Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File:                     sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier:          kJFxnun+Ea0HXCbxVUM5TS47BSCUxbV+FAziaCeaSpU=
Subject key identifier:   44:24:9B:E8:E8:77:E0:B6:ED:49:2F:DA:02:FE:59:54:A7:60:A8:F0
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer:       /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial:       019D2704A7DE11B4A3A755CA7B733F29DD6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number:          136B
Signing time:             Wed 25 Mar 2026 22:01:49 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:49 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:49 +0000
Files and hashes:         1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: /inmEWgUz8Re8QwEW2xbUAg0hLY4WLErxWuXkMZtP3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 22:01:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:a7:de:11:b4:a3:a7:55:ca:7b:73:3f:29:dd:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
        Validity
            Not Before: Mar 25 22:01:49 2026 GMT
            Not After : Mar 26 22:01:49 2026 GMT
        Subject: CN=44249be8e877e0b6ed492fda02fe5954a760a8f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d8:45:02:71:de:46:96:75:b8:3f:a8:c2:93:
                    66:eb:c3:6a:d1:fd:cb:8c:b3:8d:0f:20:49:11:0f:
                    a0:56:49:2a:f4:bd:8e:4a:e0:10:dc:11:3e:c7:fd:
                    31:6b:9a:1f:b6:dc:89:7e:dd:5e:ef:b0:e9:11:d4:
                    88:5a:47:9e:da:37:6b:75:a4:37:5e:e4:99:c1:59:
                    64:c0:02:ec:40:a5:f0:26:0d:6c:1f:aa:1e:d2:84:
                    70:4b:37:17:d1:d4:17:6b:0a:13:e9:4a:79:a8:8c:
                    4c:f8:18:d1:3f:85:23:78:02:9e:7d:96:00:b5:12:
                    87:01:c3:cf:b6:18:08:71:16:68:d9:69:4b:d1:2f:
                    a1:d1:d0:5e:a6:60:11:c5:be:db:ce:c6:29:eb:6a:
                    10:cc:55:2f:5c:1a:70:4e:cc:a5:ec:d7:ab:92:10:
                    66:aa:df:7c:dd:19:6e:52:14:28:a8:c0:2a:50:e1:
                    50:df:af:cb:95:29:fd:c9:ea:7e:53:90:3e:a1:1a:
                    1d:57:3d:95:12:b5:05:54:cd:3e:0f:09:1f:54:a8:
                    32:ff:4e:7c:a5:a9:09:72:71:89:67:01:aa:b3:a6:
                    e9:9e:50:44:84:01:14:5f:cf:75:4b:bc:e4:5f:fc:
                    23:d1:d9:12:b0:4d:a2:1f:aa:bf:e4:40:72:50:8b:
                    68:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:24:9B:E8:E8:77:E0:B6:ED:49:2F:DA:02:FE:59:54:A7:60:A8:F0
            X509v3 Authority Key Identifier:
                keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:2a:19:c6:52:29:82:c3:19:54:72:6c:fc:7d:26:21:62:c5:
         17:08:05:8d:2c:26:63:b4:cb:53:ae:9d:34:63:81:06:88:8a:
         9e:b7:a5:4c:a9:6e:f9:a6:da:83:bc:3a:2f:3a:6c:de:8c:e1:
         db:cc:80:3b:66:14:b6:5d:c7:a2:ad:24:1c:9f:e1:99:bb:1c:
         77:bf:db:95:ec:04:73:1c:db:9c:e5:a1:5c:de:77:d9:06:fd:
         48:a4:c7:76:62:f1:99:a7:51:d5:8b:24:43:d7:b7:93:79:6c:
         b5:8d:2d:ba:5d:ad:87:7a:ee:b7:d1:e3:ec:bc:7f:79:1f:e0:
         a4:ff:e5:52:de:df:ff:ec:28:dd:e3:86:01:73:f0:65:59:53:
         29:05:d8:14:4c:8f:37:3e:1b:a9:3f:6d:5a:ec:f6:35:41:f3:
         96:42:78:4f:55:7d:95:e9:49:f6:2c:76:ad:8a:b1:5a:37:d3:
         0f:3d:fb:7f:fb:65:d2:bd:7a:3a:d1:d0:ac:9c:b5:70:b5:74:
         a0:b6:b6:f8:49:61:66:7c:93:8d:a9:e5:c5:ec:59:3e:7f:8d:
         78:ef:6f:76:5d:75:3a:dc:7b:16:88:f6:7b:70:ee:e1:55:4b:
         d9:83:ee:ea:62:d5:fe:45:fa:5b:26:e0:b7:cd:4f:ef:2f:3a:
         6b:13:f4:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBKfeEbSjp1XKe3M/Kd1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjYwMzI1MjIwMTQ5WhcNMjYwMzI2MjIwMTQ5WjAzMTEwLwYDVQQD
Eyg0NDI0OWJlOGU4NzdlMGI2ZWQ0OTJmZGEwMmZlNTk1NGE3NjBhOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9hFAnHeRpZ1uD+owpNm68Nq0f3L
jLONDyBJEQ+gVkkq9L2OSuAQ3BE+x/0xa5ofttyJft1e77DpEdSIWkee2jdrdaQ3
XuSZwVlkwALsQKXwJg1sH6oe0oRwSzcX0dQXawoT6Up5qIxM+BjRP4UjeAKefZYA
tRKHAcPPthgIcRZo2WlL0S+h0dBepmARxb7bzsYp62oQzFUvXBpwTsyl7NerkhBm
qt983RluUhQoqMAqUOFQ36/LlSn9yep+U5A+oRodVz2VErUFVM0+DwkfVKgy/058
pakJcnGJZwGqs6bpnlBEhAEUX891S7zkX/wj0dkSsE2iH6q/5EByUIto8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQkm+jod+C27Ukv2gL+WVSnYKjwMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqCoZxlIp
gsMZVHJs/H0mIWLFFwgFjSwmY7TLU66dNGOBBoiKnrelTKlu+abag7w6Lzps3ozh
28yAO2YUtl3Hoq0kHJ/hmbscd7/blewEcxzbnOWhXN532Qb9SKTHdmLxmadR1Ysk
Q9e3k3lstY0tul2th3rut9Hj7Lx/eR/gpP/lUt7f/+wo3eOGAXPwZVlTKQXYFEyP
Nz4bqT9tWuz2NUHzlkJ4T1V9lelJ9ix2rYqxWjfTDz37f/tl0r16OtHQrJy1cLV0
oLa2+ElhZnyTjanlxexZPn+NeO9vdl11Otx7Foj2e3Du4VVL2YPu6mLV/kX6Wybg
t81P7y86axP09Q==
-----END CERTIFICATE-----