Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
File:                     u0WFtGeSNzbELHly4QQvGy4w3GY.mft (raw, json)
Hash identifier:          ijw/VEPTf1cyv5LaroMcP2fSI5oAbPE9z1lXsoULLCs=
Subject key identifier:   E7:FA:09:52:62:9A:A8:3F:48:17:24:26:77:3C:9D:BC:EC:E0:CA:91
Authority key identifier: BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66
Certificate issuer:       /CN=bb4585b467923736c42c7972e1042f1b2e30dc66
Certificate serial:       019D28F2BBBD1EB5C4502E2E8D05A06ACDE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
Manifest number:          1885
Signing time:             Thu 26 Mar 2026 07:01:29 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:29 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:29 +0000
Files and hashes:         1: u0WFtGeSNzbELHly4QQvGy4w3GY.crl (hash: hK1BWbCXCSLMdDS7axOTW3QnUccpN9bgam3xuch9jZ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:bb:bd:1e:b5:c4:50:2e:2e:8d:05:a0:6a:cd:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb4585b467923736c42c7972e1042f1b2e30dc66
        Validity
            Not Before: Mar 26 07:01:29 2026 GMT
            Not After : Mar 27 07:01:29 2026 GMT
        Subject: CN=e7fa0952629aa83f48172426773c9dbcece0ca91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:b5:9e:bb:98:73:2e:37:69:40:38:12:d8:aa:
                    50:65:01:2f:f1:9b:98:e3:9a:95:e4:4b:81:b4:67:
                    c7:68:4c:c8:49:f5:c4:8e:23:4d:81:bd:16:af:a9:
                    3e:55:70:11:86:78:27:90:08:f1:40:17:17:62:9f:
                    22:e8:bf:f2:a4:f8:ed:3d:75:5c:2a:46:a4:74:01:
                    1f:b0:90:45:7a:74:bd:6b:dd:fd:33:7e:aa:d4:3f:
                    90:79:09:f0:af:40:8c:6e:ac:63:b1:3d:24:f0:a2:
                    6e:d2:5e:05:2d:e7:ab:69:23:12:06:45:c3:73:17:
                    13:f8:0d:59:0d:ac:a4:b5:c2:cd:20:dd:18:0f:a2:
                    3e:18:1f:78:05:18:66:1c:16:69:74:81:03:52:72:
                    eb:12:f1:39:4f:3e:37:36:9f:e9:17:59:8d:92:ea:
                    90:52:39:1c:15:54:b1:7e:21:0c:88:e4:76:77:59:
                    8f:eb:3d:a7:45:3a:cb:bf:19:95:45:7d:1f:c6:d9:
                    c1:f5:bc:26:73:a6:d2:0a:36:1a:00:9d:c5:e1:3b:
                    21:42:0f:f7:fa:36:3b:16:06:c6:a2:ac:38:8e:be:
                    a6:6e:6e:06:7a:d7:2d:c1:04:a7:e9:5c:bb:44:68:
                    54:5c:e6:84:cb:9b:55:b2:ac:1e:7b:09:c2:4f:00:
                    91:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:FA:09:52:62:9A:A8:3F:48:17:24:26:77:3C:9D:BC:EC:E0:CA:91
            X509v3 Authority Key Identifier:
                keyid:BB:45:85:B4:67:92:37:36:C4:2C:79:72:E1:04:2F:1B:2E:30:DC:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0WFtGeSNzbELHly4QQvGy4w3GY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcb846-3fa2-457f-8985-6638101e319b/1/u0WFtGeSNzbELHly4QQvGy4w3GY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:e5:1c:3c:5e:a2:4e:71:f6:d0:02:6d:36:f1:95:29:ef:ea:
         07:83:7c:92:af:40:ad:f1:02:ae:99:de:60:4f:98:0e:75:61:
         4a:e8:af:76:45:a5:3d:62:32:41:a5:d8:25:89:de:02:50:9e:
         a5:2c:e2:f5:ad:cf:5e:be:6a:90:46:6b:21:06:1e:90:c1:d3:
         bb:c4:77:3f:b4:44:40:d4:02:4b:5b:a4:0d:41:61:b4:83:b2:
         81:0f:03:66:e0:4a:83:2d:d0:ec:a1:de:36:aa:d4:4f:72:ae:
         cf:0c:22:99:59:a8:1e:0c:75:9c:02:5d:92:52:1f:29:56:d1:
         8b:7d:3e:50:5d:87:db:d3:60:57:ab:a7:51:d7:f2:c9:ef:a9:
         9f:66:86:04:44:28:21:68:7b:3b:12:5c:af:71:0b:5b:09:d3:
         01:fd:4d:a1:e2:a0:49:3a:7d:d3:18:b8:85:7c:47:45:f6:e7:
         1d:e8:f7:01:5f:8d:3e:6b:89:c3:b5:4d:86:eb:2a:b4:f9:9a:
         7e:90:a6:d6:f3:33:a2:83:a2:7d:b2:a7:87:45:3c:26:ab:69:
         13:05:3a:ac:2c:b4:cb:7b:50:fc:ed:d0:ce:26:81:4c:47:20:
         75:2e:c3:16:1a:89:10:18:8d:7d:9b:84:13:da:34:50:14:ea:
         ce:3b:40:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8ru9HrXEUC4ujQWgas3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDU4NWI0Njc5MjM3MzZjNDJjNzk3MmUxMDQyZjFiMmUz
MGRjNjYwHhcNMjYwMzI2MDcwMTI5WhcNMjYwMzI3MDcwMTI5WjAzMTEwLwYDVQQD
EyhlN2ZhMDk1MjYyOWFhODNmNDgxNzI0MjY3NzNjOWRiY2VjZTBjYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbWeu5hzLjdpQDgS2KpQZQEv8ZuY
45qV5EuBtGfHaEzISfXEjiNNgb0Wr6k+VXARhngnkAjxQBcXYp8i6L/ypPjtPXVc
KkakdAEfsJBFenS9a939M36q1D+QeQnwr0CMbqxjsT0k8KJu0l4FLeeraSMSBkXD
cxcT+A1ZDayktcLNIN0YD6I+GB94BRhmHBZpdIEDUnLrEvE5Tz43Np/pF1mNkuqQ
UjkcFVSxfiEMiOR2d1mP6z2nRTrLvxmVRX0fxtnB9bwmc6bSCjYaAJ3F4TshQg/3
+jY7FgbGoqw4jr6mbm4GetctwQSn6Vy7RGhUXOaEy5tVsqweewnCTwCR4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOf6CVJimqg/SBckJnc8nbzs4MqRMB8GA1UdIwQY
MBaAFLtFhbRnkjc2xCx5cuEELxsuMNxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUt
NjYzODEwMWUzMTliLzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2I4NDYtM2ZhMi00NTdmLTg5ODUtNjYzODEwMWUzMTli
LzEvdTBXRnRHZVNOemJFTEhseTRRUXZHeTR3M0dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOuUcPF6i
TnH20AJtNvGVKe/qB4N8kq9ArfECrpneYE+YDnVhSuivdkWlPWIyQaXYJYneAlCe
pSzi9a3PXr5qkEZrIQYekMHTu8R3P7REQNQCS1ukDUFhtIOygQ8DZuBKgy3Q7KHe
NqrUT3KuzwwimVmoHgx1nAJdklIfKVbRi30+UF2H29NgV6unUdfyye+pn2aGBEQo
IWh7OxJcr3ELWwnTAf1NoeKgSTp90xi4hXxHRfbnHej3AV+NPmuJw7VNhusqtPma
fpCm1vMzooOifbKnh0U8JqtpEwU6rCy0y3tQ/O3QziaBTEcgdS7DFhqJEBiNfZuE
E9o0UBTqzjtAog==
-----END CERTIFICATE-----