Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          FamIuvnS5OlBaKHB2ZoZbK01+MboEVnqh9y8z9ZWg9E=
Subject key identifier:   B6:12:28:76:BC:0A:2A:B2:D1:C5:05:AC:02:8C:F9:58:19:67:3F:FB
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       019CACEBD9FD4199C1E4922553523E501F78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          0618
Signing time:             Mon 02 Mar 2026 05:01:03 +0000
Manifest this update:     Mon 02 Mar 2026 05:01:03 +0000
Manifest next update:     Tue 03 Mar 2026 05:01:03 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: 46lFPempaFbPzBsGV2eN8AO7UZYi6tS7WKq2RXK+ILI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 05:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:eb:d9:fd:41:99:c1:e4:92:25:53:52:3e:50:1f:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Mar  2 05:01:03 2026 GMT
            Not After : Mar  3 05:01:03 2026 GMT
        Subject: CN=b6122876bc0a2ab2d1c505ac028cf95819673ffb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:72:91:c2:e5:c5:d6:71:6d:97:a9:ac:60:df:
                    da:e6:7e:53:84:b4:37:57:3c:45:0b:fb:80:2d:e3:
                    b5:6f:7a:fd:f0:08:f1:a4:0a:85:1b:28:61:61:50:
                    4a:5e:7b:15:d6:e9:6a:80:81:fb:7c:8e:92:44:c2:
                    27:a4:2b:de:65:60:39:3a:2d:de:4e:ed:b3:e3:41:
                    dd:82:af:88:4d:4f:44:2c:38:54:e4:3a:11:03:97:
                    f9:3c:11:67:e6:43:38:ff:8d:ab:c1:78:3f:45:76:
                    e8:ca:1b:73:3b:23:74:1e:d2:54:9f:f2:aa:e9:5d:
                    52:74:10:59:b7:33:84:3d:bc:50:08:03:9e:fa:ff:
                    ec:bf:4c:d1:72:e2:0b:ac:c8:80:a3:d5:12:cb:0a:
                    9d:29:d0:5a:b5:77:83:71:a4:b3:c6:a0:9f:44:15:
                    22:4b:83:69:0a:7f:65:07:ac:a6:c2:38:ba:6a:05:
                    97:ee:e8:c1:74:61:ab:d8:9d:d3:b1:f9:56:b3:c3:
                    20:c3:48:74:34:25:b2:85:3e:5e:4a:df:d9:2e:95:
                    8d:46:1b:bd:14:5c:7e:6d:25:63:aa:55:d4:b1:f2:
                    be:c8:28:f5:68:40:7b:86:05:49:21:fe:bf:71:11:
                    eb:2b:59:b8:1c:d2:bc:b3:6c:80:73:48:f2:02:c1:
                    82:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:12:28:76:BC:0A:2A:B2:D1:C5:05:AC:02:8C:F9:58:19:67:3F:FB
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:94:38:2a:ac:6d:33:bd:f7:5d:9c:0a:53:d2:65:1b:c0:3d:
         c8:fe:9c:5f:0c:08:ab:f7:4c:46:d1:fa:0f:65:33:06:88:43:
         3c:dd:0e:cf:21:f8:ce:0b:31:a1:9b:5b:ee:60:75:41:9e:d6:
         e9:60:e9:ce:36:9e:44:06:8c:e5:42:31:99:d5:79:be:98:a1:
         d1:53:4e:59:0d:0d:57:65:02:8d:87:cf:b4:c2:38:31:80:ec:
         fc:01:f8:1f:3c:00:72:39:85:62:a9:af:e6:39:c8:55:83:05:
         ae:77:ed:4a:a2:07:dc:98:cf:d3:38:74:01:51:ce:84:40:51:
         25:28:5a:5c:68:ed:88:f6:75:84:6b:12:05:1c:00:55:e3:e6:
         24:11:24:73:d4:21:13:35:1a:1b:d2:6c:32:2c:b2:ab:8d:92:
         8e:c7:f9:17:19:e7:b7:34:af:9d:22:13:fd:31:b4:fd:38:cc:
         59:af:47:2e:af:15:5e:63:be:20:58:96:be:c2:53:bf:87:cc:
         de:04:40:29:ce:b0:cf:f8:3b:3f:e8:1c:b4:16:c6:a2:63:d2:
         82:1f:01:69:44:8d:c2:1f:70:f4:94:44:3a:f2:15:cc:3b:28:
         fd:c0:50:63:d9:32:34:26:fd:ab:b7:fa:32:fa:a6:b2:8a:9f:
         da:c1:9e:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys69n9QZnB5JIlU1I+UB94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjYwMzAyMDUwMTAzWhcNMjYwMzAzMDUwMTAzWjAzMTEwLwYDVQQD
EyhiNjEyMjg3NmJjMGEyYWIyZDFjNTA1YWMwMjhjZjk1ODE5NjczZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnKRwuXF1nFtl6msYN/a5n5ThLQ3
VzxFC/uALeO1b3r98AjxpAqFGyhhYVBKXnsV1ulqgIH7fI6SRMInpCveZWA5Oi3e
Tu2z40Hdgq+ITU9ELDhU5DoRA5f5PBFn5kM4/42rwXg/RXboyhtzOyN0HtJUn/Kq
6V1SdBBZtzOEPbxQCAOe+v/sv0zRcuILrMiAo9USywqdKdBatXeDcaSzxqCfRBUi
S4NpCn9lB6ymwji6agWX7ujBdGGr2J3TsflWs8Mgw0h0NCWyhT5eSt/ZLpWNRhu9
FFx+bSVjqlXUsfK+yCj1aEB7hgVJIf6/cRHrK1m4HNK8s2yAc0jyAsGC5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYSKHa8Ciqy0cUFrAKM+VgZZz/7MB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARpQ4Kqxt
M733XZwKU9JlG8A9yP6cXwwIq/dMRtH6D2UzBohDPN0OzyH4zgsxoZtb7mB1QZ7W
6WDpzjaeRAaM5UIxmdV5vpih0VNOWQ0NV2UCjYfPtMI4MYDs/AH4HzwAcjmFYqmv
5jnIVYMFrnftSqIH3JjP0zh0AVHOhEBRJShaXGjtiPZ1hGsSBRwAVePmJBEkc9Qh
EzUaG9JsMiyyq42Sjsf5FxnntzSvnSIT/TG0/TjMWa9HLq8VXmO+IFiWvsJTv4fM
3gRAKc6wz/g7P+gctBbGomPSgh8BaUSNwh9w9JREOvIVzDso/cBQY9kyNCb9q7f6
Mvqmsoqf2sGeDg==
-----END CERTIFICATE-----