Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
File:                     Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft (raw, json)
Hash identifier:          g+Mm1NPyuXGwlV9DqeiPfSprhmX/phCc8MZ0wxaVQEc=
Subject key identifier:   11:D5:A6:2D:6C:5B:CC:6A:23:93:3E:A4:B8:0A:5A:5A:61:1B:5B:34
Authority key identifier: 31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54
Certificate issuer:       /CN=31fd401741e669e920b03c6c76aa3a7871403f54
Certificate serial:       019CAB6BC2BF212A7C026A8D87E4DCB5433A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
Manifest number:          06AD
Signing time:             Sun 01 Mar 2026 22:01:31 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:31 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:31 +0000
Files and hashes:         1: Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl (hash: 2x/YGWKf17hUmBpeda09Fv1kqRU4UwajnvLjUdYq4u0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:c2:bf:21:2a:7c:02:6a:8d:87:e4:dc:b5:43:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31fd401741e669e920b03c6c76aa3a7871403f54
        Validity
            Not Before: Mar  1 22:01:31 2026 GMT
            Not After : Mar  2 22:01:31 2026 GMT
        Subject: CN=11d5a62d6c5bcc6a23933ea4b80a5a5a611b5b34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e8:be:da:87:dd:93:d8:74:4c:71:68:9d:7b:
                    95:3e:a8:fe:fb:bb:e2:54:ff:da:cd:7a:d4:52:33:
                    4f:51:36:d6:d6:cc:80:08:a9:29:8b:a9:6c:e0:12:
                    48:49:2a:e7:a2:50:b9:3b:ae:e9:fe:26:44:02:86:
                    8d:52:c3:4c:02:7f:28:f6:6f:de:e4:79:c9:67:00:
                    e1:91:d2:e8:c0:0d:9c:98:5c:70:5a:86:93:6a:65:
                    5e:45:1b:33:de:a0:b3:8d:be:71:33:b7:78:03:68:
                    8c:b9:fc:d7:7c:fb:89:7a:9f:10:3c:d2:1b:11:5b:
                    3f:ca:f7:dc:51:4a:d9:ad:71:bd:67:5a:a1:5b:ed:
                    a2:ed:11:42:31:f0:d6:98:98:1d:e2:13:7f:d8:b8:
                    a6:0f:53:55:af:43:da:38:37:94:96:d8:c8:eb:fa:
                    04:e9:db:92:c6:8d:78:c3:6a:73:b0:d5:79:5f:23:
                    87:aa:cc:c0:83:9e:4b:ca:c7:8c:54:b3:f6:89:6c:
                    a3:00:16:08:7d:c0:00:37:49:90:03:1f:34:01:07:
                    f5:63:37:e2:9a:7c:58:79:d1:d6:5c:52:9b:63:e5:
                    fb:f2:00:c0:23:b8:36:bb:7d:ef:e1:ab:15:27:18:
                    8f:ad:97:87:b9:f0:fc:1c:54:c2:d2:e8:77:cd:34:
                    1f:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:D5:A6:2D:6C:5B:CC:6A:23:93:3E:A4:B8:0A:5A:5A:61:1B:5B:34
            X509v3 Authority Key Identifier:
                keyid:31:FD:40:17:41:E6:69:E9:20:B0:3C:6C:76:AA:3A:78:71:40:3F:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ba365b-694b-4fba-8653-de36bf20ba4f/1/Mf1AF0HmaekgsDxsdqo6eHFAP1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:be:90:2f:a1:e6:83:70:3d:4a:59:98:65:78:dc:f1:53:fb:
         65:10:1e:be:09:43:20:36:25:68:16:b5:93:71:d0:5f:6a:b3:
         9a:fc:e4:21:80:81:2c:29:82:77:38:23:9c:14:82:e1:83:3b:
         c2:1a:48:33:b6:84:68:92:db:75:69:60:82:98:fc:32:42:54:
         ff:e9:c7:e0:e5:de:14:64:a9:5e:f0:c6:91:2c:31:82:a7:15:
         97:88:1a:b9:4e:98:ac:92:f6:5a:28:e8:b2:1e:20:21:69:e9:
         41:6e:5d:08:ec:b8:9a:08:42:21:0b:c4:a4:aa:5d:9e:89:24:
         50:5e:8a:8d:39:7b:8a:3f:e8:61:7a:c1:19:05:b6:a3:d4:77:
         9e:16:b0:e5:ed:ac:7d:24:ca:54:e4:20:a0:0f:2b:bf:eb:28:
         3e:05:93:2a:4f:88:a9:d6:5d:5e:02:2a:a8:48:e1:97:0a:b0:
         e3:83:11:1c:8f:01:96:2f:db:92:13:56:73:60:ea:66:3d:13:
         6e:dd:7b:eb:ba:00:78:6c:f5:3f:aa:ab:6a:46:61:4b:32:93:
         b5:56:9f:3c:2d:e0:9e:89:90:ee:de:b2:b4:e8:bc:9f:82:02:
         07:ac:58:56:91:5a:45:a9:78:fc:95:92:e3:a6:82:18:3a:2f:
         30:35:57:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra8K/ISp8AmqNh+TctUM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmQ0MDE3NDFlNjY5ZTkyMGIwM2M2Yzc2YWEzYTc4NzE0
MDNmNTQwHhcNMjYwMzAxMjIwMTMxWhcNMjYwMzAyMjIwMTMxWjAzMTEwLwYDVQQD
EygxMWQ1YTYyZDZjNWJjYzZhMjM5MzNlYTRiODBhNWE1YTYxMWI1YjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+i+2ofdk9h0THFonXuVPqj++7vi
VP/azXrUUjNPUTbW1syACKkpi6ls4BJISSrnolC5O67p/iZEAoaNUsNMAn8o9m/e
5HnJZwDhkdLowA2cmFxwWoaTamVeRRsz3qCzjb5xM7d4A2iMufzXfPuJep8QPNIb
EVs/yvfcUUrZrXG9Z1qhW+2i7RFCMfDWmJgd4hN/2LimD1NVr0PaODeUltjI6/oE
6duSxo14w2pzsNV5XyOHqszAg55LyseMVLP2iWyjABYIfcAAN0mQAx80AQf1Yzfi
mnxYedHWXFKbY+X78gDAI7g2u33v4asVJxiPrZeHufD8HFTC0uh3zTQfVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBHVpi1sW8xqI5M+pLgKWlphG1s0MB8GA1UdIwQY
MBaAFDH9QBdB5mnpILA8bHaqOnhxQD9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMt
ZGUzNmJmMjBiYTRmLzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9iYTM2NWItNjk0Yi00ZmJhLTg2NTMtZGUzNmJmMjBiYTRm
LzEvTWYxQUYwSG1hZWtnc0R4c2RxbzZlSEZBUDFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmL6QL6Hm
g3A9SlmYZXjc8VP7ZRAevglDIDYlaBa1k3HQX2qzmvzkIYCBLCmCdzgjnBSC4YM7
whpIM7aEaJLbdWlggpj8MkJU/+nH4OXeFGSpXvDGkSwxgqcVl4gauU6YrJL2Wijo
sh4gIWnpQW5dCOy4mghCIQvEpKpdnokkUF6KjTl7ij/oYXrBGQW2o9R3nhaw5e2s
fSTKVOQgoA8rv+soPgWTKk+IqdZdXgIqqEjhlwqw44MRHI8Bli/bkhNWc2DqZj0T
bt1767oAeGz1P6qrakZhSzKTtVafPC3gnomQ7t6ytOi8n4ICB6xYVpFaRal4/JWS
46aCGDovMDVXag==
-----END CERTIFICATE-----