END CERTIFICATE-----