Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File:                     bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier:          7bucKvpml+1tGsqhMtpcGYH9mL1J3fddLGk5KAT28+U=
Subject key identifier:   47:29:D3:D0:AC:F6:2F:BE:B6:9B:98:B8:D7:B6:22:C9:EE:B9:1E:0E
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer:       /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial:       019CAB6B6E41E0372BA7126F3B8090F2861B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number:          0FD3
Signing time:             Sun 01 Mar 2026 22:01:10 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:10 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:10 +0000
Files and hashes:         1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: 0BMJ9u4UGq7pitaDBsrcawh4uQmuYlCjecbySItwvaM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:6e:41:e0:37:2b:a7:12:6f:3b:80:90:f2:86:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
        Validity
            Not Before: Mar  1 22:01:10 2026 GMT
            Not After : Mar  2 22:01:10 2026 GMT
        Subject: CN=4729d3d0acf62fbeb69b98b8d7b622c9eeb91e0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:b3:4a:c8:f8:e0:50:20:74:4e:46:ca:ca:4c:
                    d6:4e:e8:6e:1f:4d:af:5f:f8:f5:d0:e3:63:c7:6f:
                    c7:d7:44:f0:61:e4:7b:cb:01:13:20:5e:dc:64:a3:
                    8e:52:0a:d8:5c:2c:d6:75:20:e0:e9:f8:40:8b:dd:
                    c7:6c:72:96:40:cf:83:ff:c5:82:4e:83:e0:28:91:
                    34:d9:6e:f8:ba:b5:7a:03:ca:f4:2e:9c:68:ba:dc:
                    12:5f:ad:e2:31:35:ba:54:5a:f3:09:f9:0b:49:e6:
                    88:f4:27:d5:e0:ce:5b:e0:1b:f6:19:b8:41:65:17:
                    d8:33:a6:0a:e0:27:41:32:c8:7f:f9:d1:86:d9:d1:
                    9b:86:91:30:15:9c:4d:25:c8:f8:ab:6e:38:30:00:
                    c6:75:46:58:0d:b9:c1:3a:8d:92:90:26:d5:c6:8d:
                    ee:74:0d:34:de:db:05:a8:ad:ef:84:a4:f7:54:fe:
                    9c:7f:74:27:18:b6:b0:d1:48:bf:67:95:29:ff:86:
                    67:51:61:ae:76:2a:84:21:44:af:25:22:02:8a:4d:
                    10:bb:ac:35:50:44:5d:1e:b3:b3:6e:9f:2c:ba:85:
                    73:32:f1:9f:53:cc:fa:5c:6c:dc:ff:26:ba:a9:7c:
                    cc:83:49:e5:fd:fc:bc:5c:14:e1:e1:35:81:57:b0:
                    bb:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:29:D3:D0:AC:F6:2F:BE:B6:9B:98:B8:D7:B6:22:C9:EE:B9:1E:0E
            X509v3 Authority Key Identifier:
                keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:96:91:db:39:33:44:ec:c9:f0:ee:07:1d:75:fc:64:a3:5b:
         45:a0:40:ba:1a:25:e4:d9:33:ff:27:7f:7e:02:23:2c:79:f3:
         60:3d:14:35:c8:78:d3:f4:2e:5b:32:95:55:a4:9e:a8:86:93:
         40:00:84:89:2a:86:c3:55:ec:73:cb:c5:8b:77:67:0e:c0:14:
         ef:88:c5:29:dc:43:d3:6d:e7:41:8d:46:62:f1:b2:50:71:e8:
         7a:97:0b:3d:b3:23:01:f8:fa:63:c6:7c:ec:ca:f7:a1:21:91:
         b5:fb:4b:ae:ae:04:b6:17:60:8f:aa:d6:bc:63:26:8b:03:dd:
         06:d9:9f:95:9f:d5:91:52:ad:0e:8a:3e:a4:ab:06:2e:34:99:
         92:5a:7a:b0:4b:ce:0f:4c:99:54:0b:47:c1:b2:9b:cf:93:35:
         47:27:f2:8a:47:0c:a2:a6:26:68:99:b2:a8:e8:03:b8:d9:41:
         6f:3f:56:68:15:2b:b2:33:14:f5:12:58:e5:8e:34:6a:bc:20:
         a8:66:90:55:0a:bd:23:c4:50:70:35:1c:b0:a4:42:f4:cb:20:
         dc:58:c4:90:c0:5e:5c:15:43:29:84:60:c4:8b:25:8b:b9:bb:
         8e:75:30:b0:b0:43:e1:9b:82:75:b9:53:c9:29:38:84:1d:29:
         f0:e3:24:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra25B4DcrpxJvO4CQ8oYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjYwMzAxMjIwMTEwWhcNMjYwMzAyMjIwMTEwWjAzMTEwLwYDVQQD
Eyg0NzI5ZDNkMGFjZjYyZmJlYjY5Yjk4YjhkN2I2MjJjOWVlYjkxZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybNKyPjgUCB0TkbKykzWTuhuH02v
X/j10ONjx2/H10TwYeR7ywETIF7cZKOOUgrYXCzWdSDg6fhAi93HbHKWQM+D/8WC
ToPgKJE02W74urV6A8r0LpxoutwSX63iMTW6VFrzCfkLSeaI9CfV4M5b4Bv2GbhB
ZRfYM6YK4CdBMsh/+dGG2dGbhpEwFZxNJcj4q244MADGdUZYDbnBOo2SkCbVxo3u
dA003tsFqK3vhKT3VP6cf3QnGLaw0Ui/Z5Up/4ZnUWGudiqEIUSvJSICik0Qu6w1
UERdHrOzbp8suoVzMvGfU8z6XGzc/ya6qXzMg0nl/fy8XBTh4TWBV7C7WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEcp09Cs9i++tpuYuNe2IsnuuR4OMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa5aR2zkz
ROzJ8O4HHXX8ZKNbRaBAuhol5Nkz/yd/fgIjLHnzYD0UNch40/QuWzKVVaSeqIaT
QACEiSqGw1Xsc8vFi3dnDsAU74jFKdxD023nQY1GYvGyUHHoepcLPbMjAfj6Y8Z8
7Mr3oSGRtftLrq4Ethdgj6rWvGMmiwPdBtmflZ/VkVKtDoo+pKsGLjSZklp6sEvO
D0yZVAtHwbKbz5M1RyfyikcMoqYmaJmyqOgDuNlBbz9WaBUrsjMU9RJY5Y40arwg
qGaQVQq9I8RQcDUcsKRC9Msg3FjEkMBeXBVDKYRgxIsli7m7jnUwsLBD4ZuCdblT
ySk4hB0p8OMkZA==
-----END CERTIFICATE-----