Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          r5DQt0rYJ5+caMTeQBHYkJU/n2W+HWBmIxa9uHCzroY=
Subject key identifier:   F1:17:40:50:07:DB:A3:D2:CD:BA:AA:20:9D:C8:8B:F5:4E:C2:98:1B
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       019CAB6AE5FE5166E7A13F77A83B461B9A2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          1177
Signing time:             Sun 01 Mar 2026 22:00:35 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:35 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:35 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: yqvUxOyuP0trIsI+ms638iElV/3WyQaxOyaI9dbRCjQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:e5:fe:51:66:e7:a1:3f:77:a8:3b:46:1b:9a:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: Mar  1 22:00:35 2026 GMT
            Not After : Mar  2 22:00:35 2026 GMT
        Subject: CN=f117405007dba3d2cdbaaa209dc88bf54ec2981b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:64:d1:b8:fd:b4:df:3f:3a:f9:bc:3a:56:48:
                    31:8c:55:df:23:f0:3c:33:00:fe:57:bc:61:5b:2d:
                    b4:45:7b:9f:71:fb:7e:86:db:17:9c:20:a4:d4:ab:
                    59:40:c6:d2:1a:20:51:39:3e:fb:62:5d:6d:a3:f8:
                    0a:5e:1d:df:92:7f:29:e6:21:27:c9:58:c3:a2:70:
                    7c:17:78:02:a7:73:6e:fc:33:16:3c:2c:12:4e:b8:
                    ca:b0:28:02:dd:94:39:ee:5e:2a:52:56:48:62:ee:
                    0d:9f:e4:64:9c:37:a7:b3:3b:3d:30:59:cc:d6:ca:
                    d3:8c:6d:88:a0:4e:0a:e0:0b:d2:ad:3b:c1:d7:4d:
                    4e:f7:5e:88:9e:e3:ef:19:00:ce:a8:ca:8e:49:06:
                    04:b8:82:bc:f5:d0:71:c8:35:8a:80:47:f9:8b:c8:
                    b2:be:91:2f:08:47:e5:1c:ed:36:d7:88:d4:4b:22:
                    7e:f3:4a:d8:53:2c:61:8e:84:a8:aa:dd:fa:5a:40:
                    05:93:50:19:3e:0f:00:fb:c7:2c:5c:4c:d9:c4:17:
                    be:1b:d4:c6:70:9b:19:46:c1:26:45:db:fc:a1:85:
                    77:f3:69:3b:db:e1:9b:a1:8d:a4:ea:fe:b3:2f:e0:
                    38:f4:d2:05:aa:aa:97:5d:11:62:d6:42:de:b5:7f:
                    bb:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:17:40:50:07:DB:A3:D2:CD:BA:AA:20:9D:C8:8B:F5:4E:C2:98:1B
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:6e:87:d5:b9:bc:16:c0:50:de:76:00:8f:5e:26:24:6c:eb:
         aa:22:7a:e9:da:e7:2c:57:cf:27:db:7c:11:c5:9c:b7:30:76:
         d4:2f:bf:97:5f:1b:27:6e:77:9e:30:3c:73:82:e1:8a:79:7b:
         12:29:3e:9d:5a:88:fc:1d:54:80:2b:18:c5:c0:75:3d:f5:07:
         63:ca:c2:5b:72:7a:01:63:68:32:8d:90:8a:99:44:cc:30:cf:
         d4:5d:e0:c6:ca:07:6d:e6:5b:ab:43:3e:de:7d:1a:2a:62:f7:
         5a:0d:54:ea:ae:cb:2a:56:51:94:b3:cb:3b:97:b8:dc:c6:b9:
         85:65:d4:9e:d9:84:07:0a:bc:7b:19:01:89:3f:1f:f8:87:68:
         64:11:8f:21:e4:0a:a1:2e:9e:26:56:4c:3a:9a:5b:0a:2e:a5:
         a2:54:41:ac:2a:99:27:7a:4f:b9:9a:e0:69:41:f9:ab:e4:7a:
         af:bb:51:6b:67:81:ec:0c:7b:0b:59:b2:43:47:07:da:ba:67:
         25:ba:e4:ca:0a:71:e2:3f:45:74:31:6d:c5:96:fb:00:c4:f0:
         84:c2:30:51:82:74:36:76:f4:a7:d2:45:38:c1:a7:df:4f:f8:
         10:ec:f9:05:5f:ba:b0:3a:fc:39:b1:a8:20:a9:d0:0b:de:cf:
         75:84:22:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrauX+UWbnoT93qDtGG5otMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjYwMzAxMjIwMDM1WhcNMjYwMzAyMjIwMDM1WjAzMTEwLwYDVQQD
EyhmMTE3NDA1MDA3ZGJhM2QyY2RiYWFhMjA5ZGM4OGJmNTRlYzI5ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGTRuP203z86+bw6VkgxjFXfI/A8
MwD+V7xhWy20RXufcft+htsXnCCk1KtZQMbSGiBROT77Yl1to/gKXh3fkn8p5iEn
yVjDonB8F3gCp3Nu/DMWPCwSTrjKsCgC3ZQ57l4qUlZIYu4Nn+RknDenszs9MFnM
1srTjG2IoE4K4AvSrTvB101O916InuPvGQDOqMqOSQYEuIK89dBxyDWKgEf5i8iy
vpEvCEflHO0214jUSyJ+80rYUyxhjoSoqt36WkAFk1AZPg8A+8csXEzZxBe+G9TG
cJsZRsEmRdv8oYV382k72+GboY2k6v6zL+A49NIFqqqXXRFi1kLetX+7DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEXQFAH26PSzbqqIJ3Ii/VOwpgbMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyG6H1bm8
FsBQ3nYAj14mJGzrqiJ66drnLFfPJ9t8EcWctzB21C+/l18bJ253njA8c4Lhinl7
Eik+nVqI/B1UgCsYxcB1PfUHY8rCW3J6AWNoMo2QiplEzDDP1F3gxsoHbeZbq0M+
3n0aKmL3Wg1U6q7LKlZRlLPLO5e43Ma5hWXUntmEBwq8exkBiT8f+IdoZBGPIeQK
oS6eJlZMOppbCi6lolRBrCqZJ3pPuZrgaUH5q+R6r7tRa2eB7Ax7C1myQ0cH2rpn
Jbrkygpx4j9FdDFtxZb7AMTwhMIwUYJ0Nnb0p9JFOMGn30/4EOz5BV+6sDr8ObGo
IKnQC97PdYQiww==
-----END CERTIFICATE-----