Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          hRXh0yAsGqEP7jHUBlyUwpX9pZKJn6+JFwirl4y0aQI=
Subject key identifier:   5D:E9:26:BD:43:3C:27:33:89:AA:20:CC:AB:C7:60:8C:5E:27:20:2F
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       019D996243BA59EB3DE8D3C01A546599AF05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          0D4F
Signing time:             Fri 17 Apr 2026 03:00:46 +0000
Manifest this update:     Fri 17 Apr 2026 03:00:46 +0000
Manifest next update:     Sat 18 Apr 2026 03:00:46 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: mdKALo1OFc16d2fdaM65QyUuv0bXvnNhOd4pTmv+JBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 03:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:62:43:ba:59:eb:3d:e8:d3:c0:1a:54:65:99:af:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Apr 17 03:00:46 2026 GMT
            Not After : Apr 18 03:00:46 2026 GMT
        Subject: CN=5de926bd433c273389aa20ccabc7608c5e27202f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ae:93:eb:e8:ad:d1:58:f9:a5:c4:aa:0a:14:
                    f1:b5:51:25:e8:df:df:41:c6:c2:40:06:1b:54:65:
                    48:29:d4:d2:d4:1d:57:b9:c7:89:a9:ed:5e:e8:e8:
                    1d:ba:ce:c5:b9:13:f6:ee:f8:2a:4b:8c:17:1c:d7:
                    87:7b:5b:4b:8f:2d:b4:08:97:2d:b7:32:c0:e3:3d:
                    97:80:42:57:7a:c9:55:74:88:d4:8c:29:79:38:91:
                    37:7b:48:6f:83:3f:09:57:38:36:eb:6c:2f:da:a2:
                    78:68:35:47:f0:53:65:e3:a8:f9:4e:14:a3:a8:78:
                    90:b2:41:78:24:6b:ac:14:ad:50:c9:85:57:6e:3f:
                    89:61:44:c9:84:9e:89:99:d8:36:25:b3:39:96:9e:
                    4b:97:f5:42:a8:8d:7a:e7:4d:cd:6a:db:50:31:20:
                    ea:2e:c8:90:78:aa:c1:b7:8d:33:79:ff:e7:fc:a6:
                    dd:cd:e0:48:ca:0e:23:1c:86:69:c6:5c:9c:16:a7:
                    b1:65:7f:bc:c3:71:7d:14:77:e1:8b:7a:08:88:96:
                    9e:d9:15:f5:b9:bb:c1:18:ff:17:83:8c:b2:c8:6a:
                    46:a6:eb:ad:3d:85:9c:f7:36:af:bb:8b:2f:c6:7b:
                    f9:a4:d4:d9:57:d9:71:c3:05:a0:c9:c7:87:30:d9:
                    07:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:E9:26:BD:43:3C:27:33:89:AA:20:CC:AB:C7:60:8C:5E:27:20:2F
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:0b:5e:33:a1:00:f6:b3:e0:7e:fa:63:5d:51:4f:36:1d:c4:
         cf:8e:f8:45:3a:1c:95:5b:13:6c:db:29:2c:84:21:58:f9:5b:
         5f:7b:20:5b:9d:f5:62:28:2d:20:78:1f:39:d6:7c:31:fc:71:
         34:91:e3:8f:e3:41:0e:65:08:fa:d6:57:bf:84:0b:16:70:fc:
         bb:34:ec:81:7f:22:96:40:b5:83:d5:06:bb:a2:6c:ed:37:aa:
         03:35:15:59:e4:57:e5:d8:e3:91:f1:a4:e0:fb:8f:0d:3e:0a:
         c9:0f:cc:d3:8f:d2:6a:03:f4:c0:18:23:4c:44:44:ea:e0:24:
         c2:91:ca:c7:93:79:68:4d:84:cf:6c:4e:31:3f:5d:78:7c:4e:
         94:be:e2:a3:57:f1:87:11:6b:da:28:c0:88:86:6e:29:02:de:
         20:69:c7:0a:6c:04:69:1f:e1:3e:7e:f4:1e:90:db:96:d8:24:
         6b:ff:a1:cb:fc:69:39:17:3d:98:62:54:60:8a:f6:0b:31:24:
         9b:fc:0f:18:a0:ce:0a:26:9d:25:ae:39:62:55:3d:6b:8e:26:
         9d:73:07:ef:7a:b9:6c:90:61:1f:22:53:32:70:6d:de:7e:94:
         40:5c:9f:0e:26:bf:e3:2a:2f:de:14:c9:21:98:3b:cb:1e:32:
         1b:d1:17:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2ZYkO6Wes96NPAGlRlma8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjYwNDE3MDMwMDQ2WhcNMjYwNDE4MDMwMDQ2WjAzMTEwLwYDVQQD
Eyg1ZGU5MjZiZDQzM2MyNzMzODlhYTIwY2NhYmM3NjA4YzVlMjcyMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz66T6+it0Vj5pcSqChTxtVEl6N/f
QcbCQAYbVGVIKdTS1B1XuceJqe1e6Ogdus7FuRP27vgqS4wXHNeHe1tLjy20CJct
tzLA4z2XgEJXeslVdIjUjCl5OJE3e0hvgz8JVzg262wv2qJ4aDVH8FNl46j5ThSj
qHiQskF4JGusFK1QyYVXbj+JYUTJhJ6Jmdg2JbM5lp5Ll/VCqI16503NattQMSDq
LsiQeKrBt40zef/n/KbdzeBIyg4jHIZpxlycFqexZX+8w3F9FHfhi3oIiJae2RX1
ubvBGP8Xg4yyyGpGpuutPYWc9zavu4svxnv5pNTZV9lxwwWgyceHMNkHmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF3pJr1DPCcziaogzKvHYIxeJyAvMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqwteM6EA
9rPgfvpjXVFPNh3Ez474RToclVsTbNspLIQhWPlbX3sgW531YigtIHgfOdZ8Mfxx
NJHjj+NBDmUI+tZXv4QLFnD8uzTsgX8ilkC1g9UGu6Js7TeqAzUVWeRX5djjkfGk
4PuPDT4KyQ/M04/SagP0wBgjTERE6uAkwpHKx5N5aE2Ez2xOMT9deHxOlL7io1fx
hxFr2ijAiIZuKQLeIGnHCmwEaR/hPn70HpDbltgka/+hy/xpORc9mGJUYIr2CzEk
m/wPGKDOCiadJa45YlU9a44mnXMH73q5bJBhHyJTMnBt3n6UQFyfDia/4yov3hTJ
IZg7yx4yG9EXGQ==
-----END CERTIFICATE-----