Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          W1bduwwSgjOWaX8nCXtcD6GD233zkMAxSi3NU3hHBMo=
Subject key identifier:   22:C1:AB:ED:99:2A:2B:9A:2D:3B:07:0C:34:83:72:85:65:CA:F2:4C
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       019D2771BCD6FC2E9A3C3713A3C1320E813A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          084F
Signing time:             Thu 26 Mar 2026 00:00:58 +0000
Manifest this update:     Thu 26 Mar 2026 00:00:58 +0000
Manifest next update:     Fri 27 Mar 2026 00:00:58 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: frfETl1qkg3uXR83rJcPDqcnXm5qUfkfE41FF4mR1yc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 00:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:71:bc:d6:fc:2e:9a:3c:37:13:a3:c1:32:0e:81:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Mar 26 00:00:58 2026 GMT
            Not After : Mar 27 00:00:58 2026 GMT
        Subject: CN=22c1abed992a2b9a2d3b070c3483728565caf24c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:67:d3:86:69:c3:60:85:74:e8:f2:44:86:75:
                    ff:8e:49:88:26:81:1c:88:0f:0d:ea:40:39:ca:f0:
                    ec:95:e7:bf:41:b5:fd:5b:36:2e:bd:a3:3c:40:6f:
                    b6:09:50:a0:c5:c9:78:f5:b2:1d:aa:99:6f:6a:18:
                    a5:19:9d:63:87:40:f6:b2:80:21:18:98:6a:49:d5:
                    08:c0:af:84:e9:c2:b4:51:9e:08:b7:08:9b:f7:dd:
                    33:48:08:54:ec:7c:73:f5:fc:2f:bb:19:fd:54:d2:
                    7d:76:55:69:2e:10:db:b2:f0:69:e0:10:58:1e:b1:
                    b0:20:56:2f:08:34:63:ac:61:0d:4f:0c:0f:08:65:
                    9a:ab:2e:03:c6:8e:a3:78:e6:8f:65:91:0c:cc:e5:
                    8f:0f:9d:aa:34:1f:d3:f3:59:10:56:e9:a0:ad:9e:
                    f4:0a:ef:f7:d1:30:70:7a:c1:28:b5:c3:3c:66:c4:
                    a5:3f:c5:96:53:57:38:8a:dc:ad:03:9f:8e:d9:83:
                    8d:48:e4:31:2e:4e:81:16:6e:89:78:43:5a:ef:09:
                    04:14:03:c1:f3:09:ab:ba:d8:ce:41:b4:d5:b7:10:
                    44:d8:44:bc:88:8d:e4:91:aa:8d:e1:42:fd:5d:82:
                    d0:c1:7f:a9:b8:77:7f:50:22:c4:e4:3d:b2:34:43:
                    b8:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:C1:AB:ED:99:2A:2B:9A:2D:3B:07:0C:34:83:72:85:65:CA:F2:4C
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:e5:b5:11:95:66:8b:14:2c:e7:76:1f:3f:c9:2e:20:70:97:
         d2:8a:4f:5f:91:7b:3c:9b:65:25:80:e5:57:0c:f9:e0:be:47:
         64:65:4e:77:d1:4c:c0:d4:7c:8b:d4:60:d1:5e:64:2d:76:b7:
         58:84:01:c7:a9:a5:11:3a:fb:6b:5d:69:36:35:e5:8b:51:38:
         cd:fc:2f:4c:a1:2c:83:b5:d2:74:96:8c:9b:73:50:0d:09:d7:
         7a:1d:1a:af:ad:a9:2a:05:86:cb:94:22:62:d9:65:24:08:3b:
         6b:18:26:52:73:a6:57:bd:ae:a5:af:5d:3b:d2:45:2d:bf:2b:
         7e:f6:bf:98:54:0a:b9:37:9a:94:0c:a9:a6:48:3e:5e:81:4a:
         4d:53:41:26:fb:a8:9a:39:07:19:86:63:94:13:00:a6:e6:84:
         f3:01:c4:66:6f:da:62:40:59:b4:e6:b4:f2:7b:54:16:b7:ab:
         57:32:4c:bc:65:b9:db:fc:83:b8:80:29:58:bc:bc:96:bc:1f:
         28:30:bb:d6:50:20:c7:b6:49:98:20:29:b2:9c:83:43:ca:6e:
         bd:9f:2e:c6:45:a0:ef:0b:2f:dc:26:51:d9:7c:a1:59:a0:11:
         71:eb:57:d1:63:87:56:a9:01:9b:9a:f8:0c:33:7b:40:9d:13:
         47:34:92:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncbzW/C6aPDcTo8EyDoE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjYwMzI2MDAwMDU4WhcNMjYwMzI3MDAwMDU4WjAzMTEwLwYDVQQD
EygyMmMxYWJlZDk5MmEyYjlhMmQzYjA3MGMzNDgzNzI4NTY1Y2FmMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WfThmnDYIV06PJEhnX/jkmIJoEc
iA8N6kA5yvDslee/QbX9WzYuvaM8QG+2CVCgxcl49bIdqplvahilGZ1jh0D2soAh
GJhqSdUIwK+E6cK0UZ4Itwib990zSAhU7Hxz9fwvuxn9VNJ9dlVpLhDbsvBp4BBY
HrGwIFYvCDRjrGENTwwPCGWaqy4Dxo6jeOaPZZEMzOWPD52qNB/T81kQVumgrZ70
Cu/30TBwesEotcM8ZsSlP8WWU1c4itytA5+O2YONSOQxLk6BFm6JeENa7wkEFAPB
8wmrutjOQbTVtxBE2ES8iI3kkaqN4UL9XYLQwX+puHd/UCLE5D2yNEO4uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLBq+2ZKiuaLTsHDDSDcoVlyvJMMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqeW1EZVm
ixQs53YfP8kuIHCX0opPX5F7PJtlJYDlVwz54L5HZGVOd9FMwNR8i9Rg0V5kLXa3
WIQBx6mlETr7a11pNjXli1E4zfwvTKEsg7XSdJaMm3NQDQnXeh0ar62pKgWGy5Qi
YtllJAg7axgmUnOmV72upa9dO9JFLb8rfva/mFQKuTealAyppkg+XoFKTVNBJvuo
mjkHGYZjlBMApuaE8wHEZm/aYkBZtOa08ntUFrerVzJMvGW52/yDuIApWLy8lrwf
KDC71lAgx7ZJmCApspyDQ8puvZ8uxkWg7wsv3CZR2XyhWaARcetX0WOHVqkBm5r4
DDN7QJ0TRzSSvw==
-----END CERTIFICATE-----