Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          FzY5uUFfi32jZpq8/R0gBH8yJtPVrNoaVxK3vKcQ/1s=
Subject key identifier:   3D:41:31:EF:E8:27:A8:E9:06:48:55:A9:39:32:4A:CB:58:00:84:F3
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       019D284D629614AAC136C62A0C1DAF14AFBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          15FC
Signing time:             Thu 26 Mar 2026 04:00:53 +0000
Manifest this update:     Thu 26 Mar 2026 04:00:53 +0000
Manifest next update:     Fri 27 Mar 2026 04:00:53 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: aIl/HZAvb7DBxmIC63ufCbEMe4bZQaiPUCV9nWq8RRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:62:96:14:aa:c1:36:c6:2a:0c:1d:af:14:af:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Mar 26 04:00:53 2026 GMT
            Not After : Mar 27 04:00:53 2026 GMT
        Subject: CN=3d4131efe827a8e9064855a939324acb580084f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:79:24:fa:9d:48:36:0d:cf:13:3e:8a:13:1a:
                    5e:e4:7d:63:18:3c:1f:33:e5:69:57:ed:12:04:d2:
                    9a:69:d6:d0:74:68:58:d7:79:12:44:33:c5:b9:30:
                    d4:e6:e2:9d:b8:ed:a0:c4:22:f6:5d:5b:9b:85:ce:
                    89:cc:fe:0a:de:fb:5b:bc:44:3b:df:98:e9:d3:6f:
                    26:de:8a:24:69:e2:3e:10:5d:fc:57:c7:d3:f8:5f:
                    f6:43:a5:5f:25:6c:4a:05:ea:74:40:42:dd:63:29:
                    5e:30:6b:6f:61:23:2e:9c:8f:56:53:0e:c0:eb:18:
                    cf:a6:10:a9:c1:35:df:f4:a9:f2:81:00:91:9d:1d:
                    63:58:00:0c:95:08:75:c8:64:3b:c1:ca:71:28:9f:
                    2e:c8:c9:40:84:3e:33:ec:2b:35:21:e8:b7:19:fc:
                    c9:03:ef:2e:3f:fa:c5:66:d6:87:6a:42:c8:21:4f:
                    81:cb:99:f6:c3:2c:f6:ca:0d:10:a6:65:fe:d8:ba:
                    3b:82:2f:2d:eb:9f:4e:02:31:23:82:b8:e7:81:fc:
                    91:b0:36:b9:37:a6:6b:0e:c9:2a:ff:f9:fe:bf:2f:
                    b8:16:69:16:3f:3d:82:65:7d:70:41:7d:24:93:c0:
                    7e:76:b5:2f:96:a4:93:9d:b3:78:95:86:e3:88:52:
                    de:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:41:31:EF:E8:27:A8:E9:06:48:55:A9:39:32:4A:CB:58:00:84:F3
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:fc:25:6e:92:1d:02:d0:ce:a6:fc:98:47:7f:83:95:21:72:
         93:1f:c6:da:68:15:60:2e:01:0b:d0:3c:07:7d:9d:59:b3:84:
         a5:db:e8:50:bc:a7:b4:e9:3b:d1:c5:56:fc:6f:e8:06:4e:02:
         68:fa:a0:d5:89:39:f2:3b:aa:47:f2:a1:d8:14:0a:02:f6:e9:
         83:b0:2b:ec:07:34:17:38:71:8b:56:b7:43:2d:45:b2:aa:e8:
         8d:3f:3c:5a:1b:db:ea:dd:22:3d:37:90:43:7a:30:1c:a7:1d:
         b3:bb:9e:50:29:aa:51:1a:75:13:f6:b4:ec:77:4a:7f:98:03:
         56:d3:f5:da:51:07:d0:6f:53:ce:28:b7:73:c7:7f:ad:1e:2a:
         a5:aa:49:d0:bb:e8:4d:9e:40:53:f4:25:44:8b:07:20:f7:ea:
         fe:6a:13:f6:11:10:f2:0b:b7:ba:00:e8:13:0e:1a:eb:bd:8e:
         10:4b:04:53:89:45:1c:f6:48:39:cd:50:0f:56:a8:f8:da:62:
         8e:84:1b:fe:b4:60:b2:a7:7f:e6:33:82:42:42:aa:77:a3:9c:
         f8:32:b9:20:01:27:fe:f0:23:e8:41:2f:76:e1:72:fc:b6:e7:
         ab:fc:bd:a2:cd:5f:4c:c0:59:6c:49:ba:92:ce:46:44:92:8d:
         b9:6c:98:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTWKWFKrBNsYqDB2vFK+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjYwMzI2MDQwMDUzWhcNMjYwMzI3MDQwMDUzWjAzMTEwLwYDVQQD
EygzZDQxMzFlZmU4MjdhOGU5MDY0ODU1YTkzOTMyNGFjYjU4MDA4NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nkk+p1INg3PEz6KExpe5H1jGDwf
M+VpV+0SBNKaadbQdGhY13kSRDPFuTDU5uKduO2gxCL2XVubhc6JzP4K3vtbvEQ7
35jp028m3ookaeI+EF38V8fT+F/2Q6VfJWxKBep0QELdYyleMGtvYSMunI9WUw7A
6xjPphCpwTXf9KnygQCRnR1jWAAMlQh1yGQ7wcpxKJ8uyMlAhD4z7Cs1Iei3GfzJ
A+8uP/rFZtaHakLIIU+By5n2wyz2yg0QpmX+2Lo7gi8t659OAjEjgrjngfyRsDa5
N6ZrDskq//n+vy+4FmkWPz2CZX1wQX0kk8B+drUvlqSTnbN4lYbjiFLeywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1BMe/oJ6jpBkhVqTkySstYAITzMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/wlbpId
AtDOpvyYR3+DlSFykx/G2mgVYC4BC9A8B32dWbOEpdvoULyntOk70cVW/G/oBk4C
aPqg1Yk58juqR/Kh2BQKAvbpg7Ar7Ac0Fzhxi1a3Qy1FsqrojT88Whvb6t0iPTeQ
Q3owHKcds7ueUCmqURp1E/a07HdKf5gDVtP12lEH0G9Tzii3c8d/rR4qpapJ0Lvo
TZ5AU/QlRIsHIPfq/moT9hEQ8gu3ugDoEw4a672OEEsEU4lFHPZIOc1QD1ao+Npi
joQb/rRgsqd/5jOCQkKqd6Oc+DK5IAEn/vAj6EEvduFy/Lbnq/y9os1fTMBZbEm6
ks5GRJKNuWyYmQ==
-----END CERTIFICATE-----