Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
File:                     BsL3NfcUX3DScCYC7oyBVknrLkU.mft (raw, json)
Hash identifier:          rQSQlKgaHK+psFbka5sCE5XlC4zCWEPrk15jhHWXUiA=
Subject key identifier:   24:8A:89:2B:9F:A9:9F:FA:0F:01:69:0C:E2:A0:41:25:41:F2:6F:36
Authority key identifier: 06:C2:F7:35:F7:14:5F:70:D2:70:26:02:EE:8C:81:56:49:EB:2E:45
Certificate issuer:       /CN=06c2f735f7145f70d2702602ee8c815649eb2e45
Certificate serial:       019D3866278DEFE488C4714FC927A900E496
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
Manifest number:          12C3
Signing time:             Sun 29 Mar 2026 07:01:51 +0000
Manifest this update:     Sun 29 Mar 2026 07:01:51 +0000
Manifest next update:     Mon 30 Mar 2026 07:01:51 +0000
Files and hashes:         1: BsL3NfcUX3DScCYC7oyBVknrLkU.crl (hash: U7E8YDzyBZpvrzrB84h9Glj4TqwJYY2O2Lg0/ONRi7k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:27:8d:ef:e4:88:c4:71:4f:c9:27:a9:00:e4:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06c2f735f7145f70d2702602ee8c815649eb2e45
        Validity
            Not Before: Mar 29 07:01:51 2026 GMT
            Not After : Mar 30 07:01:51 2026 GMT
        Subject: CN=248a892b9fa99ffa0f01690ce2a0412541f26f36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:96:7e:16:68:1c:37:df:e4:7f:c3:b8:f9:71:
                    12:5b:5d:90:56:e7:39:ed:39:22:af:7a:aa:56:51:
                    24:f4:67:25:e5:bd:82:d2:7f:80:f2:44:17:8f:41:
                    d3:e8:bb:b1:1b:5e:76:b1:38:1c:7c:76:5c:50:76:
                    0e:7b:aa:e6:ca:18:1b:ca:59:81:ef:44:ba:15:a4:
                    e0:4f:d8:65:2f:c9:70:9d:d1:3a:5c:32:79:6d:a1:
                    f8:bc:3a:5a:f0:86:ea:5d:b9:d7:ac:6e:7c:dc:af:
                    7b:60:8c:e2:48:86:a5:e2:ca:87:b8:9a:3f:61:be:
                    b1:4f:f5:a0:74:6a:df:b6:ad:70:28:90:75:dd:8e:
                    c2:6c:60:03:d3:2f:63:dd:26:1e:76:6f:6d:eb:14:
                    20:fc:6c:3d:32:8a:c9:3d:48:fa:a3:6a:4e:83:72:
                    08:23:d0:69:79:53:ee:0a:20:89:16:c1:ce:8f:a8:
                    2a:72:dc:3a:37:a7:d8:67:aa:80:b4:07:78:3d:02:
                    9f:40:96:f3:4c:41:63:3b:e0:0f:45:ce:10:03:81:
                    bc:2c:64:47:1c:b6:29:07:db:98:af:40:33:6a:b5:
                    af:2d:c4:77:91:00:87:9d:df:6e:b5:c5:dc:75:52:
                    4c:97:b4:bc:07:ee:c6:08:73:5e:99:f5:03:b0:f7:
                    a1:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:8A:89:2B:9F:A9:9F:FA:0F:01:69:0C:E2:A0:41:25:41:F2:6F:36
            X509v3 Authority Key Identifier:
                keyid:06:C2:F7:35:F7:14:5F:70:D2:70:26:02:EE:8C:81:56:49:EB:2E:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsL3NfcUX3DScCYC7oyBVknrLkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a57328-77c6-4ca3-8b6d-1ff630c350ff/1/BsL3NfcUX3DScCYC7oyBVknrLkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:c3:68:58:ca:8d:78:5e:a7:ed:ae:8e:f4:1f:6c:7c:5a:80:
         4a:81:89:54:6a:88:ac:5b:08:b6:fb:6f:45:e3:b5:07:7d:78:
         ec:08:48:01:c9:7a:41:8b:17:a7:86:61:1b:e7:3d:6f:e9:63:
         76:fb:27:46:7a:6a:c4:aa:3c:00:03:ee:5c:db:57:1e:79:7d:
         5a:c0:ee:cc:5f:58:8e:2d:a0:6e:0f:d8:50:25:99:c9:8f:fd:
         79:57:c4:6b:b6:45:7a:72:ad:ad:1b:15:3e:16:06:2b:bb:ee:
         a5:a4:e1:19:f7:98:61:bd:00:56:90:8b:df:e5:c8:df:2e:ce:
         d2:f8:bc:9a:2b:9a:db:5e:51:5a:a2:b8:5a:d0:75:ab:6f:11:
         f2:5b:f8:d8:eb:82:35:35:67:ec:a9:b6:c1:9b:28:b1:cc:8f:
         76:f0:cd:41:fa:66:4e:96:57:fd:0e:62:ce:65:9f:2f:4a:4c:
         18:45:f1:55:2e:15:c5:89:72:a9:d1:65:8d:cc:2a:32:71:62:
         46:a2:aa:d2:09:51:45:51:39:7e:44:70:7e:2d:44:d4:bd:84:
         52:fb:48:fe:c3:5d:7b:f1:0e:55:64:6c:39:52:94:0c:3e:71:
         5d:f4:99:b7:fc:cc:f3:59:64:b8:a2:86:f3:4c:65:f4:b4:7b:
         2b:38:a1:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZieN7+SIxHFPySepAOSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YzJmNzM1ZjcxNDVmNzBkMjcwMjYwMmVlOGM4MTU2NDll
YjJlNDUwHhcNMjYwMzI5MDcwMTUxWhcNMjYwMzMwMDcwMTUxWjAzMTEwLwYDVQQD
EygyNDhhODkyYjlmYTk5ZmZhMGYwMTY5MGNlMmEwNDEyNTQxZjI2ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpZ+FmgcN9/kf8O4+XESW12QVuc5
7Tkir3qqVlEk9Gcl5b2C0n+A8kQXj0HT6LuxG152sTgcfHZcUHYOe6rmyhgbylmB
70S6FaTgT9hlL8lwndE6XDJ5baH4vDpa8IbqXbnXrG583K97YIziSIal4sqHuJo/
Yb6xT/WgdGrftq1wKJB13Y7CbGAD0y9j3SYedm9t6xQg/Gw9MorJPUj6o2pOg3II
I9BpeVPuCiCJFsHOj6gqctw6N6fYZ6qAtAd4PQKfQJbzTEFjO+APRc4QA4G8LGRH
HLYpB9uYr0AzarWvLcR3kQCHnd9utcXcdVJMl7S8B+7GCHNemfUDsPeh+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSKiSufqZ/6DwFpDOKgQSVB8m82MB8GA1UdIwQY
MBaAFAbC9zX3FF9w0nAmAu6MgVZJ6y5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTczMjgtNzdjNi00Y2EzLThiNmQt
MWZmNjMwYzM1MGZmLzEvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTczMjgtNzdjNi00Y2EzLThiNmQtMWZmNjMwYzM1MGZm
LzEvQnNMM05mY1VYM0RTY0NZQzdveUJWa25yTGtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbsNoWMqN
eF6n7a6O9B9sfFqASoGJVGqIrFsItvtvReO1B3147AhIAcl6QYsXp4ZhG+c9b+lj
dvsnRnpqxKo8AAPuXNtXHnl9WsDuzF9Yji2gbg/YUCWZyY/9eVfEa7ZFenKtrRsV
PhYGK7vupaThGfeYYb0AVpCL3+XI3y7O0vi8miua215RWqK4WtB1q28R8lv42OuC
NTVn7Km2wZsoscyPdvDNQfpmTpZX/Q5izmWfL0pMGEXxVS4VxYlyqdFljcwqMnFi
RqKq0glRRVE5fkRwfi1E1L2EUvtI/sNde/EOVWRsOVKUDD5xXfSZt/zM81lkuKKG
80xl9LR7KzihIQ==
-----END CERTIFICATE-----