Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
File:                     R3BGWvTHI2RwAFnnll08iepGPNc.mft (raw, json)
Hash identifier:          cU50cOLYauBmB9A36blx9IQtP4QxBMrAIHY3aD4QdpA=
Subject key identifier:   04:CA:29:A2:F7:5D:E9:86:19:32:10:C4:31:06:84:BC:08:04:12:8F
Authority key identifier: 47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7
Certificate issuer:       /CN=4770465af4c72364700059e7965d3c89ea463cd7
Certificate serial:       019D28F2B95205403FCC510DBE230BA0D20B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
Manifest number:          123D
Signing time:             Thu 26 Mar 2026 07:01:28 +0000
Manifest this update:     Thu 26 Mar 2026 07:01:28 +0000
Manifest next update:     Fri 27 Mar 2026 07:01:28 +0000
Files and hashes:         1: R3BGWvTHI2RwAFnnll08iepGPNc.crl (hash: U8vaJYt/cesrWZSbWWhIcHyp0laMwLZ9r11OYNEQ/bs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:28:f2:b9:52:05:40:3f:cc:51:0d:be:23:0b:a0:d2:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4770465af4c72364700059e7965d3c89ea463cd7
        Validity
            Not Before: Mar 26 07:01:28 2026 GMT
            Not After : Mar 27 07:01:28 2026 GMT
        Subject: CN=04ca29a2f75de986193210c4310684bc0804128f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:6e:a6:0a:70:90:21:c4:1d:ff:96:c4:e3:39:
                    22:f5:ba:1d:40:4c:22:95:b8:2a:f2:d4:04:3f:d1:
                    70:e0:ce:91:37:aa:a0:97:bf:6c:77:09:12:f0:bf:
                    b2:f1:cd:43:78:2a:3f:c8:bb:7a:b5:f3:63:19:7f:
                    69:0b:7c:b0:fa:4d:58:f1:ce:71:17:49:68:56:e7:
                    63:56:ee:71:cc:97:d4:14:88:e0:ff:a5:29:3f:b2:
                    b3:57:0f:50:62:76:dc:ea:c2:3e:e9:d9:68:00:30:
                    21:bb:f1:74:b3:9e:57:5b:20:32:ce:20:5c:bd:e1:
                    eb:66:ce:ab:e4:d7:81:fe:5f:ed:5f:7b:bc:b0:9c:
                    24:bc:4f:8b:53:5c:40:d4:98:7d:d7:d6:d1:99:d1:
                    74:e3:55:fe:30:21:b2:b4:1e:3f:b5:7a:10:ae:bd:
                    f6:ba:9f:86:10:e9:b6:0e:21:46:49:eb:8d:4e:d2:
                    d0:90:e9:da:e0:0f:f6:c2:9f:61:94:d8:e3:f6:43:
                    c9:13:60:86:63:e0:7f:a4:6c:c3:85:4d:24:8d:3b:
                    be:f0:58:c9:9d:eb:ee:86:c0:dd:50:fd:b4:ad:ae:
                    3b:4c:ec:43:d9:d6:ea:c9:ee:75:76:35:7d:0c:34:
                    00:3a:e2:e5:8b:13:b4:ed:e5:8b:4c:cc:7e:b7:11:
                    5f:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:CA:29:A2:F7:5D:E9:86:19:32:10:C4:31:06:84:BC:08:04:12:8F
            X509v3 Authority Key Identifier:
                keyid:47:70:46:5A:F4:C7:23:64:70:00:59:E7:96:5D:3C:89:EA:46:3C:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3BGWvTHI2RwAFnnll08iepGPNc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/97d09b-e5e1-47f8-b25f-8a92e09bfe1b/1/R3BGWvTHI2RwAFnnll08iepGPNc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:29:93:29:4f:c5:e9:61:02:f0:12:4f:ec:36:53:d6:50:e6:
         59:28:95:6f:e7:43:30:aa:0c:8a:f6:17:f2:76:00:c6:21:ba:
         cc:20:2b:78:85:2a:20:ad:15:1c:93:19:46:19:4b:aa:37:75:
         c1:b8:c1:ba:77:af:dd:3f:23:f0:a0:20:78:5e:f0:c3:5e:0f:
         28:b2:95:0a:b4:c1:6a:d8:7c:48:b7:ce:f7:b3:0b:92:3f:50:
         77:bf:8e:85:2b:17:89:48:0e:ad:89:93:0e:4d:36:32:4a:db:
         cf:34:d5:07:33:69:92:3b:32:af:78:55:74:35:3a:8d:44:34:
         d6:cc:2f:99:1f:e7:21:c7:fb:16:4d:ac:c0:70:5d:92:65:54:
         b0:18:9f:89:13:5c:92:b4:44:f0:9b:44:49:6e:9d:17:ce:82:
         8b:7a:b2:31:38:de:1f:a2:19:86:5f:5c:bd:3e:14:c9:70:0b:
         46:33:9d:a8:74:43:27:5b:88:99:4c:90:52:c8:ca:7a:ec:bd:
         80:d9:fa:d1:d0:59:10:3a:9d:dd:73:da:a5:b9:eb:7e:e7:82:
         c8:34:12:4b:14:c4:a5:b5:ce:43:fe:ba:eb:0e:5a:67:ab:a0:
         59:fa:3b:85:c5:eb:10:d7:a6:13:d5:88:6c:84:93:f5:6e:0b:
         fa:ac:c6:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8rlSBUA/zFENviMLoNILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzA0NjVhZjRjNzIzNjQ3MDAwNTllNzk2NWQzYzg5ZWE0
NjNjZDcwHhcNMjYwMzI2MDcwMTI4WhcNMjYwMzI3MDcwMTI4WjAzMTEwLwYDVQQD
EygwNGNhMjlhMmY3NWRlOTg2MTkzMjEwYzQzMTA2ODRiYzA4MDQxMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi26mCnCQIcQd/5bE4zki9bodQEwi
lbgq8tQEP9Fw4M6RN6qgl79sdwkS8L+y8c1DeCo/yLt6tfNjGX9pC3yw+k1Y8c5x
F0loVudjVu5xzJfUFIjg/6UpP7KzVw9QYnbc6sI+6dloADAhu/F0s55XWyAyziBc
veHrZs6r5NeB/l/tX3u8sJwkvE+LU1xA1Jh919bRmdF041X+MCGytB4/tXoQrr32
up+GEOm2DiFGSeuNTtLQkOna4A/2wp9hlNjj9kPJE2CGY+B/pGzDhU0kjTu+8FjJ
nevuhsDdUP20ra47TOxD2dbqye51djV9DDQAOuLlixO07eWLTMx+txFf6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATKKaL3XemGGTIQxDEGhLwIBBKPMB8GA1UdIwQY
MBaAFEdwRlr0xyNkcABZ55ZdPInqRjzXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYt
OGE5MmUwOWJmZTFiLzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85N2QwOWItZTVlMS00N2Y4LWIyNWYtOGE5MmUwOWJmZTFi
LzEvUjNCR1d2VEhJMlJ3QUZubmxsMDhpZXBHUE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcSmTKU/F
6WEC8BJP7DZT1lDmWSiVb+dDMKoMivYX8nYAxiG6zCAreIUqIK0VHJMZRhlLqjd1
wbjBunev3T8j8KAgeF7ww14PKLKVCrTBath8SLfO97MLkj9Qd7+OhSsXiUgOrYmT
Dk02MkrbzzTVBzNpkjsyr3hVdDU6jUQ01swvmR/nIcf7Fk2swHBdkmVUsBifiRNc
krRE8JtESW6dF86Ci3qyMTjeH6IZhl9cvT4UyXALRjOdqHRDJ1uImUyQUsjKeuy9
gNn60dBZEDqd3XPapbnrfueCyDQSSxTEpbXOQ/666w5aZ6ugWfo7hcXrENemE9WI
bIST9W4L+qzGZQ==
-----END CERTIFICATE-----