Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/c02c5c-ea17-4893-85e0-0205460e8990/1/BWxm1F_n4vNVmVcqd2sSdk3GmgE.mft
File:                     BWxm1F_n4vNVmVcqd2sSdk3GmgE.mft (raw, json)
Hash identifier:          ib4RoK2JtpcPAIOL/5VqOgbESH5fe/5MIRcaKdM/vIs=
Subject key identifier:   F0:79:B4:4D:27:91:CA:E8:67:C7:93:21:88:F5:B6:6E:3D:FC:15:0B
Authority key identifier: 05:6C:66:D4:5F:E7:E2:F3:55:99:57:2A:77:6B:12:76:4D:C6:9A:01
Certificate issuer:       /CN=056c66d45fe7e2f35599572a776b12764dc69a01
Certificate serial:       019D2996E670FBB3A73610F84C777701AEC7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BWxm1F_n4vNVmVcqd2sSdk3GmgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/c02c5c-ea17-4893-85e0-0205460e8990/1/BWxm1F_n4vNVmVcqd2sSdk3GmgE.mft
Manifest number:          028D
Signing time:             Thu 26 Mar 2026 10:00:48 +0000
Manifest this update:     Thu 26 Mar 2026 10:00:48 +0000
Manifest next update:     Fri 27 Mar 2026 10:00:48 +0000
Files and hashes:         1: BWxm1F_n4vNVmVcqd2sSdk3GmgE.crl (hash: QMll/MY42whoPXYAXYDYGf7wDb/iJpydWGHjBfYZw5o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/c02c5c-ea17-4893-85e0-0205460e8990/1/BWxm1F_n4vNVmVcqd2sSdk3GmgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/c02c5c-ea17-4893-85e0-0205460e8990/1/BWxm1F_n4vNVmVcqd2sSdk3GmgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BWxm1F_n4vNVmVcqd2sSdk3GmgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 27 Mar 2026 09:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:29:96:e6:70:fb:b3:a7:36:10:f8:4c:77:77:01:ae:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=056c66d45fe7e2f35599572a776b12764dc69a01
        Validity
            Not Before: Mar 26 10:00:48 2026 GMT
            Not After : Mar 27 10:00:48 2026 GMT
        Subject: CN=f079b44d2791cae867c7932188f5b66e3dfc150b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:dc:58:c1:39:a8:20:f1:74:13:7d:6f:7b:f2:
                    37:1e:06:77:e6:0a:90:f9:64:e6:cc:d2:19:38:a8:
                    74:f1:2b:e7:22:f6:c8:20:2e:9a:db:90:73:d6:88:
                    a9:aa:ed:ef:00:e9:8b:dd:38:5c:29:74:e5:4a:8d:
                    ac:34:0d:46:08:36:8f:81:92:5f:d1:b0:ff:a2:23:
                    24:06:40:6a:4c:bb:4e:33:0c:74:69:20:97:7a:c3:
                    7e:68:6a:1a:10:43:4c:f4:0b:78:57:31:be:0c:5a:
                    f7:92:bc:a8:66:ea:df:2c:af:c8:30:88:f0:e8:86:
                    4e:77:6b:d9:18:12:25:6f:5b:c6:cf:e3:65:50:1e:
                    78:a5:69:94:34:77:30:bf:3d:a7:47:99:6e:c7:20:
                    e4:e8:5c:1f:54:ff:f0:ca:06:6b:14:6b:c5:1f:c6:
                    1c:0f:0a:c9:c7:7d:d0:96:41:6f:15:75:2a:f2:92:
                    fd:d3:63:85:7e:12:1e:5f:68:32:c3:b9:bc:d4:26:
                    49:6d:05:33:00:ce:f6:76:c9:7e:ed:c4:96:f8:63:
                    95:1c:39:36:93:2a:9d:82:39:55:a2:9e:a4:f4:ac:
                    88:e1:ab:38:33:f6:e6:bc:96:54:71:22:7d:35:8c:
                    c4:55:f0:cf:e5:48:d2:d7:26:b0:91:75:4f:41:c3:
                    9e:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:79:B4:4D:27:91:CA:E8:67:C7:93:21:88:F5:B6:6E:3D:FC:15:0B
            X509v3 Authority Key Identifier:
                keyid:05:6C:66:D4:5F:E7:E2:F3:55:99:57:2A:77:6B:12:76:4D:C6:9A:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWxm1F_n4vNVmVcqd2sSdk3GmgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/c02c5c-ea17-4893-85e0-0205460e8990/1/BWxm1F_n4vNVmVcqd2sSdk3GmgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/c02c5c-ea17-4893-85e0-0205460e8990/1/BWxm1F_n4vNVmVcqd2sSdk3GmgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:7b:3a:82:e8:cf:34:a2:23:cd:fe:44:6f:56:13:d7:64:90:
         02:06:22:42:d2:53:39:ff:c4:d4:28:65:6e:79:ce:d1:5b:6a:
         29:0c:39:55:4b:16:52:b4:62:05:71:b8:00:6f:48:d7:6f:8c:
         3b:4c:a3:23:e8:26:1b:7c:aa:da:1b:cf:59:03:f8:9d:35:f5:
         7c:01:ed:37:fe:c6:3f:68:19:38:a4:bb:12:91:60:0f:5c:da:
         af:81:4c:11:43:77:19:cf:91:7a:1a:7d:1a:a2:3e:1e:6d:12:
         9e:46:29:80:f3:4a:b9:81:4f:5b:dd:f3:d0:86:36:0b:76:1c:
         90:fd:f8:f4:da:66:99:03:c8:66:0c:1c:f8:81:70:1e:34:52:
         c2:40:0c:60:86:95:e4:7a:da:ca:bb:57:23:76:0b:06:65:13:
         75:c1:e3:ad:93:5d:f0:e4:bd:d7:3f:cb:98:a9:ee:e5:79:21:
         a6:a9:2a:9f:c7:4a:94:84:f1:9a:b6:96:eb:b0:43:98:8e:d6:
         34:eb:25:96:2d:b8:ed:a9:09:4c:5f:4e:a0:8d:0a:27:fe:2e:
         e5:7c:f9:32:6a:3f:fe:7d:18:02:b4:70:f4:59:03:cc:e8:e0:
         ab:42:47:c9:d2:3d:59:b6:10:24:0b:c1:3f:e4:1d:43:e2:82:
         a9:64:55:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pluZw+7OnNhD4THd3Aa7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NmM2NmQ0NWZlN2UyZjM1NTk5NTcyYTc3NmIxMjc2NGRj
NjlhMDEwHhcNMjYwMzI2MTAwMDQ4WhcNMjYwMzI3MTAwMDQ4WjAzMTEwLwYDVQQD
EyhmMDc5YjQ0ZDI3OTFjYWU4NjdjNzkzMjE4OGY1YjY2ZTNkZmMxNTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdxYwTmoIPF0E31ve/I3HgZ35gqQ
+WTmzNIZOKh08SvnIvbIIC6a25Bz1oipqu3vAOmL3ThcKXTlSo2sNA1GCDaPgZJf
0bD/oiMkBkBqTLtOMwx0aSCXesN+aGoaEENM9At4VzG+DFr3kryoZurfLK/IMIjw
6IZOd2vZGBIlb1vGz+NlUB54pWmUNHcwvz2nR5luxyDk6FwfVP/wygZrFGvFH8Yc
DwrJx33QlkFvFXUq8pL902OFfhIeX2gyw7m81CZJbQUzAM72dsl+7cSW+GOVHDk2
kyqdgjlVop6k9KyI4as4M/bmvJZUcSJ9NYzEVfDP5UjS1yawkXVPQcOesQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPB5tE0nkcroZ8eTIYj1tm49/BULMB8GA1UdIwQY
MBaAFAVsZtRf5+LzVZlXKndrEnZNxpoBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQld4bTFGX240dk5WbVZjcWQyc1NkazNHbWdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9jMDJjNWMtZWExNy00ODkzLTg1ZTAt
MDIwNTQ2MGU4OTkwLzEvQld4bTFGX240dk5WbVZjcWQyc1NkazNHbWdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9jMDJjNWMtZWExNy00ODkzLTg1ZTAtMDIwNTQ2MGU4OTkw
LzEvQld4bTFGX240dk5WbVZjcWQyc1NkazNHbWdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXs6gujP
NKIjzf5Eb1YT12SQAgYiQtJTOf/E1ChlbnnO0VtqKQw5VUsWUrRiBXG4AG9I12+M
O0yjI+gmG3yq2hvPWQP4nTX1fAHtN/7GP2gZOKS7EpFgD1zar4FMEUN3Gc+Rehp9
GqI+Hm0SnkYpgPNKuYFPW93z0IY2C3YckP349NpmmQPIZgwc+IFwHjRSwkAMYIaV
5HrayrtXI3YLBmUTdcHjrZNd8OS91z/LmKnu5Xkhpqkqn8dKlITxmraW67BDmI7W
NOslli247akJTF9OoI0KJ/4u5Xz5Mmo//n0YArRw9FkDzOjgq0JHydI9WbYQJAvB
P+QdQ+KCqWRVGg==
-----END CERTIFICATE-----