Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
File:                     O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft (raw, json)
Hash identifier:          gP4exbAsm+9OUH8UKgyUshoALsx64KldwIaqNJw6a7w=
Subject key identifier:   33:31:9C:2B:84:0B:E8:04:6F:C8:34:B9:F4:24:E9:1F:7F:37:12:11
Authority key identifier: 3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62
Certificate issuer:       /CN=3b55e7feb907137299f5792c36395efba9b34b62
Certificate serial:       019CAC1047FEFF6091806BDE18993457FD3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
Manifest number:          10ED
Signing time:             Mon 02 Mar 2026 01:01:13 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:13 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:13 +0000
Files and hashes:         1: O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl (hash: POHs4g2qdHyrlnKPIyAdOJy4BwrT6ehAt3bgrcZ5XvU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:47:fe:ff:60:91:80:6b:de:18:99:34:57:fd:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b55e7feb907137299f5792c36395efba9b34b62
        Validity
            Not Before: Mar  2 01:01:13 2026 GMT
            Not After : Mar  3 01:01:13 2026 GMT
        Subject: CN=33319c2b840be8046fc834b9f424e91f7f371211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:f3:60:31:6c:df:22:c4:8f:ed:53:52:ed:56:
                    4e:7e:78:0a:49:ae:5d:c4:0b:d7:d4:74:20:a9:ef:
                    16:ad:bc:e0:ef:ba:18:c7:7c:f8:b1:85:e2:60:34:
                    ba:7b:07:6a:69:75:c6:ef:f4:48:d1:c9:fd:4d:66:
                    17:e9:6c:bf:5f:53:3d:27:67:ff:d2:3e:56:63:dd:
                    50:62:e4:e2:bc:47:a0:a0:84:0c:30:a6:e4:d9:66:
                    60:ab:ea:f6:c8:1f:aa:36:a4:c6:8a:ee:db:10:0b:
                    94:9a:0c:b1:2f:42:2d:b0:9e:86:89:31:1f:67:79:
                    e4:3e:a6:7d:45:c1:69:d9:3e:d8:7a:3c:55:30:1e:
                    17:e7:5e:a2:5f:6c:f3:bb:6b:f4:cc:55:11:be:63:
                    d0:db:cc:18:7a:b1:41:3b:8d:d5:86:95:35:ea:59:
                    ad:d5:02:d4:cc:66:9b:8d:3a:b7:a6:f5:03:5f:c5:
                    16:1b:d4:b1:22:98:fd:d1:ee:e8:7b:91:e3:9a:d3:
                    3c:75:7a:9b:04:fc:e2:95:2d:91:66:44:11:79:11:
                    97:d7:cf:42:0d:03:57:e4:d6:33:b5:9e:00:45:e9:
                    ff:76:32:78:20:75:8d:de:9b:52:1c:01:49:00:71:
                    08:f6:86:1d:64:b1:6e:dc:da:ff:a4:bd:fa:16:a5:
                    92:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:31:9C:2B:84:0B:E8:04:6F:C8:34:B9:F4:24:E9:1F:7F:37:12:11
            X509v3 Authority Key Identifier:
                keyid:3B:55:E7:FE:B9:07:13:72:99:F5:79:2C:36:39:5E:FB:A9:B3:4B:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1Xn_rkHE3KZ9XksNjle-6mzS2I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8b768c-0e0a-4ad3-9100-a441e24be036/1/O1Xn_rkHE3KZ9XksNjle-6mzS2I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:94:f4:18:1c:3e:07:2d:a3:03:0a:25:96:9b:3b:10:4c:1d:
         1e:ba:79:19:01:97:67:2d:5e:42:df:7e:b9:ab:a1:95:85:16:
         4b:8c:dd:12:6d:91:50:d0:dd:c5:5d:21:6e:dd:c1:27:7d:ae:
         29:1c:4b:d8:d5:4c:d4:2f:1d:6c:f1:99:ff:52:a8:3b:df:ae:
         37:c7:17:89:a4:8e:30:f6:8d:09:a5:f5:99:c4:c0:75:af:00:
         53:97:af:75:67:63:08:94:75:b6:95:b7:08:02:1e:c0:7b:be:
         97:bb:a5:73:98:bc:80:37:95:4f:6e:8d:f0:3c:59:e3:84:cb:
         b8:95:e1:73:32:d9:a1:11:ab:d9:96:00:d6:a9:98:55:e1:04:
         51:b7:03:f1:3c:28:8e:fb:a4:7f:ce:e8:94:72:76:ad:67:bf:
         c9:c3:14:15:58:c1:0f:3b:4c:98:20:6c:b9:92:59:54:d4:52:
         ea:ce:33:5f:e4:7c:0f:a9:25:dc:83:d3:4a:9f:bb:3d:33:30:
         8d:c8:05:5d:e4:12:5c:d2:9b:97:a0:ab:e9:da:a5:59:79:cc:
         62:4a:9d:a1:b5:20:30:03:fa:c8:a1:6e:ad:33:37:a4:a2:1a:
         c5:07:d8:37:d8:b8:73:b0:eb:6b:89:94:9e:92:eb:6b:dc:cb:
         24:99:a3:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEEf+/2CRgGveGJk0V/06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTVlN2ZlYjkwNzEzNzI5OWY1NzkyYzM2Mzk1ZWZiYTli
MzRiNjIwHhcNMjYwMzAyMDEwMTEzWhcNMjYwMzAzMDEwMTEzWjAzMTEwLwYDVQQD
EygzMzMxOWMyYjg0MGJlODA0NmZjODM0YjlmNDI0ZTkxZjdmMzcxMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fNgMWzfIsSP7VNS7VZOfngKSa5d
xAvX1HQgqe8Wrbzg77oYx3z4sYXiYDS6ewdqaXXG7/RI0cn9TWYX6Wy/X1M9J2f/
0j5WY91QYuTivEegoIQMMKbk2WZgq+r2yB+qNqTGiu7bEAuUmgyxL0ItsJ6GiTEf
Z3nkPqZ9RcFp2T7YejxVMB4X516iX2zzu2v0zFURvmPQ28wYerFBO43VhpU16lmt
1QLUzGabjTq3pvUDX8UWG9SxIpj90e7oe5HjmtM8dXqbBPzilS2RZkQReRGX189C
DQNX5NYztZ4ARen/djJ4IHWN3ptSHAFJAHEI9oYdZLFu3Nr/pL36FqWSFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMxnCuEC+gEb8g0ufQk6R9/NxIRMB8GA1UdIwQY
MBaAFDtV5/65BxNymfV5LDY5Xvups0tiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAt
YTQ0MWUyNGJlMDM2LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84Yjc2OGMtMGUwYS00YWQzLTkxMDAtYTQ0MWUyNGJlMDM2
LzEvTzFYbl9ya0hFM0taOVhrc05qbGUtNm16UzJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN5T0GBw+
By2jAwollps7EEwdHrp5GQGXZy1eQt9+uauhlYUWS4zdEm2RUNDdxV0hbt3BJ32u
KRxL2NVM1C8dbPGZ/1KoO9+uN8cXiaSOMPaNCaX1mcTAda8AU5evdWdjCJR1tpW3
CAIewHu+l7ulc5i8gDeVT26N8DxZ44TLuJXhczLZoRGr2ZYA1qmYVeEEUbcD8Two
jvukf87olHJ2rWe/ycMUFVjBDztMmCBsuZJZVNRS6s4zX+R8D6kl3IPTSp+7PTMw
jcgFXeQSXNKbl6Cr6dqlWXnMYkqdobUgMAP6yKFurTM3pKIaxQfYN9i4c7Dra4mU
npLra9zLJJmjog==
-----END CERTIFICATE-----