Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          5GKZ+eRHAsvCgiZKeggnQEk9l0YPO6lsc2SNboifVPw=
Subject key identifier:   2D:1E:B8:CD:9E:76:7B:DA:C7:E2:FE:5B:0D:68:43:65:03:10:A8:12
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019CAD59A9E00916541D0B907D09C8B70409
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 07:01:00 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:00 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:00 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: b6K6XHerNZ9A09Qe28KrEh/vVnVQqVEmCiAJvAQ2lcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:a9:e0:09:16:54:1d:0b:90:7d:09:c8:b7:04:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Mar  2 07:01:00 2026 GMT
            Not After : Mar  3 07:01:00 2026 GMT
        Subject: CN=2d1eb8cd9e767bdac7e2fe5b0d6843650310a812
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:1d:24:09:66:d4:d9:4f:bf:68:ad:ab:24:3b:
                    3e:2d:17:33:2f:06:53:4d:dd:68:1e:54:22:9a:6d:
                    96:c3:8d:15:0c:f6:05:61:8d:a7:f5:02:9e:5d:07:
                    c2:3f:41:fd:4b:3c:91:10:b3:48:56:03:7b:f8:8f:
                    48:de:ed:d6:46:71:93:24:a9:57:c1:23:42:c4:37:
                    67:12:77:8b:66:d9:f2:9e:05:69:86:84:28:e3:7c:
                    7d:af:06:df:94:81:db:b1:35:90:d3:3e:9e:fe:6c:
                    bf:6f:fc:d3:40:3b:e5:bf:af:aa:f9:f8:e7:6e:82:
                    66:d8:aa:ec:98:fd:dd:31:73:be:6d:a9:6b:75:a8:
                    28:23:3c:1f:13:7c:e1:f1:a7:00:b1:cd:e6:86:74:
                    9b:3d:30:8b:83:24:36:0b:22:fa:e7:97:6d:77:af:
                    40:15:27:8c:1d:76:eb:1c:d0:0d:a4:51:79:6b:e3:
                    23:c9:fe:a9:29:67:f4:a5:b7:46:f0:1a:e9:22:92:
                    b6:0a:b6:9b:1c:34:46:19:e4:84:4b:ac:46:82:97:
                    d1:96:34:73:3c:d0:98:4c:82:3a:75:3f:e2:67:8e:
                    5b:31:6d:f1:fd:17:89:b6:5a:dc:64:e1:63:c9:1d:
                    30:94:c3:a7:6e:97:ab:0d:2c:b1:c4:31:1c:b4:a7:
                    0c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:1E:B8:CD:9E:76:7B:DA:C7:E2:FE:5B:0D:68:43:65:03:10:A8:12
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:b6:a0:b5:fa:f0:6b:ec:ee:2e:03:bc:d7:a0:73:77:ac:40:
         ba:08:08:72:34:66:e4:cd:fc:48:09:8b:f9:b7:8d:df:6e:1d:
         65:fe:d1:5f:96:ff:5a:41:2d:b9:93:88:b3:cc:9f:6d:5f:58:
         a1:ac:7c:c9:23:84:ea:9b:69:49:e8:0d:7b:ab:57:f7:fb:06:
         d2:37:a9:14:d1:15:86:07:05:04:07:86:65:e6:aa:89:10:c4:
         f4:c0:ab:e6:b9:b5:75:71:d9:17:9d:59:8e:34:5b:46:45:82:
         62:6b:96:14:1a:6b:6b:cb:ff:67:56:47:06:e0:c8:b4:90:0f:
         c3:b5:a4:b5:a8:38:1f:d2:db:38:3c:ba:7b:c0:66:dc:b5:da:
         6d:39:48:5b:9f:d2:2b:56:25:62:b8:11:e7:14:7d:0a:cf:43:
         74:4f:39:59:56:98:e9:9c:98:21:41:22:46:1b:03:21:49:ee:
         96:45:e9:b1:0c:33:1f:82:2c:ac:33:ec:9c:e8:2e:37:c3:f4:
         88:9b:d6:c8:47:71:8e:56:76:8d:b5:c9:f7:c8:4b:28:da:f6:
         e5:ae:70:63:96:19:67:c6:8e:f4:c6:7b:d9:f8:0b:a4:77:c0:
         44:78:e9:98:fd:05:f2:2b:fc:e8:ae:a7:43:a0:21:3c:28:2e:
         3b:1d:43:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWangCRZUHQuQfQnItwQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjYwMzAyMDcwMTAwWhcNMjYwMzAzMDcwMTAwWjAzMTEwLwYDVQQD
EygyZDFlYjhjZDllNzY3YmRhYzdlMmZlNWIwZDY4NDM2NTAzMTBhODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R0kCWbU2U+/aK2rJDs+LRczLwZT
Td1oHlQimm2Ww40VDPYFYY2n9QKeXQfCP0H9SzyRELNIVgN7+I9I3u3WRnGTJKlX
wSNCxDdnEneLZtnyngVphoQo43x9rwbflIHbsTWQ0z6e/my/b/zTQDvlv6+q+fjn
boJm2KrsmP3dMXO+balrdagoIzwfE3zh8acAsc3mhnSbPTCLgyQ2CyL655dtd69A
FSeMHXbrHNANpFF5a+Mjyf6pKWf0pbdG8BrpIpK2CrabHDRGGeSES6xGgpfRljRz
PNCYTII6dT/iZ45bMW3x/ReJtlrcZOFjyR0wlMOnbperDSyxxDEctKcMXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0euM2ednvax+L+Ww1oQ2UDEKgSMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLagtfrw
a+zuLgO816Bzd6xAuggIcjRm5M38SAmL+beN324dZf7RX5b/WkEtuZOIs8yfbV9Y
oax8ySOE6ptpSegNe6tX9/sG0jepFNEVhgcFBAeGZeaqiRDE9MCr5rm1dXHZF51Z
jjRbRkWCYmuWFBpra8v/Z1ZHBuDItJAPw7Wktag4H9LbODy6e8Bm3LXabTlIW5/S
K1YlYrgR5xR9Cs9DdE85WVaY6ZyYIUEiRhsDIUnulkXpsQwzH4IsrDPsnOguN8P0
iJvWyEdxjlZ2jbXJ98hLKNr25a5wY5YZZ8aO9MZ72fgLpHfARHjpmP0F8iv86K6n
Q6AhPCguOx1D/A==
-----END CERTIFICATE-----