Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
File:                     BEMrQbKmzMlHFxP39wfXac1Mfb8.mft (raw, json)
Hash identifier:          IbL5eoVBakExrxOEBJmaVpWxjB8b7++nEcaYirMmu6o=
Subject key identifier:   91:D4:DC:99:12:C7:FB:47:45:14:8D:17:80:E7:98:FD:C6:20:07:9E
Authority key identifier: 04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF
Certificate issuer:       /CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
Certificate serial:       019D2695D59FDECF50FF118D186929842BEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
Manifest number:          04EA
Signing time:             Wed 25 Mar 2026 20:00:46 +0000
Manifest this update:     Wed 25 Mar 2026 20:00:46 +0000
Manifest next update:     Thu 26 Mar 2026 20:00:46 +0000
Files and hashes:         1: BEMrQbKmzMlHFxP39wfXac1Mfb8.crl (hash: nB0+RrsW7UJhuGOSyEexfYjDJscBHlSKu/xqO+77Vc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 20:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:95:d5:9f:de:cf:50:ff:11:8d:18:69:29:84:2b:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04432b41b2a6ccc9471713f7f707d769cd4c7dbf
        Validity
            Not Before: Mar 25 20:00:46 2026 GMT
            Not After : Mar 26 20:00:46 2026 GMT
        Subject: CN=91d4dc9912c7fb4745148d1780e798fdc620079e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:1a:7f:0d:34:b5:37:05:6b:b1:b1:ff:0d:7d:
                    a8:c3:35:51:31:3d:e7:52:48:0f:63:c0:a6:0c:78:
                    c2:05:f9:e2:7b:6b:05:5c:cb:18:7a:2c:1f:8c:c2:
                    14:1b:fb:86:e0:35:08:b7:6e:b6:2e:35:81:78:e1:
                    4c:fb:64:46:aa:83:4e:a7:32:d1:27:50:01:3d:79:
                    09:c3:ee:97:e3:0a:f9:4d:3d:70:07:c7:27:6a:47:
                    26:ef:a7:7d:1b:17:df:68:be:48:97:27:89:90:b0:
                    83:e6:fc:15:d2:5e:36:dc:5c:f6:fb:f0:e4:de:c1:
                    fc:ce:25:59:b7:73:6d:d9:ac:d3:98:ad:84:f8:cc:
                    33:02:a7:ba:05:c6:54:28:8f:ba:c6:a5:85:0d:22:
                    0b:a9:44:9e:bd:81:2b:74:f6:f0:a0:82:92:e0:33:
                    29:2d:df:ff:8a:30:cf:da:93:7f:00:e9:c3:77:16:
                    04:7d:e4:25:c4:ef:8d:ce:21:a3:82:a1:83:42:1a:
                    0b:f5:48:ee:a9:09:16:4b:9e:79:8d:85:0c:ca:7b:
                    0e:e5:f8:89:96:8d:fc:19:8b:ac:a3:32:7d:fc:9c:
                    57:a7:b2:78:e7:8c:46:4d:66:a7:eb:c5:43:1e:11:
                    cf:d8:70:18:41:e1:7e:c1:e0:b5:f2:16:92:58:07:
                    b6:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:D4:DC:99:12:C7:FB:47:45:14:8D:17:80:E7:98:FD:C6:20:07:9E
            X509v3 Authority Key Identifier:
                keyid:04:43:2B:41:B2:A6:CC:C9:47:17:13:F7:F7:07:D7:69:CD:4C:7D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BEMrQbKmzMlHFxP39wfXac1Mfb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/72a3de-76c6-4ddb-a4b8-6591d4e7f41f/1/BEMrQbKmzMlHFxP39wfXac1Mfb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:33:d5:65:7f:95:87:ec:43:51:06:c4:4e:2d:33:40:59:60:
         62:ac:72:c2:08:aa:29:a0:3c:dd:3a:db:0d:bf:b5:aa:af:b2:
         b1:72:34:69:c5:41:a2:64:b7:50:0d:0d:e8:2b:8b:a1:a1:a2:
         4f:74:fc:4e:86:88:19:4a:04:d3:4e:56:79:b4:be:fb:c2:3d:
         11:f3:a9:f9:55:7f:4f:a1:5b:82:27:12:c7:50:8e:61:1b:be:
         57:3a:c6:85:e3:8a:e1:9e:15:4b:95:9a:27:15:2b:73:42:38:
         5a:ad:ea:ca:30:0c:e5:10:fb:bd:00:3b:7f:c5:ec:26:77:1b:
         58:4e:09:86:25:db:ad:35:71:cd:88:b0:05:c1:4e:b2:28:62:
         a2:65:63:bd:8c:45:8d:98:57:6a:12:44:f3:70:fa:80:00:a7:
         be:0b:32:4a:59:92:af:f9:62:a0:da:36:4c:00:fd:17:e3:55:
         19:59:d0:83:74:2b:81:32:23:ac:b3:8a:e6:25:5a:b2:22:f0:
         f6:fd:6c:37:5e:e1:9f:20:30:bf:d7:2e:7e:fd:d5:61:d5:51:
         d2:65:20:8c:57:db:48:2e:9a:bf:02:72:63:99:9d:6c:61:01:
         c7:48:72:90:5e:67:a9:67:5c:3a:31:57:00:40:c7:35:e8:f4:
         1e:02:0d:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mldWf3s9Q/xGNGGkphCvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NDMyYjQxYjJhNmNjYzk0NzE3MTNmN2Y3MDdkNzY5Y2Q0
YzdkYmYwHhcNMjYwMzI1MjAwMDQ2WhcNMjYwMzI2MjAwMDQ2WjAzMTEwLwYDVQQD
Eyg5MWQ0ZGM5OTEyYzdmYjQ3NDUxNDhkMTc4MGU3OThmZGM2MjAwNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRp/DTS1NwVrsbH/DX2owzVRMT3n
UkgPY8CmDHjCBfnie2sFXMsYeiwfjMIUG/uG4DUIt262LjWBeOFM+2RGqoNOpzLR
J1ABPXkJw+6X4wr5TT1wB8cnakcm76d9GxffaL5IlyeJkLCD5vwV0l423Fz2+/Dk
3sH8ziVZt3Nt2azTmK2E+MwzAqe6BcZUKI+6xqWFDSILqUSevYErdPbwoIKS4DMp
Ld//ijDP2pN/AOnDdxYEfeQlxO+NziGjgqGDQhoL9UjuqQkWS555jYUMynsO5fiJ
lo38GYusozJ9/JxXp7J454xGTWan68VDHhHP2HAYQeF+weC18haSWAe2YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHU3JkSx/tHRRSNF4DnmP3GIAeeMB8GA1UdIwQY
MBaAFARDK0GypszJRxcT9/cH12nNTH2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0Yjgt
NjU5MWQ0ZTdmNDFmLzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC83MmEzZGUtNzZjNi00ZGRiLWE0YjgtNjU5MWQ0ZTdmNDFm
LzEvQkVNclFiS216TWxIRnhQMzl3ZlhhYzFNZmI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUDPVZX+V
h+xDUQbETi0zQFlgYqxywgiqKaA83TrbDb+1qq+ysXI0acVBomS3UA0N6CuLoaGi
T3T8ToaIGUoE005WebS++8I9EfOp+VV/T6FbgicSx1COYRu+VzrGheOK4Z4VS5Wa
JxUrc0I4Wq3qyjAM5RD7vQA7f8XsJncbWE4JhiXbrTVxzYiwBcFOsihiomVjvYxF
jZhXahJE83D6gACnvgsySlmSr/lioNo2TAD9F+NVGVnQg3QrgTIjrLOK5iVasiLw
9v1sN17hnyAwv9cufv3VYdVR0mUgjFfbSC6avwJyY5mdbGEBx0hykF5nqWdcOjFX
AEDHNej0HgINYw==
-----END CERTIFICATE-----