Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          F+pmAWL4v9Ob7Qz0wwwZT1Z+SKHIFkVVw1LP+EkVu9I=
Subject key identifier:   8C:64:17:E6:56:F4:58:3B:9E:58:76:7D:6C:AF:00:88:5A:77:30:61
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       019CAC0FB48E699638DDD3062AFA5A256473
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          0953
Signing time:             Mon 02 Mar 2026 01:00:36 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:36 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:36 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: tADpULoNND1XlONthnVbYncIg4JFi3HdpJw6cRaITts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:b4:8e:69:96:38:dd:d3:06:2a:fa:5a:25:64:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: Mar  2 01:00:36 2026 GMT
            Not After : Mar  3 01:00:36 2026 GMT
        Subject: CN=8c6417e656f4583b9e58767d6caf00885a773061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:92:c0:45:30:ce:24:f4:aa:a2:a2:30:1f:cf:
                    3b:9f:73:1b:54:54:ce:40:14:6d:02:82:89:d0:96:
                    8b:c2:d5:6b:64:ca:8c:e6:a7:db:cf:e9:7e:40:89:
                    aa:5c:e5:d0:59:89:bc:80:ac:34:11:ac:41:30:5f:
                    41:2c:05:c9:23:52:9b:36:0e:f4:fe:46:24:d4:25:
                    94:66:c2:db:81:82:17:d8:51:25:63:eb:38:d8:b8:
                    65:3a:d3:ad:83:67:66:93:21:a6:e7:54:88:88:32:
                    32:16:fa:f4:c3:ea:ad:4b:0e:90:52:11:52:b8:35:
                    b0:7a:a7:68:10:84:c6:26:b0:91:1b:b1:04:e5:10:
                    b0:fc:71:cf:0b:c3:16:d7:3b:0a:a6:61:4d:04:6e:
                    fc:a6:bf:af:d1:f8:3a:c4:0b:46:46:3b:87:6e:33:
                    4a:8a:04:f7:f3:26:43:8f:3b:7e:12:1b:df:c1:1d:
                    fb:5d:37:71:b7:d9:80:5a:28:58:dc:fb:d5:f1:21:
                    18:c4:eb:0a:75:1b:31:07:b0:28:9c:6a:e7:66:c4:
                    30:85:9d:08:d4:9b:ce:d5:34:8c:8b:d9:fc:26:f6:
                    40:48:23:c6:de:1a:68:fc:fb:0b:ec:a6:2d:b4:7c:
                    ed:2f:17:0d:be:87:aa:9a:ac:d1:fb:24:d2:5a:f9:
                    8c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:64:17:E6:56:F4:58:3B:9E:58:76:7D:6C:AF:00:88:5A:77:30:61
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:a6:8e:95:48:37:fd:0d:24:18:ed:21:5f:35:53:36:30:50:
         40:28:60:49:f5:c5:7d:a5:03:9e:ae:ab:97:76:18:3e:a8:32:
         5a:87:55:10:bf:04:9e:b8:6a:90:bd:24:c9:ff:96:c0:39:ce:
         43:71:68:49:b1:82:c4:22:7e:5d:77:43:c8:68:f4:6b:a0:98:
         e0:48:81:df:4e:01:f0:e9:4b:2a:2e:f6:77:46:d8:43:45:f1:
         02:fd:7f:f1:4a:aa:0c:0e:dd:bb:fe:a2:54:ce:8f:af:0f:b5:
         49:e3:ed:1a:30:af:35:19:e9:f1:e3:7b:22:29:3f:48:c3:e6:
         47:45:58:93:3f:68:92:6c:74:99:70:ad:fd:e9:69:e8:68:1d:
         7c:cd:b2:a3:5f:68:b2:89:41:58:c9:60:e1:6c:b7:f2:be:1f:
         70:92:a5:c4:ea:45:47:c6:36:d4:9c:60:a9:d8:54:17:c7:b4:
         0f:44:3d:6c:61:a7:62:50:a6:b3:a3:2c:c9:ea:9b:8d:38:6c:
         ec:f1:08:51:16:9d:63:3c:b2:52:26:a1:ef:8a:cb:1f:e8:b6:
         f3:51:82:f1:fd:c5:a8:7d:3e:34:e2:84:ea:e3:47:66:e4:bb:
         95:c2:01:44:16:1b:d1:8b:4e:ed:25:cf:9d:be:f6:80:0f:01:
         85:3c:36:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD7SOaZY43dMGKvpaJWRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjYwMzAyMDEwMDM2WhcNMjYwMzAzMDEwMDM2WjAzMTEwLwYDVQQD
Eyg4YzY0MTdlNjU2ZjQ1ODNiOWU1ODc2N2Q2Y2FmMDA4ODVhNzczMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5LARTDOJPSqoqIwH887n3MbVFTO
QBRtAoKJ0JaLwtVrZMqM5qfbz+l+QImqXOXQWYm8gKw0EaxBMF9BLAXJI1KbNg70
/kYk1CWUZsLbgYIX2FElY+s42LhlOtOtg2dmkyGm51SIiDIyFvr0w+qtSw6QUhFS
uDWweqdoEITGJrCRG7EE5RCw/HHPC8MW1zsKpmFNBG78pr+v0fg6xAtGRjuHbjNK
igT38yZDjzt+EhvfwR37XTdxt9mAWihY3PvV8SEYxOsKdRsxB7AonGrnZsQwhZ0I
1JvO1TSMi9n8JvZASCPG3hpo/PsL7KYttHztLxcNvoeqmqzR+yTSWvmM6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxkF+ZW9Fg7nlh2fWyvAIhadzBhMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPKaOlUg3
/Q0kGO0hXzVTNjBQQChgSfXFfaUDnq6rl3YYPqgyWodVEL8EnrhqkL0kyf+WwDnO
Q3FoSbGCxCJ+XXdDyGj0a6CY4EiB304B8OlLKi72d0bYQ0XxAv1/8UqqDA7du/6i
VM6Prw+1SePtGjCvNRnp8eN7Iik/SMPmR0VYkz9okmx0mXCt/elp6GgdfM2yo19o
solBWMlg4Wy38r4fcJKlxOpFR8Y21JxgqdhUF8e0D0Q9bGGnYlCms6MsyeqbjThs
7PEIURadYzyyUiah74rLH+i281GC8f3FqH0+NOKE6uNHZuS7lcIBRBYb0YtO7SXP
nb72gA8BhTw2Dw==
-----END CERTIFICATE-----