Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          JUImo8P1gw/Kds3QOE1bxhD6Hxr3RwqhWJv7yz+GoMo=
Subject key identifier:   84:9B:46:D1:AB:D7:25:6F:2B:28:78:68:9E:ED:B1:AA:00:F3:AF:B9
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       019CACB48D73770696AEF8C6CA149E81A410
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          099C
Signing time:             Mon 02 Mar 2026 04:00:39 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:39 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:39 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: TxSf0f8pqNYRBlYCLW4fzG9CZqozbOKEpqDszykQLek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:8d:73:77:06:96:ae:f8:c6:ca:14:9e:81:a4:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Mar  2 04:00:39 2026 GMT
            Not After : Mar  3 04:00:39 2026 GMT
        Subject: CN=849b46d1abd7256f2b2878689eedb1aa00f3afb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2c:b9:fc:81:74:d5:40:91:2c:07:0b:34:4c:
                    b7:7f:df:c5:40:cf:af:89:c9:b3:6e:e0:6d:10:0b:
                    10:ce:d4:76:51:84:a3:94:60:a1:c7:21:3e:67:20:
                    4c:3a:7c:e2:85:2a:2c:cc:9a:56:68:f0:35:de:1c:
                    39:e2:f5:4d:6f:2b:46:5f:35:8f:91:14:ba:3f:98:
                    72:e9:52:fc:91:b2:c9:61:cd:f2:40:9c:e3:90:c5:
                    94:e6:d9:8a:d1:e8:64:fa:6e:34:24:de:64:e2:1d:
                    af:45:79:e6:00:17:9f:57:be:88:46:a1:28:45:3f:
                    9b:2f:2b:84:89:8c:47:cf:ea:05:a2:eb:6f:ee:7d:
                    1b:22:57:6a:ea:9f:e9:78:4f:2f:d5:7f:57:72:0f:
                    c1:62:cc:de:31:23:0a:12:0e:1a:e4:f3:30:47:d7:
                    89:02:93:46:07:d1:53:94:dc:e7:12:15:bc:8f:83:
                    31:13:4e:5b:70:4a:26:a6:35:64:dc:e7:23:33:75:
                    55:3b:de:6a:72:75:91:e1:d1:c6:38:80:10:02:ba:
                    ef:18:7f:e6:0e:80:ef:ba:41:a5:38:92:80:ae:d1:
                    1a:43:e2:b0:2f:9a:fd:90:21:50:a6:a6:ad:a6:e2:
                    56:7f:a3:d1:0a:2f:77:81:2c:23:8a:19:cb:9a:39:
                    1e:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:9B:46:D1:AB:D7:25:6F:2B:28:78:68:9E:ED:B1:AA:00:F3:AF:B9
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:14:38:28:ab:7a:c6:19:af:b8:b6:c8:4b:64:5c:62:28:4e:
         23:cc:f3:4c:6e:fe:ae:89:6c:21:08:a9:81:a3:f8:ab:13:94:
         7f:24:c1:3e:18:bc:b3:54:2c:02:6d:17:08:7f:3a:98:25:e8:
         92:12:f6:bb:4d:f8:2c:e5:87:e1:0b:50:d2:69:1f:21:95:ad:
         a7:c6:a8:6e:df:7a:63:70:81:ed:56:d9:6f:73:72:3a:ee:2a:
         ea:7d:af:30:7b:fd:e5:b9:86:9a:a7:2d:30:30:6f:eb:c5:1b:
         ca:b5:8f:4b:f1:fd:f7:e1:4f:63:68:cd:db:08:a1:07:9a:fc:
         a1:47:31:69:4b:bc:01:44:b8:b1:32:41:3c:a4:37:40:74:5d:
         81:56:43:a4:43:9d:c2:3d:6c:3d:99:71:6b:1c:f9:74:9d:ef:
         a3:81:22:8e:f7:48:37:23:0a:47:59:e3:b5:d8:6e:0a:8d:42:
         70:00:81:61:55:50:e4:fe:00:68:fa:ca:8c:ca:a7:41:ff:93:
         94:58:71:75:1a:3b:b5:34:b7:00:25:2b:3d:e7:c3:8b:f2:4b:
         f2:e3:46:0c:9d:80:1b:03:2f:71:3c:ed:0d:0e:59:ef:ee:1c:
         fd:79:94:e6:88:98:2a:15:ae:db:17:63:3f:f5:36:e8:70:0d:
         35:8c:e5:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystI1zdwaWrvjGyhSegaQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjYwMzAyMDQwMDM5WhcNMjYwMzAzMDQwMDM5WjAzMTEwLwYDVQQD
Eyg4NDliNDZkMWFiZDcyNTZmMmIyODc4Njg5ZWVkYjFhYTAwZjNhZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Sy5/IF01UCRLAcLNEy3f9/FQM+v
icmzbuBtEAsQztR2UYSjlGChxyE+ZyBMOnzihSoszJpWaPA13hw54vVNbytGXzWP
kRS6P5hy6VL8kbLJYc3yQJzjkMWU5tmK0ehk+m40JN5k4h2vRXnmABefV76IRqEo
RT+bLyuEiYxHz+oFoutv7n0bIldq6p/peE8v1X9Xcg/BYszeMSMKEg4a5PMwR9eJ
ApNGB9FTlNznEhW8j4MxE05bcEompjVk3OcjM3VVO95qcnWR4dHGOIAQArrvGH/m
DoDvukGlOJKArtEaQ+KwL5r9kCFQpqatpuJWf6PRCi93gSwjihnLmjkeoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISbRtGr1yVvKyh4aJ7tsaoA86+5MB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAixQ4KKt6
xhmvuLbIS2RcYihOI8zzTG7+rolsIQipgaP4qxOUfyTBPhi8s1QsAm0XCH86mCXo
khL2u034LOWH4QtQ0mkfIZWtp8aobt96Y3CB7VbZb3NyOu4q6n2vMHv95bmGmqct
MDBv68UbyrWPS/H99+FPY2jN2wihB5r8oUcxaUu8AUS4sTJBPKQ3QHRdgVZDpEOd
wj1sPZlxaxz5dJ3vo4EijvdINyMKR1njtdhuCo1CcACBYVVQ5P4AaPrKjMqnQf+T
lFhxdRo7tTS3ACUrPefDi/JL8uNGDJ2AGwMvcTztDQ5Z7+4c/XmU5oiYKhWu2xdj
P/U26HANNYzlIw==
-----END CERTIFICATE-----