Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
File:                     RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json)
Hash identifier:          aHy39u3OvOFcZe/49SpbGkNi8oDqCjTN97D+mYmtDAU=
Subject key identifier:   73:C2:7E:64:81:B3:3D:12:33:7B:BD:B9:82:3C:E2:AA:E0:07:47:8A
Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC
Certificate issuer:       /CN=459ccc1bb01160686806db35a93351b21b3e60dc
Certificate serial:       019CAAC66C34C8A96D460818F3629D2FECA9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
Manifest number:          15BB
Signing time:             Sun 01 Mar 2026 19:00:56 +0000
Manifest this update:     Sun 01 Mar 2026 19:00:56 +0000
Manifest next update:     Mon 02 Mar 2026 19:00:56 +0000
Files and hashes:         1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: U+OFE69cjSpyo+Y/+yf9+64hzWTdAPD4XykYOyyuKe8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 19:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:6c:34:c8:a9:6d:46:08:18:f3:62:9d:2f:ec:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc
        Validity
            Not Before: Mar  1 19:00:56 2026 GMT
            Not After : Mar  2 19:00:56 2026 GMT
        Subject: CN=73c27e6481b33d12337bbdb9823ce2aae007478a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f2:9e:f7:5f:38:7b:4f:42:f7:82:65:e8:8e:
                    b9:6c:d5:6b:66:e4:ce:da:8a:55:4f:0c:8e:8f:52:
                    8a:42:1b:60:ba:e3:42:9c:dd:34:7d:4a:25:64:23:
                    40:40:f8:02:91:ef:ec:3d:87:94:c9:c1:86:8d:7e:
                    79:11:a4:eb:62:2b:36:51:b5:5a:2d:6f:e8:c2:94:
                    df:0a:2f:cc:be:b2:2d:35:a2:af:9e:65:c2:26:48:
                    ac:32:2c:03:db:2b:78:57:f3:6c:8c:06:20:f1:61:
                    17:41:17:39:73:fe:e9:44:13:17:7f:57:65:8c:37:
                    70:cc:48:5b:f9:0f:ef:fe:f1:72:da:91:3f:c8:70:
                    39:98:5b:bb:cc:02:fc:85:53:81:a8:19:28:40:d0:
                    8d:95:ac:6d:c1:6f:1b:48:ce:4f:70:63:9c:f7:5e:
                    2a:f9:4b:3d:5e:0e:26:60:40:7b:ce:6b:7e:65:4e:
                    ad:b0:dd:dd:75:d4:1d:43:0f:f7:8f:06:56:ea:3b:
                    e2:02:61:5e:b1:2b:d1:b5:f6:98:c5:50:5e:f2:52:
                    31:a2:4e:d8:1f:eb:ae:89:21:c4:31:35:6f:98:56:
                    85:f9:a9:ff:56:f9:41:fa:d8:a4:c3:2d:3e:97:a0:
                    03:53:8b:bc:d9:2d:a2:0a:07:da:74:31:73:58:fc:
                    11:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C2:7E:64:81:B3:3D:12:33:7B:BD:B9:82:3C:E2:AA:E0:07:47:8A
            X509v3 Authority Key Identifier:
                keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:4a:2b:3c:7c:3a:d1:c2:04:91:31:53:3b:d7:21:87:3c:2a:
         ba:4f:de:e3:58:61:5c:85:98:46:8a:7d:3e:80:05:e8:41:5f:
         a1:3d:37:fc:22:cb:a6:76:e8:7e:98:d0:84:f0:95:97:56:02:
         74:22:dd:79:d4:f2:99:7d:56:92:0c:ce:4c:b4:06:78:89:37:
         ae:98:86:c3:91:71:ec:03:e4:aa:c8:ee:ea:d1:d1:05:0e:6b:
         d6:c2:49:8c:ab:8a:15:b9:f5:02:ad:9f:43:22:eb:c1:fb:e4:
         96:95:00:6d:65:26:88:bd:f0:4d:2f:7e:3d:36:8a:16:f3:58:
         47:69:b1:06:be:14:30:f9:ec:cc:f7:fb:72:16:5a:89:92:35:
         bb:9b:d8:e5:d9:bb:26:aa:a3:dd:1e:e3:a9:df:00:b3:93:52:
         20:7c:dc:96:d8:e2:28:05:e4:a9:6a:84:a7:20:bc:30:36:4d:
         61:f7:76:0e:d5:28:3c:31:ff:41:0b:41:d5:be:f3:0b:f9:68:
         2b:14:d6:94:e5:fa:40:5a:32:af:bd:ce:a5:45:36:d0:dc:d5:
         9d:1b:b9:2b:9f:22:10:fd:81:69:fa:16:dd:ea:1b:fd:a8:2a:
         4f:f7:18:2c:5d:8b:7a:47:d3:12:a0:a0:fd:5e:5a:32:06:07:
         da:c6:79:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxmw0yKltRggY82KdL+ypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz
ZTYwZGMwHhcNMjYwMzAxMTkwMDU2WhcNMjYwMzAyMTkwMDU2WjAzMTEwLwYDVQQD
Eyg3M2MyN2U2NDgxYjMzZDEyMzM3YmJkYjk4MjNjZTJhYWUwMDc0NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPKe9184e09C94Jl6I65bNVrZuTO
2opVTwyOj1KKQhtguuNCnN00fUolZCNAQPgCke/sPYeUycGGjX55EaTrYis2UbVa
LW/owpTfCi/MvrItNaKvnmXCJkisMiwD2yt4V/NsjAYg8WEXQRc5c/7pRBMXf1dl
jDdwzEhb+Q/v/vFy2pE/yHA5mFu7zAL8hVOBqBkoQNCNlaxtwW8bSM5PcGOc914q
+Us9Xg4mYEB7zmt+ZU6tsN3dddQdQw/3jwZW6jviAmFesSvRtfaYxVBe8lIxok7Y
H+uuiSHEMTVvmFaF+an/VvlB+tikwy0+l6ADU4u82S2iCgfadDFzWPwRQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHPCfmSBsz0SM3u9uYI84qrgB0eKMB8GA1UdIwQY
MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt
NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk
LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb0orPHw6
0cIEkTFTO9chhzwquk/e41hhXIWYRop9PoAF6EFfoT03/CLLpnbofpjQhPCVl1YC
dCLdedTymX1WkgzOTLQGeIk3rpiGw5Fx7APkqsju6tHRBQ5r1sJJjKuKFbn1Aq2f
QyLrwfvklpUAbWUmiL3wTS9+PTaKFvNYR2mxBr4UMPnszPf7chZaiZI1u5vY5dm7
Jqqj3R7jqd8As5NSIHzcltjiKAXkqWqEpyC8MDZNYfd2DtUoPDH/QQtB1b7zC/lo
KxTWlOX6QFoyr73OpUU20NzVnRu5K58iEP2BafoW3eob/agqT/cYLF2LekfTEqCg
/V5aMgYH2sZ5Gg==
-----END CERTIFICATE-----