Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
File:                     R0NPTmaYKfhsbea6PrDo9m2piLY.mft (raw, json)
Hash identifier:          FQS+x/6YzAB+rf7gQ8Ye3JukRiEJS59UuiXBfJgVrzQ=
Subject key identifier:   39:50:3D:A6:AA:32:D5:44:91:6E:27:D9:D5:99:B5:3D:AA:49:03:10
Authority key identifier: 47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6
Certificate issuer:       /CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
Certificate serial:       019D2703D9980A4F6439F0EEC18AF53D1FF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
Manifest number:          02B8
Signing time:             Wed 25 Mar 2026 22:00:56 +0000
Manifest this update:     Wed 25 Mar 2026 22:00:56 +0000
Manifest next update:     Thu 26 Mar 2026 22:00:56 +0000
Files and hashes:         1: R0NPTmaYKfhsbea6PrDo9m2piLY.crl (hash: 1KGdg8HE96w4pGJLKn7an0d4xgVs08ZKTgSPVcDLmBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:03:d9:98:0a:4f:64:39:f0:ee:c1:8a:f5:3d:1f:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47434f4e669829f86c6de6ba3eb0e8f66da988b6
        Validity
            Not Before: Mar 25 22:00:56 2026 GMT
            Not After : Mar 26 22:00:56 2026 GMT
        Subject: CN=39503da6aa32d544916e27d9d599b53daa490310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3e:7f:32:88:7d:c9:0c:e6:23:38:6d:5a:6c:
                    cd:da:4b:32:f5:ee:6b:52:83:cb:db:8e:cd:e5:5d:
                    3b:ca:2f:64:26:00:34:aa:cd:bc:d1:73:0f:37:10:
                    d5:ae:8b:ed:8d:cd:81:96:ea:37:37:d3:6c:e4:8b:
                    5e:ab:fe:58:98:22:4c:fc:85:c2:25:19:84:8b:2a:
                    b9:aa:52:59:61:bc:70:0a:13:ce:bf:12:15:54:e7:
                    86:c8:09:77:40:3f:38:4b:aa:ec:20:60:e4:81:db:
                    86:74:6c:73:e8:8b:04:8e:fc:76:d7:b6:df:32:67:
                    bc:02:7d:9f:90:98:55:77:b0:e6:d3:8a:0e:46:df:
                    f7:d0:0c:98:d1:ed:bf:7a:71:8f:02:18:78:6d:22:
                    b1:2a:01:3a:91:14:b8:83:f6:96:ac:e0:59:29:f5:
                    65:20:ee:6e:45:49:e2:93:65:3b:3e:52:8c:f4:63:
                    fc:0d:4f:05:83:53:3f:cb:84:bc:9d:e9:cc:c9:be:
                    e1:d7:53:7e:1f:fd:e0:9b:c6:7f:75:c8:e9:0a:5b:
                    45:70:68:75:78:a5:64:4b:0f:24:97:96:28:64:0e:
                    ae:09:bd:11:35:10:a7:a3:c6:7c:17:8b:ec:89:f9:
                    20:50:a7:18:d3:da:b3:7c:6f:9d:d9:9a:0e:ff:5f:
                    94:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:50:3D:A6:AA:32:D5:44:91:6E:27:D9:D5:99:B5:3D:AA:49:03:10
            X509v3 Authority Key Identifier:
                keyid:47:43:4F:4E:66:98:29:F8:6C:6D:E6:BA:3E:B0:E8:F6:6D:A9:88:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0NPTmaYKfhsbea6PrDo9m2piLY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f4522a-6155-40c6-bd89-5b9ffff082f1/1/R0NPTmaYKfhsbea6PrDo9m2piLY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:16:ce:8c:4d:40:2b:be:91:9c:8e:00:e9:c5:aa:1a:b1:d3:
         8e:cd:f7:93:32:78:0f:a5:b9:e4:ab:85:15:34:54:34:16:c9:
         07:85:86:6c:7d:0d:ae:ba:1f:6a:69:f2:a6:cd:fb:bc:73:20:
         58:d7:5c:1c:a2:06:8a:76:6c:ac:9e:59:af:36:4e:96:3b:7a:
         18:d4:71:69:41:2c:3c:a3:12:f5:2f:d4:47:19:f1:a9:43:79:
         50:78:37:85:39:a0:c4:44:87:8e:99:e1:de:3b:fe:f9:59:58:
         f1:41:92:16:4e:26:d2:44:ed:46:79:61:49:96:33:38:b6:6d:
         b5:7b:e5:8c:7e:2f:95:34:99:37:26:22:ed:a2:c7:ca:59:b6:
         0b:08:7f:3b:d9:10:88:2d:f3:a1:3e:f6:da:40:0e:34:e0:84:
         51:12:7a:8f:62:a6:bd:6f:2d:31:d8:79:d3:20:75:1d:dd:fe:
         e6:93:fa:ef:d4:b9:62:1a:72:5b:ab:f0:a4:be:2d:e9:37:ce:
         e7:db:3a:8b:30:25:7c:bc:7e:72:df:7f:7e:41:0d:2e:4f:a4:
         8c:5f:0e:73:17:17:a5:78:d7:a9:9c:8a:bc:91:bf:93:32:42:
         e2:7e:74:9f:89:77:3e:b7:ac:a3:31:e7:b2:8b:b3:dd:ee:13:
         c2:5a:e5:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nA9mYCk9kOfDuwYr1PR/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDM0ZjRlNjY5ODI5Zjg2YzZkZTZiYTNlYjBlOGY2NmRh
OTg4YjYwHhcNMjYwMzI1MjIwMDU2WhcNMjYwMzI2MjIwMDU2WjAzMTEwLwYDVQQD
EygzOTUwM2RhNmFhMzJkNTQ0OTE2ZTI3ZDlkNTk5YjUzZGFhNDkwMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT5/Moh9yQzmIzhtWmzN2ksy9e5r
UoPL247N5V07yi9kJgA0qs280XMPNxDVrovtjc2Bluo3N9Ns5Iteq/5YmCJM/IXC
JRmEiyq5qlJZYbxwChPOvxIVVOeGyAl3QD84S6rsIGDkgduGdGxz6IsEjvx217bf
Mme8An2fkJhVd7Dm04oORt/30AyY0e2/enGPAhh4bSKxKgE6kRS4g/aWrOBZKfVl
IO5uRUnik2U7PlKM9GP8DU8Fg1M/y4S8nenMyb7h11N+H/3gm8Z/dcjpCltFcGh1
eKVkSw8kl5YoZA6uCb0RNRCno8Z8F4vsifkgUKcY09qzfG+d2ZoO/1+UnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDlQPaaqMtVEkW4n2dWZtT2qSQMQMB8GA1UdIwQY
MBaAFEdDT05mmCn4bG3muj6w6PZtqYi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODkt
NWI5ZmZmZjA4MmYxLzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mNDUyMmEtNjE1NS00MGM2LWJkODktNWI5ZmZmZjA4MmYx
LzEvUjBOUFRtYVlLZmhzYmVhNlByRG85bTJwaUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABhbOjE1A
K76RnI4A6cWqGrHTjs33kzJ4D6W55KuFFTRUNBbJB4WGbH0Nrrofamnyps37vHMg
WNdcHKIGinZsrJ5ZrzZOljt6GNRxaUEsPKMS9S/URxnxqUN5UHg3hTmgxESHjpnh
3jv++VlY8UGSFk4m0kTtRnlhSZYzOLZttXvljH4vlTSZNyYi7aLHylm2Cwh/O9kQ
iC3zoT722kAONOCEURJ6j2KmvW8tMdh50yB1Hd3+5pP679S5YhpyW6vwpL4t6TfO
59s6izAlfLx+ct9/fkENLk+kjF8OcxcXpXjXqZyKvJG/kzJC4n50n4l3PresozHn
souz3e4TwlrlKw==
-----END CERTIFICATE-----