Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
File:                     Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft (raw, json)
Hash identifier:          VYtmz6c/AyN57NrG3ljA2XiGdhNboemMVC8ESgSu6ec=
Subject key identifier:   68:50:33:9F:16:EC:24:AB:9F:B7:93:11:E4:99:95:53:57:9F:F5:82
Authority key identifier: 46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75
Certificate issuer:       /CN=468ecba10e7599a030aa613088688a6c26d62d75
Certificate serial:       019CACB57BD7279B5C03E2193F2786FDF070
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
Manifest number:          14D7
Signing time:             Mon 02 Mar 2026 04:01:40 +0000
Manifest this update:     Mon 02 Mar 2026 04:01:40 +0000
Manifest next update:     Tue 03 Mar 2026 04:01:40 +0000
Files and hashes:         1: Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl (hash: qjTQvArJz/8OrPcXnNg0EUaZT/tT4HduNr53Zr9eXqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b5:7b:d7:27:9b:5c:03:e2:19:3f:27:86:fd:f0:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=468ecba10e7599a030aa613088688a6c26d62d75
        Validity
            Not Before: Mar  2 04:01:40 2026 GMT
            Not After : Mar  3 04:01:40 2026 GMT
        Subject: CN=6850339f16ec24ab9fb79311e4999553579ff582
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:37:f1:79:0b:c5:88:ee:c1:2b:0f:79:19:82:
                    69:f8:89:96:71:2b:bf:77:b8:f7:e6:4f:55:83:4d:
                    b1:bb:98:19:fd:a2:fd:6a:32:13:45:3d:c3:88:f7:
                    66:25:0e:b5:16:a4:36:46:98:b2:11:36:3c:16:74:
                    f7:59:9d:1a:2a:6d:66:36:d9:39:e1:d5:fb:07:cf:
                    44:07:8f:3d:85:db:9e:eb:78:fb:f1:aa:59:98:f1:
                    87:69:e1:82:63:b8:71:87:27:37:48:89:d8:5c:fa:
                    88:30:b5:4f:fa:32:0f:da:48:1f:91:1b:6f:bb:85:
                    4d:6a:6f:5b:25:97:c3:ed:eb:c2:0a:1f:5d:86:a5:
                    19:d0:97:fe:d3:d1:e8:f7:77:21:3f:e6:37:27:6a:
                    26:e2:ce:01:9b:34:54:ba:f7:4c:4d:a0:be:76:eb:
                    3d:5a:ec:57:7f:01:8e:0a:d8:b1:e5:2b:c5:ba:1d:
                    2e:0f:ae:4f:56:3f:57:fb:cc:e2:9b:e3:8b:66:c0:
                    ed:0d:d5:48:8f:ff:8d:81:b9:2e:a5:d7:49:c8:33:
                    67:7d:7c:d0:fb:fa:51:3d:f3:3d:ea:88:f1:a2:eb:
                    de:89:49:a5:4c:1b:15:d6:78:38:f2:14:46:a9:54:
                    de:d6:75:cd:94:fa:b6:8a:50:73:23:94:fb:15:23:
                    99:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:50:33:9F:16:EC:24:AB:9F:B7:93:11:E4:99:95:53:57:9F:F5:82
            X509v3 Authority Key Identifier:
                keyid:46:8E:CB:A1:0E:75:99:A0:30:AA:61:30:88:68:8A:6C:26:D6:2D:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ro7LoQ51maAwqmEwiGiKbCbWLXU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1ea50-4e05-4abd-8927-df7e0bd6f816/1/Ro7LoQ51maAwqmEwiGiKbCbWLXU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:6d:e1:e1:fc:0f:d7:84:90:d0:c8:62:0e:9a:9f:21:0d:bf:
         ef:c4:21:d0:40:12:d6:8d:bb:37:2e:f1:62:13:6c:c5:4f:bd:
         9f:2a:44:0e:e1:d2:fc:3d:02:cb:b4:9c:b3:2b:c0:44:c3:db:
         e1:54:95:41:26:c6:25:88:19:da:a5:66:6a:d3:01:b8:6e:97:
         df:fc:c0:31:d3:68:d2:b5:72:f1:77:b2:99:49:0e:f7:6f:55:
         1a:57:08:46:0b:64:f2:08:2e:20:bf:b2:a6:37:56:43:c5:35:
         a3:f9:71:86:17:10:34:54:c5:c0:92:e6:e6:d0:90:bd:b6:3d:
         9a:35:dc:f9:22:15:1a:15:fc:c9:ec:20:f9:68:67:0a:70:bb:
         fe:0e:12:e3:ca:4a:21:67:95:55:b0:94:a2:57:28:1e:39:dc:
         c1:8d:08:81:9f:7e:79:2f:e1:53:5d:76:ad:f0:d2:2e:97:08:
         f8:fa:61:38:b8:2a:d3:40:4b:22:8e:64:b7:4d:49:ee:d7:04:
         b6:b7:68:c0:c8:1c:5f:3b:c1:3d:06:27:82:f2:c6:f5:25:58:
         7e:4f:ca:8e:5d:a4:05:0c:41:3c:d1:7a:fe:87:52:57:ce:9b:
         28:75:99:12:d4:d0:1c:52:31:b8:22:a6:86:3c:5b:18:7d:e5:
         1c:ad:39:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystXvXJ5tcA+IZPyeG/fBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGVjYmExMGU3NTk5YTAzMGFhNjEzMDg4Njg4YTZjMjZk
NjJkNzUwHhcNMjYwMzAyMDQwMTQwWhcNMjYwMzAzMDQwMTQwWjAzMTEwLwYDVQQD
Eyg2ODUwMzM5ZjE2ZWMyNGFiOWZiNzkzMTFlNDk5OTU1MzU3OWZmNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTfxeQvFiO7BKw95GYJp+ImWcSu/
d7j35k9Vg02xu5gZ/aL9ajITRT3DiPdmJQ61FqQ2RpiyETY8FnT3WZ0aKm1mNtk5
4dX7B89EB489hdue63j78apZmPGHaeGCY7hxhyc3SInYXPqIMLVP+jIP2kgfkRtv
u4VNam9bJZfD7evCCh9dhqUZ0Jf+09Ho93chP+Y3J2om4s4BmzRUuvdMTaC+dus9
WuxXfwGOCtix5SvFuh0uD65PVj9X+8zim+OLZsDtDdVIj/+NgbkupddJyDNnfXzQ
+/pRPfM96ojxouveiUmlTBsV1ng48hRGqVTe1nXNlPq2ilBzI5T7FSOZgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhQM58W7CSrn7eTEeSZlVNXn/WCMB8GA1UdIwQY
MBaAFEaOy6EOdZmgMKphMIhoimwm1i11MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5Mjct
ZGY3ZTBiZDZmODE2LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVhNTAtNGUwNS00YWJkLTg5MjctZGY3ZTBiZDZmODE2
LzEvUm83TG9RNTFtYUF3cW1Fd2lHaUtiQ2JXTFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlG3h4fwP
14SQ0MhiDpqfIQ2/78Qh0EAS1o27Ny7xYhNsxU+9nypEDuHS/D0Cy7ScsyvARMPb
4VSVQSbGJYgZ2qVmatMBuG6X3/zAMdNo0rVy8XeymUkO929VGlcIRgtk8gguIL+y
pjdWQ8U1o/lxhhcQNFTFwJLm5tCQvbY9mjXc+SIVGhX8yewg+WhnCnC7/g4S48pK
IWeVVbCUolcoHjncwY0IgZ9+eS/hU112rfDSLpcI+PphOLgq00BLIo5kt01J7tcE
trdowMgcXzvBPQYngvLG9SVYfk/Kjl2kBQxBPNF6/odSV86bKHWZEtTQHFIxuCKm
hjxbGH3lHK057A==
-----END CERTIFICATE-----