Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
File:                     4CzXYQ92Hg7SUq57ufMPHisXtec.mft (raw, json)
Hash identifier:          rbejiwWMXRGJyNRkVy0jONpsGr33M8tq5oRF3lXu6ro=
Subject key identifier:   DE:7A:81:4A:8A:DC:CF:EF:4F:20:CD:43:25:5D:17:36:30:09:41:35
Authority key identifier: E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7
Certificate issuer:       /CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7
Certificate serial:       019D296192F88036FDE624ED7213A666B568
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
Manifest number:          1518
Signing time:             Thu 26 Mar 2026 09:02:33 +0000
Manifest this update:     Thu 26 Mar 2026 09:02:33 +0000
Manifest next update:     Fri 27 Mar 2026 09:02:33 +0000
Files and hashes:         1: 4CzXYQ92Hg7SUq57ufMPHisXtec.crl (hash: sEQz2B1FeNjXIMP5g0Tlcq6fh1o5YwMSawa5b3aBPUI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:61:92:f8:80:36:fd:e6:24:ed:72:13:a6:66:b5:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7
        Validity
            Not Before: Mar 26 09:02:33 2026 GMT
            Not After : Mar 27 09:02:33 2026 GMT
        Subject: CN=de7a814a8adccfef4f20cd43255d173630094135
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:67:e3:d8:8d:86:8f:37:31:f0:b6:c5:05:58:
                    be:42:a0:31:dc:75:d9:3f:dd:6f:8c:f6:c0:d5:11:
                    45:98:19:8c:7b:9d:5d:63:a3:fb:67:99:82:3d:d7:
                    b9:1b:05:8d:27:1f:23:c7:19:57:bf:22:4d:7a:2c:
                    99:b9:7d:84:df:ba:a5:fa:a9:46:31:ff:c2:ba:37:
                    ab:12:24:fb:e4:b8:ff:88:cd:fe:04:02:2d:67:bb:
                    56:b6:7a:87:42:69:06:93:88:4d:54:40:64:7c:c9:
                    c6:78:06:92:ec:e2:8c:2d:9e:2e:c3:16:c2:e3:63:
                    06:af:b1:92:7e:b8:f0:9a:44:ac:83:3d:5a:91:d7:
                    bd:ea:56:32:2d:8b:d7:5a:29:04:a7:fd:3b:e7:4f:
                    17:89:75:bd:08:4b:91:64:23:f4:c8:87:e0:58:a1:
                    72:38:75:cc:4c:e7:74:6b:34:ce:eb:7a:3a:ea:bd:
                    90:2f:b4:8e:8c:ca:bd:a7:80:a6:b1:b1:43:46:52:
                    1c:ae:25:c3:d5:96:46:26:89:d1:b5:53:a5:04:81:
                    17:f2:6d:e3:ba:9d:c5:45:8c:5d:18:82:2b:e0:08:
                    60:75:f2:88:f0:b7:5a:a5:0b:08:e2:83:92:77:6b:
                    b6:31:06:d7:16:bd:cf:6f:c6:31:a0:df:60:f1:69:
                    85:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:7A:81:4A:8A:DC:CF:EF:4F:20:CD:43:25:5D:17:36:30:09:41:35
            X509v3 Authority Key Identifier:
                keyid:E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:38:38:5f:5d:ee:ef:a7:85:f4:5c:0e:e3:11:a6:4d:26:37:
         1e:0b:6b:f1:9b:21:11:fc:89:4c:90:1c:d4:4b:e0:26:40:63:
         ac:fc:e9:ec:53:64:7f:40:27:44:f3:69:be:81:da:15:40:44:
         98:b2:33:29:4e:85:bd:1d:d6:bc:ff:e0:49:0c:83:84:60:56:
         aa:3d:b4:f0:cd:3a:27:51:9b:0e:a8:a9:33:d2:5e:14:56:3d:
         aa:8c:7e:2d:ad:be:a4:80:57:d1:38:d3:5c:4f:78:e1:86:33:
         66:ed:64:61:8a:67:0e:99:05:c7:ec:5f:9e:f6:11:4d:78:fa:
         b1:9b:5f:cd:c1:51:d5:91:e4:3d:31:35:de:68:16:c0:39:24:
         0d:e6:db:14:5f:37:dc:a6:5e:37:b7:a5:a4:1b:a1:6b:48:14:
         14:e1:3f:31:f9:aa:8f:39:7d:07:ca:55:e9:a4:eb:ef:34:60:
         40:e0:68:59:fd:91:82:ad:c8:a2:51:07:e5:02:2b:46:95:92:
         d7:f2:8b:67:c8:eb:24:b7:80:ec:e8:01:49:47:c6:01:84:de:
         c2:8c:d1:0a:3e:99:77:d2:fc:54:c9:8e:e3:a7:44:e6:e9:64:
         01:18:6e:9a:03:19:31:1e:0a:dc:e9:e7:e1:f7:fb:fe:a9:2c:
         9a:b2:fd:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYZL4gDb95iTtchOmZrVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMmNkNzYxMGY3NjFlMGVkMjUyYWU3YmI5ZjMwZjFlMmIx
N2I1ZTcwHhcNMjYwMzI2MDkwMjMzWhcNMjYwMzI3MDkwMjMzWjAzMTEwLwYDVQQD
EyhkZTdhODE0YThhZGNjZmVmNGYyMGNkNDMyNTVkMTczNjMwMDk0MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2fj2I2Gjzcx8LbFBVi+QqAx3HXZ
P91vjPbA1RFFmBmMe51dY6P7Z5mCPde5GwWNJx8jxxlXvyJNeiyZuX2E37ql+qlG
Mf/CujerEiT75Lj/iM3+BAItZ7tWtnqHQmkGk4hNVEBkfMnGeAaS7OKMLZ4uwxbC
42MGr7GSfrjwmkSsgz1akde96lYyLYvXWikEp/07508XiXW9CEuRZCP0yIfgWKFy
OHXMTOd0azTO63o66r2QL7SOjMq9p4CmsbFDRlIcriXD1ZZGJonRtVOlBIEX8m3j
up3FRYxdGIIr4AhgdfKI8LdapQsI4oOSd2u2MQbXFr3Pb8YxoN9g8WmF5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN56gUqK3M/vTyDNQyVdFzYwCUE1MB8GA1UdIwQY
MBaAFOAs12EPdh4O0lKue7nzDx4rF7XnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMt
OTQzNTE1OWM5M2ViLzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMtOTQzNTE1OWM5M2Vi
LzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJzg4X13u
76eF9FwO4xGmTSY3Hgtr8ZshEfyJTJAc1EvgJkBjrPzp7FNkf0AnRPNpvoHaFUBE
mLIzKU6FvR3WvP/gSQyDhGBWqj208M06J1GbDqipM9JeFFY9qox+La2+pIBX0TjT
XE944YYzZu1kYYpnDpkFx+xfnvYRTXj6sZtfzcFR1ZHkPTE13mgWwDkkDebbFF83
3KZeN7elpBuha0gUFOE/Mfmqjzl9B8pV6aTr7zRgQOBoWf2Rgq3IolEH5QIrRpWS
1/KLZ8jrJLeA7OgBSUfGAYTewozRCj6Zd9L8VMmO46dE5ulkARhumgMZMR4K3Onn
4ff7/qksmrL9YA==
-----END CERTIFICATE-----