Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft
File:                     BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft (raw, json)
Hash identifier:          JBBoPZ3R0z3k+lf1QhRAejW3XMmQ9nJpiWQrJJie4oc=
Subject key identifier:   EC:46:13:6A:EA:A9:F7:8B:E3:9E:F9:E8:5F:CC:B1:5D:78:85:8B:04
Authority key identifier: 04:BE:DB:61:54:A8:79:5D:C4:CE:EF:A6:7A:18:FE:DF:C6:52:15:94
Certificate issuer:       /CN=04bedb6154a8795dc4ceefa67a18fedfc6521594
Certificate serial:       019D284DC6633B2E25DC62FB9C282600DAD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft
Manifest number:          0717
Signing time:             Thu 26 Mar 2026 04:01:18 +0000
Manifest this update:     Thu 26 Mar 2026 04:01:18 +0000
Manifest next update:     Fri 27 Mar 2026 04:01:18 +0000
Files and hashes:         1: BL7bYVSoeV3Ezu-mehj-38ZSFZQ.crl (hash: ARrutzrKF+XW+gONCactyvqxhU3wbsraorCC4kO+/BY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 04:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:4d:c6:63:3b:2e:25:dc:62:fb:9c:28:26:00:da:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04bedb6154a8795dc4ceefa67a18fedfc6521594
        Validity
            Not Before: Mar 26 04:01:18 2026 GMT
            Not After : Mar 27 04:01:18 2026 GMT
        Subject: CN=ec46136aeaa9f78be39ef9e85fccb15d78858b04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ea:21:dd:e4:d4:ae:d2:cd:98:57:71:f0:62:
                    29:3e:1e:b3:08:c5:ca:bb:c5:38:47:3e:16:83:02:
                    f9:31:7f:87:47:da:9f:0f:b7:d0:1b:3b:13:48:21:
                    d4:fe:c1:4c:a4:79:75:57:12:1d:6a:b9:18:0c:8a:
                    bb:bb:7c:55:a1:cd:bd:a0:ad:30:78:fc:02:ab:58:
                    0c:b3:d9:50:30:b5:d2:8c:ad:0b:8e:64:92:83:46:
                    c3:49:64:dc:7d:d1:b3:ed:d1:c2:82:ba:8c:56:09:
                    c5:3d:8e:28:1b:d6:fb:04:40:1c:cf:17:5a:57:2d:
                    14:18:cd:53:3b:cd:73:bf:8d:68:90:54:33:7b:fb:
                    a5:85:cf:0b:2e:44:cd:14:5f:a0:8c:37:30:15:c3:
                    54:02:b8:a4:b3:45:1e:bb:1a:81:78:2e:43:39:d9:
                    ce:f3:f1:c3:11:1e:e8:98:ee:d1:62:a5:49:34:62:
                    50:ea:69:65:cb:f1:e7:ac:33:db:04:94:bf:36:12:
                    a5:dd:75:a6:0c:8d:48:b6:af:ad:08:6d:a4:f1:3e:
                    7b:91:65:2d:ef:c4:02:51:eb:5e:ee:a3:cf:30:65:
                    a3:2f:7f:70:dd:b3:72:92:a4:6c:05:81:ff:18:f5:
                    c1:6a:03:d4:0d:dc:90:08:fe:ef:7f:c4:66:e0:4f:
                    56:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:46:13:6A:EA:A9:F7:8B:E3:9E:F9:E8:5F:CC:B1:5D:78:85:8B:04
            X509v3 Authority Key Identifier:
                keyid:04:BE:DB:61:54:A8:79:5D:C4:CE:EF:A6:7A:18:FE:DF:C6:52:15:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/3173e2-6c6e-427f-9cad-3c87088734f6/1/BL7bYVSoeV3Ezu-mehj-38ZSFZQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:7c:6a:61:8d:80:48:a5:70:b4:29:da:a3:1e:0e:75:3a:ac:
         18:d9:5d:53:5a:0f:41:e5:f6:e3:92:cb:13:9b:7f:70:52:57:
         59:2c:99:ef:33:17:34:6d:0b:99:55:8c:81:f3:e3:d5:8b:80:
         7b:cb:92:ac:70:18:c2:e2:d5:e3:2c:59:9d:9a:02:ab:3b:62:
         3f:78:55:91:d3:07:c8:1a:61:e6:c7:28:52:7c:78:60:e2:71:
         0e:8d:d4:98:a7:66:cc:63:6e:d3:da:a5:34:4f:ea:5c:44:6a:
         55:d3:86:4b:d6:0e:9c:56:c3:60:a8:0b:fb:1d:8a:17:83:50:
         81:cf:19:aa:07:c9:88:87:f6:da:d8:ae:1d:ee:f3:c5:9d:f3:
         da:4c:c4:07:53:cb:13:f7:42:2e:cf:f0:29:37:4e:3e:7c:73:
         ec:08:63:b0:ea:24:85:32:e7:a4:df:65:53:73:f8:5a:b8:f5:
         e6:88:d3:d6:d8:ea:b0:1e:35:3c:0a:eb:dc:dd:9e:10:3f:01:
         34:5f:78:94:bc:c2:62:0b:23:3a:a0:39:95:fb:20:a5:b7:a1:
         6c:90:de:fe:95:f2:7a:52:23:6f:94:ee:97:36:4e:9c:b2:3e:
         dc:64:23:8a:b7:b7:60:6a:fc:fc:c3:ef:04:5b:82:94:97:1f:
         cc:cb:34:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTcZjOy4l3GL7nCgmANrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YmVkYjYxNTRhODc5NWRjNGNlZWZhNjdhMThmZWRmYzY1
MjE1OTQwHhcNMjYwMzI2MDQwMTE4WhcNMjYwMzI3MDQwMTE4WjAzMTEwLwYDVQQD
EyhlYzQ2MTM2YWVhYTlmNzhiZTM5ZWY5ZTg1ZmNjYjE1ZDc4ODU4YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreoh3eTUrtLNmFdx8GIpPh6zCMXK
u8U4Rz4WgwL5MX+HR9qfD7fQGzsTSCHU/sFMpHl1VxIdarkYDIq7u3xVoc29oK0w
ePwCq1gMs9lQMLXSjK0LjmSSg0bDSWTcfdGz7dHCgrqMVgnFPY4oG9b7BEAczxda
Vy0UGM1TO81zv41okFQze/ulhc8LLkTNFF+gjDcwFcNUAriks0UeuxqBeC5DOdnO
8/HDER7omO7RYqVJNGJQ6mlly/HnrDPbBJS/NhKl3XWmDI1Itq+tCG2k8T57kWUt
78QCUete7qPPMGWjL39w3bNykqRsBYH/GPXBagPUDdyQCP7vf8Rm4E9WlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxGE2rqqfeL45756F/MsV14hYsEMB8GA1UdIwQY
MBaAFAS+22FUqHldxM7vpnoY/t/GUhWUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkw3YllWU29lVjNFenUtbWVoai0zOFpTRlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMTczZTItNmM2ZS00MjdmLTljYWQt
M2M4NzA4ODczNGY2LzEvQkw3YllWU29lVjNFenUtbWVoai0zOFpTRlpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMTczZTItNmM2ZS00MjdmLTljYWQtM2M4NzA4ODczNGY2
LzEvQkw3YllWU29lVjNFenUtbWVoai0zOFpTRlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAinxqYY2A
SKVwtCnaox4OdTqsGNldU1oPQeX245LLE5t/cFJXWSyZ7zMXNG0LmVWMgfPj1YuA
e8uSrHAYwuLV4yxZnZoCqztiP3hVkdMHyBph5scoUnx4YOJxDo3UmKdmzGNu09ql
NE/qXERqVdOGS9YOnFbDYKgL+x2KF4NQgc8ZqgfJiIf22tiuHe7zxZ3z2kzEB1PL
E/dCLs/wKTdOPnxz7AhjsOokhTLnpN9lU3P4Wrj15ojT1tjqsB41PArr3N2eED8B
NF94lLzCYgsjOqA5lfsgpbehbJDe/pXyelIjb5TulzZOnLI+3GQjire3YGr8/MPv
BFuClJcfzMs0aA==
-----END CERTIFICATE-----