Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
File:                     7fBEw2PXiOdDNOE24DzH_R5JohY.mft (raw, json)
Hash identifier:          VAu/+Z3l/tcKV84ZbpIfotw76hmBP7hQ8Wb4qWUPnJE=
Subject key identifier:   95:C4:ED:79:00:E4:42:3B:84:D2:44:2D:01:9A:FA:7A:09:28:9C:97
Authority key identifier: ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16
Certificate issuer:       /CN=edf044c363d788e74334e136e03cc7fd1e49a216
Certificate serial:       019E1E34F954DAC79CD5B1C81374E10B1BBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
Manifest number:          0B7C
Signing time:             Tue 12 May 2026 22:00:48 +0000
Manifest this update:     Tue 12 May 2026 22:00:48 +0000
Manifest next update:     Wed 13 May 2026 22:00:48 +0000
Files and hashes:         1: 7fBEw2PXiOdDNOE24DzH_R5JohY.crl (hash: SoDf6G1WWDR/JK6xBhAPW2T3WqtJzobVE/7wkLVlvkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 22:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:1e:34:f9:54:da:c7:9c:d5:b1:c8:13:74:e1:0b:1b:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=edf044c363d788e74334e136e03cc7fd1e49a216
        Validity
            Not Before: May 12 22:00:48 2026 GMT
            Not After : May 13 22:00:48 2026 GMT
        Subject: CN=95c4ed7900e4423b84d2442d019afa7a09289c97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:85:97:be:89:42:82:28:04:d5:10:3e:71:66:
                    9c:7b:05:55:e7:90:7f:84:6a:c7:7b:fa:43:68:2c:
                    2c:95:13:ce:ff:59:15:d7:23:5c:03:8e:c1:62:03:
                    37:2f:d4:09:33:06:c8:73:2a:79:43:2e:a1:44:ea:
                    2d:39:01:ac:58:e2:31:58:15:e1:3b:5f:e4:bb:42:
                    37:c7:b7:53:12:30:ff:21:14:c5:0d:f3:a3:0d:e1:
                    8a:c1:55:73:f8:33:1c:36:4c:d6:c7:7b:d4:58:2a:
                    a7:f4:79:7d:55:82:7a:7b:4f:6a:da:0d:58:73:f4:
                    c7:9f:8a:59:92:e7:5d:1b:04:13:33:5b:8a:b3:3e:
                    9f:b9:bc:65:97:e2:8f:bf:ba:fb:d8:5b:e1:b1:57:
                    66:fd:37:a6:c9:23:a1:96:eb:15:b4:b2:23:76:67:
                    82:17:5a:92:d0:e0:f8:55:c8:2b:a9:5c:8b:e4:37:
                    a4:cf:c3:2c:86:04:f2:60:84:e1:76:2a:72:22:52:
                    a0:54:9b:be:19:03:e8:63:04:98:38:8c:94:be:70:
                    86:be:7d:ad:20:1d:69:5b:1d:63:52:92:8a:f2:47:
                    08:03:26:61:72:0b:c1:5d:ed:84:eb:4c:3f:34:44:
                    7b:8c:e3:2a:57:4d:58:2a:9a:cc:ff:38:7d:00:85:
                    fc:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:C4:ED:79:00:E4:42:3B:84:D2:44:2D:01:9A:FA:7A:09:28:9C:97
            X509v3 Authority Key Identifier:
                keyid:ED:F0:44:C3:63:D7:88:E7:43:34:E1:36:E0:3C:C7:FD:1E:49:A2:16

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7fBEw2PXiOdDNOE24DzH_R5JohY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/340491-d1d2-432c-956d-2fe1594ddc9c/1/7fBEw2PXiOdDNOE24DzH_R5JohY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:1c:5f:97:71:9a:74:32:9b:c3:d7:29:e4:f6:60:1b:e0:b5:
         49:d5:41:44:5a:0e:b2:fe:7c:b1:a9:1c:43:77:b2:c3:48:1c:
         29:22:40:8f:48:c2:6e:8b:7a:6f:fb:07:4a:98:fe:b9:a7:cb:
         95:f8:10:f5:e2:aa:a7:53:45:a4:27:fb:ef:a8:0b:b3:e1:9a:
         17:d2:9c:fb:a4:d2:14:43:d2:cb:d6:6d:5d:f1:e3:70:3c:0f:
         d9:e5:d2:79:9a:85:eb:7f:f9:67:3a:e4:30:26:7f:b6:03:5a:
         42:61:f4:5c:c9:26:58:99:01:2e:04:b2:11:1e:10:97:03:62:
         1f:55:a5:8a:fa:5e:db:a6:87:5b:5e:92:f9:47:2a:28:6d:f7:
         bd:0e:ea:c0:fa:4d:4d:1a:f9:ab:35:76:be:a8:f2:3c:0a:d8:
         eb:ce:bf:4a:22:11:19:f6:af:a5:8c:90:67:dd:c7:c3:d0:99:
         ba:11:83:f1:47:23:43:cc:c7:65:c5:0f:3c:42:4f:d9:29:4e:
         56:4b:a7:b3:e7:4c:80:43:f8:d1:3d:dc:f6:9f:85:5f:db:19:
         0f:ee:c8:0c:c9:aa:62:be:7a:49:bc:e8:32:4a:92:26:e6:6d:
         6b:cd:81:9a:d2:72:7c:1e:3f:ff:85:5d:73:8e:92:56:ab:2b:
         20:02:84:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNPlU2sec1bHIE3ThCxu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZjA0NGMzNjNkNzg4ZTc0MzM0ZTEzNmUwM2NjN2ZkMWU0
OWEyMTYwHhcNMjYwNTEyMjIwMDQ4WhcNMjYwNTEzMjIwMDQ4WjAzMTEwLwYDVQQD
Eyg5NWM0ZWQ3OTAwZTQ0MjNiODRkMjQ0MmQwMTlhZmE3YTA5Mjg5Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IWXvolCgigE1RA+cWacewVV55B/
hGrHe/pDaCwslRPO/1kV1yNcA47BYgM3L9QJMwbIcyp5Qy6hROotOQGsWOIxWBXh
O1/ku0I3x7dTEjD/IRTFDfOjDeGKwVVz+DMcNkzWx3vUWCqn9Hl9VYJ6e09q2g1Y
c/THn4pZkuddGwQTM1uKsz6fubxll+KPv7r72FvhsVdm/TemySOhlusVtLIjdmeC
F1qS0OD4VcgrqVyL5Dekz8MshgTyYIThdipyIlKgVJu+GQPoYwSYOIyUvnCGvn2t
IB1pWx1jUpKK8kcIAyZhcgvBXe2E60w/NER7jOMqV01YKprM/zh9AIX8bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJXE7XkA5EI7hNJELQGa+noJKJyXMB8GA1UdIwQY
MBaAFO3wRMNj14jnQzThNuA8x/0eSaIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQt
MmZlMTU5NGRkYzljLzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zNDA0OTEtZDFkMi00MzJjLTk1NmQtMmZlMTU5NGRkYzlj
LzEvN2ZCRXcyUFhpT2RETk9FMjREekhfUjVKb2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApBxfl3Ga
dDKbw9cp5PZgG+C1SdVBRFoOsv58sakcQ3eyw0gcKSJAj0jCbot6b/sHSpj+uafL
lfgQ9eKqp1NFpCf776gLs+GaF9Kc+6TSFEPSy9ZtXfHjcDwP2eXSeZqF63/5Zzrk
MCZ/tgNaQmH0XMkmWJkBLgSyER4QlwNiH1Wlivpe26aHW16S+UcqKG33vQ7qwPpN
TRr5qzV2vqjyPArY686/SiIRGfavpYyQZ93Hw9CZuhGD8UcjQ8zHZcUPPEJP2SlO
Vkuns+dMgEP40T3c9p+FX9sZD+7IDMmqYr56SbzoMkqSJuZta82BmtJyfB4//4Vd
c46SVqsrIAKE7Q==
-----END CERTIFICATE-----