Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          9NfAaSTVIEGiRpnJSXOXhe6v0IDM21dVRl0ww9uq8MU=
Subject key identifier:   32:58:CA:52:16:EC:A5:CE:B7:4A:7C:A1:2C:AA:D9:74:59:53:8A:6D
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       019CAB6B0D39A778BB060CC1B54CE951C0B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          08D2
Signing time:             Sun 01 Mar 2026 22:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:45 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: XknPJHj7JUPT5+XNoGbbxFgK64Xa78f/R8bGCEwEI3k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:0d:39:a7:78:bb:06:0c:c1:b5:4c:e9:51:c0:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: Mar  1 22:00:45 2026 GMT
            Not After : Mar  2 22:00:45 2026 GMT
        Subject: CN=3258ca5216eca5ceb74a7ca12caad97459538a6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:57:dc:21:c6:c9:bf:a7:ef:e6:e1:de:d3:96:
                    7b:9c:1f:7c:6c:84:47:1a:fb:95:af:1f:cd:56:74:
                    f4:af:06:69:6e:a6:b6:de:45:e7:7b:8a:10:81:b8:
                    a1:8f:aa:b5:10:48:a2:f2:15:0f:e2:4f:2c:13:65:
                    8d:95:d4:7e:c4:54:44:3c:7c:f0:8e:2c:a6:87:ec:
                    1c:70:8b:69:96:5c:c1:d5:14:ba:95:8e:15:4d:aa:
                    dd:34:94:95:91:81:ca:a4:57:55:03:f4:cb:ef:7a:
                    de:5f:17:e5:09:23:f7:be:43:94:a0:3d:4d:29:d7:
                    b7:be:52:3d:f0:ac:e4:29:43:47:4f:e4:ed:92:bf:
                    94:47:92:b5:79:80:8c:6d:2f:1e:62:7b:7b:e1:8c:
                    67:e1:88:0d:fa:0a:9d:92:35:b7:aa:81:5a:ef:0b:
                    48:b3:e4:ee:71:29:bf:e2:c9:cc:1b:01:9d:6d:87:
                    6e:3a:20:f1:97:c6:be:b6:9f:c1:e0:88:b3:c3:3b:
                    13:f3:6a:b9:13:bd:60:bf:ba:bc:c5:f6:76:e2:d6:
                    c2:30:7a:c2:44:36:aa:43:b0:d0:2e:b8:b3:f3:90:
                    65:8a:ab:dc:26:d1:ca:29:3f:6b:97:e4:29:ca:41:
                    46:53:99:bd:62:3b:1b:de:72:ed:72:88:ea:a9:7c:
                    65:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:58:CA:52:16:EC:A5:CE:B7:4A:7C:A1:2C:AA:D9:74:59:53:8A:6D
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:da:ea:65:96:23:f3:d1:c5:cb:82:a7:ee:bf:8e:d8:5e:5e:
         51:c6:e0:69:c9:47:0e:ae:85:c5:9f:40:26:f2:60:eb:b1:05:
         df:c8:6d:d1:45:03:96:92:20:19:fc:77:55:8f:81:3f:03:91:
         fa:98:3c:e1:d8:f5:52:a0:99:c4:4f:0c:9e:04:f7:e6:e3:64:
         95:d6:65:a9:4c:2d:ec:5c:cf:fc:0e:5a:1c:5a:8f:3e:ec:ed:
         5d:d8:d0:81:63:91:70:c4:0a:22:28:67:c2:65:19:27:71:db:
         fd:4a:71:79:4c:90:8d:35:80:94:ef:8d:a1:e7:8d:7c:e0:8d:
         cf:1c:44:52:96:0d:cd:55:51:6a:30:43:e2:34:f5:31:70:f8:
         cb:2a:93:0e:f7:07:c7:bb:31:33:58:61:42:19:c5:c8:9a:38:
         0a:b5:ee:a1:b1:9f:3d:ad:90:6c:e4:52:e2:cb:ce:8b:b6:a4:
         ac:e4:86:84:46:c5:07:5c:7e:da:53:45:5e:ac:75:a1:b9:d7:
         ec:c6:8e:5a:f3:3b:0c:4d:86:c4:a1:34:2b:07:6a:a5:c0:65:
         b5:eb:b7:e3:c6:25:53:30:69:50:1d:85:75:3b:2d:e6:09:1d:
         d0:92:9c:32:2a:9c:83:a4:c1:ea:12:c8:a4:53:51:52:4e:85:
         02:ca:4a:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyraw05p3i7BgzBtUzpUcC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjYwMzAxMjIwMDQ1WhcNMjYwMzAyMjIwMDQ1WjAzMTEwLwYDVQQD
EygzMjU4Y2E1MjE2ZWNhNWNlYjc0YTdjYTEyY2FhZDk3NDU5NTM4YTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1fcIcbJv6fv5uHe05Z7nB98bIRH
GvuVrx/NVnT0rwZpbqa23kXne4oQgbihj6q1EEii8hUP4k8sE2WNldR+xFREPHzw
jiymh+wccItpllzB1RS6lY4VTardNJSVkYHKpFdVA/TL73reXxflCSP3vkOUoD1N
Kde3vlI98KzkKUNHT+Ttkr+UR5K1eYCMbS8eYnt74Yxn4YgN+gqdkjW3qoFa7wtI
s+TucSm/4snMGwGdbYduOiDxl8a+tp/B4IizwzsT82q5E71gv7q8xfZ24tbCMHrC
RDaqQ7DQLriz85BliqvcJtHKKT9rl+QpykFGU5m9Yjsb3nLtcojqqXxlvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDJYylIW7KXOt0p8oSyq2XRZU4ptMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc9rqZZYj
89HFy4Kn7r+O2F5eUcbgaclHDq6FxZ9AJvJg67EF38ht0UUDlpIgGfx3VY+BPwOR
+pg84dj1UqCZxE8MngT35uNkldZlqUwt7FzP/A5aHFqPPuztXdjQgWORcMQKIihn
wmUZJ3Hb/UpxeUyQjTWAlO+NoeeNfOCNzxxEUpYNzVVRajBD4jT1MXD4yyqTDvcH
x7sxM1hhQhnFyJo4CrXuobGfPa2QbORS4svOi7akrOSGhEbFB1x+2lNFXqx1obnX
7MaOWvM7DE2GxKE0KwdqpcBlteu348YlUzBpUB2FdTst5gkd0JKcMiqcg6TB6hLI
pFNRUk6FAspKGA==
-----END CERTIFICATE-----