Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          SByS9f8+r5dl+Qf5eiGGfkD0CiLgXg+rGXGONxu+AGE=
Subject key identifier:   31:F1:3D:94:85:CD:E3:E2:35:0D:66:C8:16:D8:86:FE:F4:E5:66:9A
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019D322BF82E312BB812CE744313A7B6552C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          065D
Signing time:             Sat 28 Mar 2026 02:00:35 +0000
Manifest this update:     Sat 28 Mar 2026 02:00:35 +0000
Manifest next update:     Sun 29 Mar 2026 02:00:35 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: JgtiIooIOpK9hbij2UBBCUSaHWEzSupTIyJ+1AEK2O4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:2b:f8:2e:31:2b:b8:12:ce:74:43:13:a7:b6:55:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Mar 28 02:00:35 2026 GMT
            Not After : Mar 29 02:00:35 2026 GMT
        Subject: CN=31f13d9485cde3e2350d66c816d886fef4e5669a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ab:cb:37:37:6d:4d:a6:ea:ae:7f:fc:da:fd:
                    03:46:51:46:1d:19:53:4d:0b:67:34:c2:51:7c:0c:
                    49:51:94:dd:5e:d4:3f:35:f1:23:4e:20:4d:3d:aa:
                    c8:90:26:0f:5a:33:31:32:f8:28:8f:a5:f7:e1:32:
                    79:dc:47:01:df:8b:59:d0:73:1a:95:60:8c:f6:6c:
                    6a:ec:62:15:ca:ff:e7:38:d2:11:cd:c8:e0:ca:c5:
                    9c:1c:44:61:3b:e0:a3:3f:88:9f:30:65:7d:04:b9:
                    ff:be:3f:7c:d3:a9:65:80:ea:f1:18:7f:64:66:84:
                    ce:8f:84:a5:96:7c:e2:d5:4b:7a:5b:6d:a4:e6:b5:
                    9e:6a:c8:31:ab:71:e8:64:f2:ef:90:0d:93:de:4a:
                    b7:e0:d1:f9:54:fe:da:1f:11:5f:82:1a:0b:f4:cf:
                    32:10:d1:0b:b0:03:81:1d:3e:43:1b:4f:50:07:2a:
                    ab:80:8c:16:6a:c7:be:48:7d:15:10:c0:e0:a4:c9:
                    3e:00:34:6d:f7:73:5e:68:cc:b0:b6:7a:68:6b:63:
                    d7:0c:8e:63:86:f1:72:aa:f6:ad:a3:e1:51:84:68:
                    19:e6:fd:cc:63:26:52:fc:aa:51:8f:e3:de:2b:9b:
                    01:40:c0:42:7f:b3:97:db:92:6c:21:b0:f7:e4:3c:
                    00:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:F1:3D:94:85:CD:E3:E2:35:0D:66:C8:16:D8:86:FE:F4:E5:66:9A
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:d7:a4:a2:5a:5a:0e:0c:e4:37:c6:5d:ed:43:6b:d9:93:37:
         dd:ca:4f:76:6d:72:a8:04:96:2d:39:97:68:fc:6c:0d:1b:d3:
         da:29:21:78:58:32:1a:1b:1f:dc:f9:c5:ca:7c:85:0a:b5:fd:
         0e:cb:d6:f5:d2:14:bc:6c:14:50:8b:7a:cd:4a:98:ea:de:6d:
         30:bf:4a:14:19:a8:71:1b:24:37:07:bb:65:35:c1:cb:2a:54:
         c0:1a:98:b3:c8:a4:b3:b6:08:46:10:f3:0e:26:3b:86:ea:ad:
         2d:37:16:93:ad:81:55:fd:47:d7:bb:58:41:1f:53:4b:1c:d3:
         6f:03:6e:22:72:65:ab:76:c8:49:bb:fe:ac:f8:53:9e:ca:a6:
         db:4b:00:93:fb:2b:46:98:53:e5:59:31:22:92:43:c8:26:f6:
         1e:ee:e7:53:71:69:0a:32:b9:27:76:48:d0:7e:21:cf:32:5e:
         ba:c6:d0:ba:7e:32:7c:6e:a8:b9:4d:1a:42:c5:7e:d8:29:79:
         a0:5f:c6:24:80:e0:30:b2:c4:a2:f9:c1:11:06:e1:02:06:64:
         e9:64:12:67:c7:42:0f:a2:42:46:7a:1c:1e:88:e1:9b:2b:d8:
         93:9f:f0:0c:7e:21:64:28:b9:82:74:09:cb:77:98:18:2a:b3:
         b8:a4:02:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yK/guMSu4Es50QxOntlUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwMzI4MDIwMDM1WhcNMjYwMzI5MDIwMDM1WjAzMTEwLwYDVQQD
EygzMWYxM2Q5NDg1Y2RlM2UyMzUwZDY2YzgxNmQ4ODZmZWY0ZTU2NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6vLNzdtTabqrn/82v0DRlFGHRlT
TQtnNMJRfAxJUZTdXtQ/NfEjTiBNParIkCYPWjMxMvgoj6X34TJ53EcB34tZ0HMa
lWCM9mxq7GIVyv/nONIRzcjgysWcHERhO+CjP4ifMGV9BLn/vj9806llgOrxGH9k
ZoTOj4Sllnzi1Ut6W22k5rWeasgxq3HoZPLvkA2T3kq34NH5VP7aHxFfghoL9M8y
ENELsAOBHT5DG09QByqrgIwWase+SH0VEMDgpMk+ADRt93NeaMywtnpoa2PXDI5j
hvFyqvato+FRhGgZ5v3MYyZS/KpRj+PeK5sBQMBCf7OX25JsIbD35DwA9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHxPZSFzePiNQ1myBbYhv705WaaMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJNekolpa
DgzkN8Zd7UNr2ZM33cpPdm1yqASWLTmXaPxsDRvT2ikheFgyGhsf3PnFynyFCrX9
DsvW9dIUvGwUUIt6zUqY6t5tML9KFBmocRskNwe7ZTXByypUwBqYs8iks7YIRhDz
DiY7huqtLTcWk62BVf1H17tYQR9TSxzTbwNuInJlq3bISbv+rPhTnsqm20sAk/sr
RphT5VkxIpJDyCb2Hu7nU3FpCjK5J3ZI0H4hzzJeusbQun4yfG6ouU0aQsV+2Cl5
oF/GJIDgMLLEovnBEQbhAgZk6WQSZ8dCD6JCRnocHojhmyvYk5/wDH4hZCi5gnQJ
y3eYGCqzuKQCLw==
-----END CERTIFICATE-----