Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft
File:                     bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft (raw, json)
Hash identifier:          jY3cxOD8sKfQbiO78iegoOc1cXZHF+K9tigm79iCaHE=
Subject key identifier:   38:E8:59:8B:AA:35:EA:F4:C9:DD:5A:C7:F5:B9:A6:CC:A7:AF:FC:3D
Authority key identifier: 6C:0D:27:F0:D1:30:FE:E6:7D:82:D5:98:2F:7C:93:4F:87:91:CD:F0
Certificate issuer:       /CN=6c0d27f0d130fee67d82d5982f7c934f8791cdf0
Certificate serial:       019D2695D7B1F18D119F91FFE70D0D324BB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft
Manifest number:          02A8
Signing time:             Wed 25 Mar 2026 20:00:47 +0000
Manifest this update:     Wed 25 Mar 2026 20:00:47 +0000
Manifest next update:     Thu 26 Mar 2026 20:00:47 +0000
Files and hashes:         1: bA0n8NEw_uZ9gtWYL3yTT4eRzfA.crl (hash: 9Vc150OLPOB3T11Cm+5JuRs3VURsOinRdiKfzWVxS8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:26:95:d7:b1:f1:8d:11:9f:91:ff:e7:0d:0d:32:4b:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c0d27f0d130fee67d82d5982f7c934f8791cdf0
        Validity
            Not Before: Mar 25 20:00:47 2026 GMT
            Not After : Mar 26 20:00:47 2026 GMT
        Subject: CN=38e8598baa35eaf4c9dd5ac7f5b9a6cca7affc3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:03:3c:36:6e:79:50:89:91:69:d8:21:13:ed:
                    66:74:53:6d:15:7c:b7:8d:99:15:94:6f:6b:4c:c5:
                    fd:3d:b7:3f:c4:42:1a:8b:b0:df:d1:47:bd:e5:8f:
                    74:18:99:30:e7:6a:4c:22:71:c8:45:3b:7e:c5:86:
                    77:d6:b0:60:88:b2:c8:ac:20:99:5d:7a:cb:e8:d9:
                    40:8b:74:35:8b:6a:80:0f:42:fa:c8:9d:21:55:05:
                    86:e9:c8:78:16:f9:de:d5:73:50:13:0b:de:e8:41:
                    9f:57:1d:8e:6f:54:22:99:a4:89:71:b6:7a:47:b9:
                    49:6a:0a:39:ed:53:42:39:ef:f8:65:89:29:aa:a2:
                    66:e6:60:62:02:f6:ac:62:77:55:66:12:8e:39:7b:
                    2e:c6:8e:0d:82:d2:6b:4f:44:66:e2:3e:f4:38:64:
                    9c:b9:55:5d:a9:ff:92:b9:40:51:4c:c9:dc:c1:52:
                    69:b6:98:cb:06:13:3c:ca:98:c7:95:36:63:82:18:
                    52:2f:ce:99:95:e6:60:0d:4e:df:e1:98:4f:55:88:
                    53:c4:f2:37:8b:9b:17:fa:1e:de:27:c3:3a:ea:b9:
                    7b:de:49:2e:30:a9:a2:81:0b:3f:71:8d:c2:f9:f7:
                    39:3e:33:8f:a5:30:2a:03:0d:43:21:78:d5:6a:18:
                    3f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:E8:59:8B:AA:35:EA:F4:C9:DD:5A:C7:F5:B9:A6:CC:A7:AF:FC:3D
            X509v3 Authority Key Identifier:
                keyid:6C:0D:27:F0:D1:30:FE:E6:7D:82:D5:98:2F:7C:93:4F:87:91:CD:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9292c9-24ab-4dbf-bebe-8963d5271f9c/1/bA0n8NEw_uZ9gtWYL3yTT4eRzfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:06:a3:fa:ee:c5:9b:c4:f6:ad:d0:9c:93:f3:0d:8e:4b:0e:
         4c:eb:ae:a1:42:0a:76:94:d8:43:c3:4b:ee:3c:b9:7c:42:4b:
         06:f0:24:f7:43:bf:bb:5d:0f:8f:0c:d7:05:69:91:49:9b:c7:
         a8:62:74:1d:fb:8c:64:e4:db:5c:b8:30:4a:b0:5b:75:4f:c5:
         80:cd:f2:03:5c:40:8d:5f:84:aa:33:48:dc:6f:e7:5a:77:5c:
         37:45:95:78:fe:98:18:df:0a:d3:ec:90:15:bb:16:28:70:7d:
         18:54:6c:1d:63:66:92:c0:c4:c9:28:36:fd:50:61:73:f0:cd:
         3a:fa:34:50:fe:58:8d:73:8e:b1:8c:73:7e:12:d6:c2:6b:b8:
         0d:e6:81:ad:46:26:ad:21:d7:80:3a:38:0d:63:d9:36:34:26:
         9d:3f:42:9b:19:09:54:8c:1b:b4:f5:bf:dc:49:18:fa:15:fb:
         fe:ce:7c:64:0c:9e:a2:50:96:30:d3:92:44:88:0f:83:e1:eb:
         50:7b:0a:78:c8:32:61:3f:79:0e:f8:18:ad:1a:bd:84:03:ac:
         0a:87:27:8b:ca:49:6b:cc:a7:69:f4:e0:a0:7b:4b:2a:b1:cb:
         d2:97:d9:25:7b:50:37:b9:41:f0:6e:d3:b9:8f:a7:40:c6:d2:
         86:5f:31:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mldex8Y0Rn5H/5w0NMkuxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMGQyN2YwZDEzMGZlZTY3ZDgyZDU5ODJmN2M5MzRmODc5
MWNkZjAwHhcNMjYwMzI1MjAwMDQ3WhcNMjYwMzI2MjAwMDQ3WjAzMTEwLwYDVQQD
EygzOGU4NTk4YmFhMzVlYWY0YzlkZDVhYzdmNWI5YTZjY2E3YWZmYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAM8Nm55UImRadghE+1mdFNtFXy3
jZkVlG9rTMX9Pbc/xEIai7Df0Ue95Y90GJkw52pMInHIRTt+xYZ31rBgiLLIrCCZ
XXrL6NlAi3Q1i2qAD0L6yJ0hVQWG6ch4Fvne1XNQEwve6EGfVx2Ob1QimaSJcbZ6
R7lJago57VNCOe/4ZYkpqqJm5mBiAvasYndVZhKOOXsuxo4NgtJrT0Rm4j70OGSc
uVVdqf+SuUBRTMncwVJptpjLBhM8ypjHlTZjghhSL86ZleZgDU7f4ZhPVYhTxPI3
i5sX+h7eJ8M66rl73kkuMKmigQs/cY3C+fc5PjOPpTAqAw1DIXjVahg/dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjoWYuqNer0yd1ax/W5psynr/w9MB8GA1UdIwQY
MBaAFGwNJ/DRMP7mfYLVmC98k0+Hkc3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkEwbjhORXdfdVo5Z3RXWUwzeVRUNGVSemZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85MjkyYzktMjRhYi00ZGJmLWJlYmUt
ODk2M2Q1MjcxZjljLzEvYkEwbjhORXdfdVo5Z3RXWUwzeVRUNGVSemZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85MjkyYzktMjRhYi00ZGJmLWJlYmUtODk2M2Q1MjcxZjlj
LzEvYkEwbjhORXdfdVo5Z3RXWUwzeVRUNGVSemZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEQaj+u7F
m8T2rdCck/MNjksOTOuuoUIKdpTYQ8NL7jy5fEJLBvAk90O/u10PjwzXBWmRSZvH
qGJ0HfuMZOTbXLgwSrBbdU/FgM3yA1xAjV+EqjNI3G/nWndcN0WVeP6YGN8K0+yQ
FbsWKHB9GFRsHWNmksDEySg2/VBhc/DNOvo0UP5YjXOOsYxzfhLWwmu4DeaBrUYm
rSHXgDo4DWPZNjQmnT9CmxkJVIwbtPW/3EkY+hX7/s58ZAyeolCWMNOSRIgPg+Hr
UHsKeMgyYT95DvgYrRq9hAOsCocni8pJa8ynafTgoHtLKrHL0pfZJXtQN7lB8G7T
uY+nQMbShl8xOg==
-----END CERTIFICATE-----