Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
File:                     FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft (raw, json)
Hash identifier:          TImaehen5pX3EByMSGGuBhM+TB3QhjMvSUY/t2TwGGQ=
Subject key identifier:   BB:62:75:D8:5F:29:06:13:6F:8D:CA:18:91:B9:9F:F2:D6:0E:5A:9F
Authority key identifier: 14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A
Certificate issuer:       /CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
Certificate serial:       019D3866A1BA9D4C1034812DA968F77E0C37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
Manifest number:          0BB0
Signing time:             Sun 29 Mar 2026 07:02:23 +0000
Manifest this update:     Sun 29 Mar 2026 07:02:23 +0000
Manifest next update:     Mon 30 Mar 2026 07:02:23 +0000
Files and hashes:         1: FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl (hash: 0FbjIeL+VFRq+/B8UJoBhlLyAbwPdtRpE4K/vG8dQOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:38:66:a1:ba:9d:4c:10:34:81:2d:a9:68:f7:7e:0c:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c735259fdb7b83f277adf12d08cc98b5a6100a
        Validity
            Not Before: Mar 29 07:02:23 2026 GMT
            Not After : Mar 30 07:02:23 2026 GMT
        Subject: CN=bb6275d85f2906136f8dca1891b99ff2d60e5a9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:f4:bb:12:69:db:0b:82:d4:f2:5c:60:de:99:
                    ad:1d:e4:ae:cd:e2:60:b2:28:07:84:6c:05:71:41:
                    cc:72:a9:bf:55:bd:ff:92:50:79:5e:b6:37:91:a9:
                    9e:4c:34:87:64:4d:b1:a9:6f:e2:38:d0:5e:c7:94:
                    44:92:d9:2f:ab:34:94:d6:33:9e:59:bd:a6:08:9c:
                    21:13:4c:bb:a6:af:17:10:7a:6d:ca:fd:3d:9b:4f:
                    1a:75:b0:22:f4:e7:d7:53:52:ae:72:85:f7:58:c8:
                    24:bd:29:83:c1:12:9d:8f:93:1c:4c:a5:ae:65:3d:
                    52:6f:0b:ca:3c:ef:13:b2:08:6e:40:c7:20:c0:85:
                    15:67:35:81:ab:61:31:a2:c1:0f:73:3f:0e:bc:9a:
                    c6:9b:c4:69:c4:c2:79:28:6c:1a:ac:dc:b9:fb:6d:
                    4f:d1:c6:74:de:49:1f:0c:c3:57:fc:12:5d:27:65:
                    83:14:d6:20:94:7a:0b:4e:4d:3f:94:32:9a:9b:f0:
                    91:f3:66:fa:08:f4:da:9d:0e:43:23:61:1e:3d:c6:
                    b4:d3:b6:42:ad:19:2e:dd:1f:a5:c5:ac:51:80:5a:
                    b5:45:0b:4f:25:82:2e:f3:84:49:26:4e:93:52:64:
                    9f:8d:36:77:6b:22:21:e1:95:c7:a8:b9:98:c5:fb:
                    a7:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:62:75:D8:5F:29:06:13:6F:8D:CA:18:91:B9:9F:F2:D6:0E:5A:9F
            X509v3 Authority Key Identifier:
                keyid:14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:97:1d:01:e9:4b:69:21:a8:75:e3:35:ca:6a:8a:81:54:4a:
         c5:b6:66:28:17:b6:33:a5:51:d5:a6:2b:56:88:5b:cc:4c:dc:
         7f:c6:0a:c0:fc:c3:10:ce:49:2a:53:df:4e:f0:97:1b:32:b3:
         9a:0e:91:a9:de:6b:c3:99:4b:ce:78:1c:48:3b:ae:ac:a5:32:
         ed:30:44:0e:f7:54:9c:d0:0d:f5:33:15:ad:fa:80:82:53:7e:
         c5:cd:85:28:ea:15:61:12:08:b0:3b:88:f2:16:35:98:13:a7:
         2f:54:eb:be:09:d2:92:7f:19:5a:de:aa:f4:96:cb:80:0c:63:
         39:39:da:26:3e:7c:5c:f2:75:cb:a0:db:b8:d8:09:3f:34:27:
         4c:2a:4f:a0:c3:85:40:ee:e4:db:97:75:8d:d4:68:16:2c:a8:
         46:20:b2:70:a0:22:23:f7:3d:86:c6:8e:53:a1:38:86:ad:62:
         9c:af:6d:40:ea:8f:05:e1:7e:fa:00:69:0b:36:8b:59:3a:ec:
         ee:5f:b1:a3:7c:a9:71:7a:21:57:e1:1b:03:12:13:54:7b:b5:
         59:41:ef:49:6e:aa:0a:2c:26:eb:f2:25:05:31:45:5c:d5:d0:
         94:bb:fc:53:e0:29:22:ee:2c:48:7c:24:4d:c0:01:50:10:f2:
         97:fa:70:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZqG6nUwQNIEtqWj3fgw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzczNTI1OWZkYjdiODNmMjc3YWRmMTJkMDhjYzk4YjVh
NjEwMGEwHhcNMjYwMzI5MDcwMjIzWhcNMjYwMzMwMDcwMjIzWjAzMTEwLwYDVQQD
EyhiYjYyNzVkODVmMjkwNjEzNmY4ZGNhMTg5MWI5OWZmMmQ2MGU1YTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPS7EmnbC4LU8lxg3pmtHeSuzeJg
sigHhGwFcUHMcqm/Vb3/klB5XrY3kameTDSHZE2xqW/iONBex5REktkvqzSU1jOe
Wb2mCJwhE0y7pq8XEHptyv09m08adbAi9OfXU1KucoX3WMgkvSmDwRKdj5McTKWu
ZT1SbwvKPO8TsghuQMcgwIUVZzWBq2ExosEPcz8OvJrGm8RpxMJ5KGwarNy5+21P
0cZ03kkfDMNX/BJdJ2WDFNYglHoLTk0/lDKam/CR82b6CPTanQ5DI2EePca007ZC
rRku3R+lxaxRgFq1RQtPJYIu84RJJk6TUmSfjTZ3ayIh4ZXHqLmYxfunBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtiddhfKQYTb43KGJG5n/LWDlqfMB8GA1UdIwQY
MBaAFBTHNSWf23uD8net8S0IzJi1phAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWIt
ZGJlYWY3ODQ4MTdhLzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWItZGJlYWY3ODQ4MTdh
LzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArZcdAelL
aSGodeM1ymqKgVRKxbZmKBe2M6VR1aYrVohbzEzcf8YKwPzDEM5JKlPfTvCXGzKz
mg6Rqd5rw5lLzngcSDuurKUy7TBEDvdUnNAN9TMVrfqAglN+xc2FKOoVYRIIsDuI
8hY1mBOnL1TrvgnSkn8ZWt6q9JbLgAxjOTnaJj58XPJ1y6DbuNgJPzQnTCpPoMOF
QO7k25d1jdRoFiyoRiCycKAiI/c9hsaOU6E4hq1inK9tQOqPBeF++gBpCzaLWTrs
7l+xo3ypcXohV+EbAxITVHu1WUHvSW6qCiwm6/IlBTFFXNXQlLv8U+ApIu4sSHwk
TcABUBDyl/pwQw==
-----END CERTIFICATE-----