Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
File:                     vdI1_DzDTEVIxqhONeSVMyhTm-E.mft (raw, json)
Hash identifier:          Xz6EnEXr3RDBJV0V7pk4WXoJHibPWn+9yd2xiYdiZcI=
Subject key identifier:   27:FB:49:58:1F:AF:0F:20:10:FF:01:FB:E8:06:27:17:07:BD:1B:2C
Authority key identifier: BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1
Certificate issuer:       /CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
Certificate serial:       019D262832875B7ACBE8105DB7AAD140D4A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
Manifest number:          128F
Signing time:             Wed 25 Mar 2026 18:01:01 +0000
Manifest this update:     Wed 25 Mar 2026 18:01:01 +0000
Manifest next update:     Thu 26 Mar 2026 18:01:01 +0000
Files and hashes:         1: vdI1_DzDTEVIxqhONeSVMyhTm-E.crl (hash: xybqxQnk8KlkHW3qb21heyFPQZMBuOOuKNJxw8hdOEA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:28:32:87:5b:7a:cb:e8:10:5d:b7:aa:d1:40:d4:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdd235fc3cc34c4548c6a84e35e4953328539be1
        Validity
            Not Before: Mar 25 18:01:01 2026 GMT
            Not After : Mar 26 18:01:01 2026 GMT
        Subject: CN=27fb49581faf0f2010ff01fbe806271707bd1b2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:cf:fe:89:89:79:ae:9e:bb:5f:57:a5:74:ad:
                    36:5d:99:7e:e6:55:cd:63:4b:ec:42:43:aa:d2:d4:
                    06:ab:23:88:31:6a:74:72:29:8b:6f:ca:9e:7c:da:
                    5a:34:91:48:02:09:77:ad:3d:52:1f:8c:b8:2c:66:
                    08:44:c1:47:d1:b1:7c:fe:7b:5b:07:61:5a:a8:9f:
                    84:82:3a:c3:b3:60:39:d7:7a:fb:d7:fe:03:1e:2d:
                    b0:5a:e7:e1:01:6f:e0:cd:4c:b3:89:3a:6e:d9:86:
                    ee:90:4c:5d:08:8e:03:da:08:6c:3e:f7:99:bd:d5:
                    b0:db:a5:f7:1d:b3:e6:5b:61:8c:88:fa:c3:16:61:
                    dd:e9:c0:83:f1:20:cd:41:68:74:7d:b6:57:12:8d:
                    75:ab:28:6e:6b:78:a3:97:b6:91:06:88:a3:82:21:
                    2c:a8:0c:d8:76:e3:2c:09:6b:b3:33:d1:58:35:01:
                    e3:cb:58:e9:d8:73:ee:24:6b:1d:7a:de:4f:a6:ae:
                    a2:8d:3f:dd:91:3c:62:39:9c:0a:84:cc:a5:82:14:
                    10:d1:ca:2f:6a:ce:ef:5c:56:4f:db:f0:9e:30:cc:
                    bf:81:60:07:b7:0c:af:2a:39:6c:f6:bf:05:75:b7:
                    e6:cf:41:0c:76:dc:c2:58:5c:6e:34:06:0e:2d:4a:
                    51:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:FB:49:58:1F:AF:0F:20:10:FF:01:FB:E8:06:27:17:07:BD:1B:2C
            X509v3 Authority Key Identifier:
                keyid:BD:D2:35:FC:3C:C3:4C:45:48:C6:A8:4E:35:E4:95:33:28:53:9B:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdI1_DzDTEVIxqhONeSVMyhTm-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/244f29-3b70-4155-b28c-1ecf1ed6487b/1/vdI1_DzDTEVIxqhONeSVMyhTm-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:4e:8d:f3:bc:ed:d5:a8:2c:0b:9d:09:fd:a0:d4:c0:c9:1d:
         00:af:42:14:24:79:5c:a3:51:66:d0:f4:7a:da:77:57:03:a6:
         b6:57:99:dc:6b:57:34:35:4d:94:f9:ee:23:19:d2:cf:f5:79:
         45:19:4d:e7:4c:67:01:f5:93:76:82:b8:3c:cb:1b:f2:dc:f9:
         88:da:e9:bf:86:fc:f5:76:14:81:d8:fd:1b:2a:58:aa:b0:72:
         1a:ab:5a:69:b7:1b:a7:a8:1e:94:d9:8b:57:32:f0:03:08:7d:
         93:5f:71:51:85:e5:42:52:9e:1b:7f:b9:d1:ad:7a:c5:27:29:
         8d:c3:88:a0:7d:3d:95:20:31:14:6b:d7:6a:e5:ec:15:54:1d:
         8f:4f:df:57:de:0b:d6:dd:94:83:bc:06:f7:26:32:89:aa:dc:
         c1:4f:04:68:8b:0e:6b:2b:7a:95:b6:a3:ed:d4:f2:e5:e7:1c:
         9f:82:20:0b:e1:5d:ed:bd:68:a4:a5:c7:20:d0:09:8c:b7:d5:
         92:54:80:ba:5f:25:8c:4f:4d:63:b4:8e:05:26:44:f5:c1:86:
         d1:6f:f2:88:23:6c:5e:1c:89:52:66:d0:a1:d6:fc:e8:19:7f:
         50:5b:22:db:85:73:2e:f4:7a:99:43:c9:f4:c1:e5:cf:72:dd:
         40:1f:83:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKDKHW3rL6BBdt6rRQNSoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDIzNWZjM2NjMzRjNDU0OGM2YTg0ZTM1ZTQ5NTMzMjg1
MzliZTEwHhcNMjYwMzI1MTgwMTAxWhcNMjYwMzI2MTgwMTAxWjAzMTEwLwYDVQQD
EygyN2ZiNDk1ODFmYWYwZjIwMTBmZjAxZmJlODA2MjcxNzA3YmQxYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM/+iYl5rp67X1eldK02XZl+5lXN
Y0vsQkOq0tQGqyOIMWp0cimLb8qefNpaNJFIAgl3rT1SH4y4LGYIRMFH0bF8/ntb
B2FaqJ+EgjrDs2A513r71/4DHi2wWufhAW/gzUyziTpu2YbukExdCI4D2ghsPveZ
vdWw26X3HbPmW2GMiPrDFmHd6cCD8SDNQWh0fbZXEo11qyhua3ijl7aRBoijgiEs
qAzYduMsCWuzM9FYNQHjy1jp2HPuJGsdet5Ppq6ijT/dkTxiOZwKhMylghQQ0cov
as7vXFZP2/CeMMy/gWAHtwyvKjls9r8Fdbfmz0EMdtzCWFxuNAYOLUpRfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCf7SVgfrw8gEP8B++gGJxcHvRssMB8GA1UdIwQY
MBaAFL3SNfw8w0xFSMaoTjXklTMoU5vhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMt
MWVjZjFlZDY0ODdiLzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yNDRmMjktM2I3MC00MTU1LWIyOGMtMWVjZjFlZDY0ODdi
LzEvdmRJMV9EekRURVZJeHFoT05lU1ZNeWhUbS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADE6N87zt
1agsC50J/aDUwMkdAK9CFCR5XKNRZtD0etp3VwOmtleZ3GtXNDVNlPnuIxnSz/V5
RRlN50xnAfWTdoK4PMsb8tz5iNrpv4b89XYUgdj9GypYqrByGqtaabcbp6gelNmL
VzLwAwh9k19xUYXlQlKeG3+50a16xScpjcOIoH09lSAxFGvXauXsFVQdj0/fV94L
1t2Ug7wG9yYyiarcwU8EaIsOayt6lbaj7dTy5eccn4IgC+Fd7b1opKXHINAJjLfV
klSAul8ljE9NY7SOBSZE9cGG0W/yiCNsXhyJUmbQodb86Bl/UFsi24VzLvR6mUPJ
9MHlz3LdQB+DrA==
-----END CERTIFICATE-----