Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          OsutEsQ6f8TEAZTwqHxcAAcaeRnZmHFw9F3QeJmAdYQ=
Subject key identifier:   AE:6E:C0:C9:46:7B:B5:CF:C1:3E:31:18:65:F2:03:0D:07:25:22:F6
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       019CADC81CF5752CBA0512B6945EA9BF5388
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          1519
Signing time:             Mon 02 Mar 2026 09:01:38 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:38 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:38 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: jZbzH32x5rqwEo61ek9oCWRLCQKkEyvR59MzPJ2CtXg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c8:1c:f5:75:2c:ba:05:12:b6:94:5e:a9:bf:53:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Mar  2 09:01:38 2026 GMT
            Not After : Mar  3 09:01:38 2026 GMT
        Subject: CN=ae6ec0c9467bb5cfc13e311865f2030d072522f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:99:ea:75:d1:bd:d3:58:03:c8:fc:ef:57:09:
                    d9:ff:23:df:98:b8:55:34:cf:e4:68:39:9c:12:77:
                    7c:b4:7d:95:b8:aa:11:86:07:20:83:87:7f:a4:f9:
                    8e:ff:04:de:e9:33:d4:5a:69:34:db:a5:4d:e2:0b:
                    5f:49:5a:f8:17:0a:b6:2a:af:7d:c8:28:c9:e7:bf:
                    44:98:3d:1f:3c:0f:f6:a8:4c:71:17:92:6a:e6:83:
                    1d:b6:57:99:e2:80:f3:fe:c9:cb:37:da:f9:dd:2d:
                    e8:c5:05:97:cb:b0:43:60:9a:c1:87:02:32:69:9e:
                    3c:0d:f4:d0:d6:e0:71:79:f8:4a:c8:4f:56:11:90:
                    f9:2e:e2:fc:c0:6e:19:2f:a2:ee:49:7f:30:70:37:
                    5e:a4:52:0e:fd:a2:97:28:9a:58:ff:3d:47:38:69:
                    b9:71:db:bb:69:06:1e:53:83:35:81:26:49:41:f6:
                    81:85:a3:4a:a6:5e:b0:bc:92:e1:54:32:ea:2d:1c:
                    60:45:34:a8:4b:1b:01:72:4d:6e:8e:2c:72:67:e7:
                    23:cb:c2:ab:a0:73:32:a9:cb:ab:a1:bb:9f:97:39:
                    c8:1b:66:00:b7:bb:05:ec:04:73:f7:de:fa:d4:db:
                    8c:bf:af:57:16:cc:2b:6f:af:19:b2:b3:c9:4d:70:
                    ef:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:6E:C0:C9:46:7B:B5:CF:C1:3E:31:18:65:F2:03:0D:07:25:22:F6
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:53:cc:35:cf:b4:58:40:d4:0d:22:7e:d6:fa:86:9d:b3:db:
         03:9c:1d:bd:e3:f9:42:cd:b5:55:33:2a:bd:69:76:85:b1:08:
         e4:6c:60:ec:12:a4:af:ca:71:ba:e7:7c:fe:33:4a:b2:76:c7:
         b5:c8:b6:18:28:56:37:7f:eb:6a:c2:d8:39:45:2d:46:c5:e6:
         a0:cc:63:1d:f8:57:6c:66:74:c2:78:76:20:04:98:d5:f0:06:
         7d:3a:14:62:cb:3d:5d:16:87:b7:b5:da:9f:aa:96:44:d2:ec:
         44:d8:6b:a9:67:54:42:9b:70:fc:4c:14:92:48:44:1a:ad:59:
         51:db:0b:e7:77:5f:b0:68:d2:44:66:1a:ae:c2:7b:05:51:ac:
         14:d8:cd:7e:bf:f6:0b:a6:81:fa:bd:7c:3e:73:11:a7:fc:98:
         c3:f7:d4:48:90:a9:ec:31:7d:72:c1:6b:f6:30:ba:50:48:02:
         6f:7b:cf:6d:12:b8:da:a5:ba:59:ed:3e:d8:b0:8e:dc:1c:bb:
         6b:9c:d5:35:8d:09:69:b6:30:3c:2f:dc:ac:c0:e3:b1:f4:61:
         f4:65:9f:ea:f8:b3:b3:aa:05:f8:51:3f:14:af:84:a1:b0:5c:
         03:64:40:35:f8:59:7a:16:5b:aa:08:5e:87:28:35:ce:ac:c8:
         b0:8c:ba:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyBz1dSy6BRK2lF6pv1OIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjYwMzAyMDkwMTM4WhcNMjYwMzAzMDkwMTM4WjAzMTEwLwYDVQQD
EyhhZTZlYzBjOTQ2N2JiNWNmYzEzZTMxMTg2NWYyMDMwZDA3MjUyMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5nqddG901gDyPzvVwnZ/yPfmLhV
NM/kaDmcEnd8tH2VuKoRhgcgg4d/pPmO/wTe6TPUWmk026VN4gtfSVr4Fwq2Kq99
yCjJ579EmD0fPA/2qExxF5Jq5oMdtleZ4oDz/snLN9r53S3oxQWXy7BDYJrBhwIy
aZ48DfTQ1uBxefhKyE9WEZD5LuL8wG4ZL6LuSX8wcDdepFIO/aKXKJpY/z1HOGm5
cdu7aQYeU4M1gSZJQfaBhaNKpl6wvJLhVDLqLRxgRTSoSxsBck1ujixyZ+cjy8Kr
oHMyqcurobuflznIG2YAt7sF7ARz99761NuMv69XFswrb68ZsrPJTXDvLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5uwMlGe7XPwT4xGGXyAw0HJSL2MB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE1PMNc+0
WEDUDSJ+1vqGnbPbA5wdveP5Qs21VTMqvWl2hbEI5Gxg7BKkr8pxuud8/jNKsnbH
tci2GChWN3/rasLYOUUtRsXmoMxjHfhXbGZ0wnh2IASY1fAGfToUYss9XRaHt7Xa
n6qWRNLsRNhrqWdUQptw/EwUkkhEGq1ZUdsL53dfsGjSRGYarsJ7BVGsFNjNfr/2
C6aB+r18PnMRp/yYw/fUSJCp7DF9csFr9jC6UEgCb3vPbRK42qW6We0+2LCO3By7
a5zVNY0JabYwPC/crMDjsfRh9GWf6vizs6oF+FE/FK+EobBcA2RANfhZehZbqghe
hyg1zqzIsIy60A==
-----END CERTIFICATE-----