Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft
File:                     bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft (raw, json)
Hash identifier:          MhlGpQu7WO/Zp/a7yvKDHhubXv/5WXJtv8Vi209P0s0=
Subject key identifier:   DB:E6:97:3E:2D:0A:E0:07:40:D6:11:1E:E6:35:42:69:75:D9:0B:B7
Authority key identifier: 6D:00:51:98:B7:45:72:A1:56:AB:63:F2:30:85:89:7B:D3:CC:D4:1B
Certificate issuer:       /CN=6d005198b74572a156ab63f23085897bd3ccd41b
Certificate serial:       019D2A3C0EFDDDA83DC166535DD1FE703488
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft
Manifest number:          04AC
Signing time:             Thu 26 Mar 2026 13:01:12 +0000
Manifest this update:     Thu 26 Mar 2026 13:01:12 +0000
Manifest next update:     Fri 27 Mar 2026 13:01:12 +0000
Files and hashes:         1: bQBRmLdFcqFWq2PyMIWJe9PM1Bs.crl (hash: 7CQFRy6otOW4Q+iT9/x7wA4Z1tdTzSSE7WHXtCrb1C8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:2a:3c:0e:fd:dd:a8:3d:c1:66:53:5d:d1:fe:70:34:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d005198b74572a156ab63f23085897bd3ccd41b
        Validity
            Not Before: Mar 26 13:01:12 2026 GMT
            Not After : Mar 27 13:01:12 2026 GMT
        Subject: CN=dbe6973e2d0ae00740d6111ee635426975d90bb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:59:88:ba:c5:19:80:7f:2f:d3:9a:87:6d:46:
                    ed:f9:ae:8c:9b:e6:f3:63:53:4a:a4:72:de:5d:43:
                    51:74:1b:7f:a6:d1:82:ea:ce:99:ee:a0:58:52:7c:
                    ed:c6:f2:21:1e:93:d4:7c:fa:4f:c5:c6:4f:54:62:
                    a8:ec:d8:74:54:7a:9e:31:f8:25:92:d1:d0:e3:bc:
                    58:4a:5e:f8:31:ea:0f:98:45:e9:28:79:05:f8:ff:
                    37:24:f9:f1:b8:ec:4e:42:f5:74:ec:7a:0a:55:37:
                    ff:c4:fd:71:2b:ea:5d:e6:ee:c5:ba:1e:dc:f0:07:
                    bc:93:59:67:3e:90:ab:bf:be:51:9a:ac:a9:21:9a:
                    5a:de:1a:76:4a:7c:95:f5:5c:68:95:a4:c0:c6:58:
                    b3:a8:ed:4c:64:30:80:53:f6:fb:e2:52:dd:41:d9:
                    2e:71:94:07:1d:8c:e2:98:80:95:7d:bc:cf:26:23:
                    a6:f2:a1:c9:0f:9b:a5:5b:58:40:e8:ed:79:b9:08:
                    dd:7e:f3:30:98:20:21:97:9d:c3:76:98:70:53:46:
                    b0:15:06:da:ac:c3:49:90:fd:bb:7d:6c:11:01:14:
                    1b:8b:16:e7:f7:c1:97:11:94:e9:b1:7d:8d:c0:15:
                    55:1d:54:b9:4e:7f:b3:91:35:5b:8a:e7:95:59:61:
                    93:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:E6:97:3E:2D:0A:E0:07:40:D6:11:1E:E6:35:42:69:75:D9:0B:B7
            X509v3 Authority Key Identifier:
                keyid:6D:00:51:98:B7:45:72:A1:56:AB:63:F2:30:85:89:7B:D3:CC:D4:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/975f3c-af4a-437b-89b1-284e5123e29f/1/bQBRmLdFcqFWq2PyMIWJe9PM1Bs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:e8:8b:4b:56:ae:f8:fa:fc:82:16:c9:05:8f:af:5f:91:d8:
         c1:b6:f8:c1:c5:77:f7:ca:7e:2f:5e:af:28:64:48:0f:24:2f:
         17:e3:27:2b:ba:04:c5:7d:d5:16:00:77:a9:71:ec:7e:d7:6b:
         99:21:03:3e:4a:63:bd:ab:a2:10:f4:3e:f4:71:55:1d:ca:2c:
         55:53:24:c5:44:4e:92:1c:64:95:24:97:21:12:c8:34:ba:1e:
         3f:ca:e1:73:81:e4:71:3a:73:a0:22:ea:f8:08:5e:30:70:92:
         7f:cd:53:60:8b:f2:f0:0f:10:78:e2:7a:1d:3c:a4:68:6b:93:
         18:f9:d4:2b:99:ae:d9:81:53:e0:e2:ea:e2:72:06:da:ae:07:
         c1:ad:27:e3:c0:32:06:73:76:0f:f5:02:7d:fb:7e:ca:25:02:
         ca:a8:ef:80:29:68:88:73:31:03:5e:1e:48:78:44:91:5c:16:
         d7:a0:1f:38:7c:b8:3b:aa:f4:29:a8:e9:81:4a:10:df:75:cd:
         77:5f:c3:2f:29:4d:55:62:81:67:04:3d:d4:63:ee:1f:5c:66:
         f1:94:58:ab:b3:1d:95:54:01:31:e2:c3:22:b9:37:b5:02:dc:
         21:b3:5c:ac:94:b9:79:f5:30:7f:5f:90:30:eb:b8:f1:ba:79:
         d2:ce:1e:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qPA793ag9wWZTXdH+cDSIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDA1MTk4Yjc0NTcyYTE1NmFiNjNmMjMwODU4OTdiZDNj
Y2Q0MWIwHhcNMjYwMzI2MTMwMTEyWhcNMjYwMzI3MTMwMTEyWjAzMTEwLwYDVQQD
EyhkYmU2OTczZTJkMGFlMDA3NDBkNjExMWVlNjM1NDI2OTc1ZDkwYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1mIusUZgH8v05qHbUbt+a6Mm+bz
Y1NKpHLeXUNRdBt/ptGC6s6Z7qBYUnztxvIhHpPUfPpPxcZPVGKo7Nh0VHqeMfgl
ktHQ47xYSl74MeoPmEXpKHkF+P83JPnxuOxOQvV07HoKVTf/xP1xK+pd5u7Fuh7c
8Ae8k1lnPpCrv75RmqypIZpa3hp2SnyV9VxolaTAxlizqO1MZDCAU/b74lLdQdku
cZQHHYzimICVfbzPJiOm8qHJD5ulW1hA6O15uQjdfvMwmCAhl53DdphwU0awFQba
rMNJkP27fWwRARQbixbn98GXEZTpsX2NwBVVHVS5Tn+zkTVbiueVWWGTtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvmlz4tCuAHQNYRHuY1Qml12Qu3MB8GA1UdIwQY
MBaAFG0AUZi3RXKhVqtj8jCFiXvTzNQbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFCUm1MZEZjcUZXcTJQeU1JV0plOVBNMUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC85NzVmM2MtYWY0YS00MzdiLTg5YjEt
Mjg0ZTUxMjNlMjlmLzEvYlFCUm1MZEZjcUZXcTJQeU1JV0plOVBNMUJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC85NzVmM2MtYWY0YS00MzdiLTg5YjEtMjg0ZTUxMjNlMjlm
LzEvYlFCUm1MZEZjcUZXcTJQeU1JV0plOVBNMUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcuiLS1au
+Pr8ghbJBY+vX5HYwbb4wcV398p+L16vKGRIDyQvF+MnK7oExX3VFgB3qXHsftdr
mSEDPkpjvauiEPQ+9HFVHcosVVMkxUROkhxklSSXIRLINLoeP8rhc4HkcTpzoCLq
+AheMHCSf81TYIvy8A8QeOJ6HTykaGuTGPnUK5mu2YFT4OLq4nIG2q4Hwa0n48Ay
BnN2D/UCfft+yiUCyqjvgCloiHMxA14eSHhEkVwW16AfOHy4O6r0KajpgUoQ33XN
d1/DLylNVWKBZwQ91GPuH1xm8ZRYq7MdlVQBMeLDIrk3tQLcIbNcrJS5efUwf1+Q
MOu48bp50s4eEw==
-----END CERTIFICATE-----