Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
File:                     pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft (raw, json)
Hash identifier:          tkIWDaHCuVFFurGexT99v38oFtDBVQkH7ZNfKD1TCcA=
Subject key identifier:   8C:CB:86:5F:13:9F:02:E3:97:4E:FF:6A:1F:A1:ED:96:E1:11:F8:25
Authority key identifier: A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92
Certificate issuer:       /CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
Certificate serial:       019CAB6B8A424A1D95DFFF5B2C84CF758D65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
Manifest number:          1343
Signing time:             Sun 01 Mar 2026 22:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:17 +0000
Files and hashes:         1: pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl (hash: xcURH84l015dT9MIxeeajl4uRV3V6oc+3pfdLPne0Po=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:8a:42:4a:1d:95:df:ff:5b:2c:84:cf:75:8d:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a58efd108d4c5b0f4f9a88ae53bb7fec9d594b92
        Validity
            Not Before: Mar  1 22:01:17 2026 GMT
            Not After : Mar  2 22:01:17 2026 GMT
        Subject: CN=8ccb865f139f02e3974eff6a1fa1ed96e111f825
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:77:47:23:f3:a9:c4:33:59:39:bb:7e:83:8b:
                    75:88:65:31:f2:d3:90:b2:a9:b9:5c:a3:b0:2a:49:
                    1b:0a:12:eb:49:c2:2c:f5:3d:89:35:d0:5e:55:d1:
                    aa:f1:ae:dc:1c:3e:a2:82:4a:38:73:da:62:59:96:
                    29:5f:e6:9b:6e:09:9a:7c:43:9f:c4:38:26:f5:a8:
                    0a:35:bc:65:63:22:58:99:de:66:41:f2:54:8c:14:
                    af:5e:b6:e2:1b:a7:4b:8a:6b:0d:16:c1:10:5f:14:
                    f0:0e:3f:b9:08:da:44:f2:96:b4:07:76:ab:db:60:
                    db:76:a4:1b:d7:eb:85:00:4f:88:f0:c3:e1:6c:63:
                    2d:cc:70:5c:fd:c2:49:68:d5:4f:8e:08:08:f5:06:
                    a5:d7:32:42:e7:92:19:c6:f6:10:d9:05:13:39:7d:
                    6c:4c:8d:15:52:de:33:6b:57:3f:24:d9:b3:0b:80:
                    1f:87:ad:49:f9:34:ed:56:cf:83:58:9d:29:ba:b4:
                    da:4d:ad:5e:6a:fd:55:95:81:49:b8:fe:23:c4:a7:
                    55:f3:32:7c:ed:89:0f:59:3e:fe:b2:c8:60:b4:86:
                    29:9f:e6:dc:ce:60:f2:fb:e5:b9:df:99:74:e2:39:
                    71:16:ce:13:34:62:9a:b0:36:e3:dd:e6:d7:5e:ef:
                    63:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:CB:86:5F:13:9F:02:E3:97:4E:FF:6A:1F:A1:ED:96:E1:11:F8:25
            X509v3 Authority Key Identifier:
                keyid:A5:8E:FD:10:8D:4C:5B:0F:4F:9A:88:AE:53:BB:7F:EC:9D:59:4B:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pY79EI1MWw9PmoiuU7t_7J1ZS5I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a3b5b2-6638-4a4b-9b85-15cc5da07826/1/pY79EI1MWw9PmoiuU7t_7J1ZS5I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:bc:7b:68:86:5e:a2:22:7e:3f:f2:7a:a3:25:08:1f:a3:37:
         b9:f8:a0:ff:d9:56:91:1f:87:a9:61:e4:80:74:a2:ad:e4:22:
         7f:f4:01:53:3c:a3:98:42:52:44:77:3e:b0:a1:9c:be:c6:4f:
         57:da:fa:65:d4:d4:4b:88:4f:06:53:84:00:4c:a7:2d:16:55:
         d7:da:c4:9a:1f:07:7f:76:86:d8:de:19:c4:43:7e:08:7c:de:
         98:b9:91:7d:87:33:26:2b:df:5c:3d:27:ee:c3:f3:ea:68:59:
         fa:c5:a7:43:28:de:f3:b3:11:be:9c:75:8e:8b:6d:1a:cc:8d:
         7f:b4:ab:07:e0:e7:f2:c2:3f:66:18:51:fc:55:1f:9e:c7:a1:
         ca:29:cc:e0:ac:21:be:15:00:1c:01:fb:11:8f:28:64:f6:d3:
         c8:bd:76:44:f6:3a:f7:28:17:08:47:16:ae:bd:3b:f5:42:e0:
         a2:de:97:b1:6e:92:18:89:7c:79:2e:cf:57:92:1a:ce:5d:4c:
         9e:0d:5b:6e:07:cd:ac:48:1f:b6:8e:a5:6f:db:ea:6f:32:ea:
         90:bd:60:07:60:9f:bd:7b:73:40:b2:e1:be:d3:22:9f:cf:d6:
         d2:24:16:05:14:c8:7a:06:cb:e9:fa:0b:14:ac:91:d2:c3:3f:
         3b:18:4a:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra4pCSh2V3/9bLITPdY1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OGVmZDEwOGQ0YzViMGY0ZjlhODhhZTUzYmI3ZmVjOWQ1
OTRiOTIwHhcNMjYwMzAxMjIwMTE3WhcNMjYwMzAyMjIwMTE3WjAzMTEwLwYDVQQD
Eyg4Y2NiODY1ZjEzOWYwMmUzOTc0ZWZmNmExZmExZWQ5NmUxMTFmODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3dHI/OpxDNZObt+g4t1iGUx8tOQ
sqm5XKOwKkkbChLrScIs9T2JNdBeVdGq8a7cHD6igko4c9piWZYpX+abbgmafEOf
xDgm9agKNbxlYyJYmd5mQfJUjBSvXrbiG6dLimsNFsEQXxTwDj+5CNpE8pa0B3ar
22DbdqQb1+uFAE+I8MPhbGMtzHBc/cJJaNVPjggI9Qal1zJC55IZxvYQ2QUTOX1s
TI0VUt4za1c/JNmzC4Afh61J+TTtVs+DWJ0purTaTa1eav1VlYFJuP4jxKdV8zJ8
7YkPWT7+sshgtIYpn+bczmDy++W535l04jlxFs4TNGKasDbj3ebXXu9jwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzLhl8TnwLjl07/ah+h7ZbhEfglMB8GA1UdIwQY
MBaAFKWO/RCNTFsPT5qIrlO7f+ydWUuSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUt
MTVjYzVkYTA3ODI2LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hM2I1YjItNjYzOC00YTRiLTliODUtMTVjYzVkYTA3ODI2
LzEvcFk3OUVJMU1XdzlQbW9pdVU3dF83SjFaUzVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAErx7aIZe
oiJ+P/J6oyUIH6M3ufig/9lWkR+HqWHkgHSireQif/QBUzyjmEJSRHc+sKGcvsZP
V9r6ZdTUS4hPBlOEAEynLRZV19rEmh8Hf3aG2N4ZxEN+CHzemLmRfYczJivfXD0n
7sPz6mhZ+sWnQyje87MRvpx1jottGsyNf7SrB+Dn8sI/ZhhR/FUfnsehyinM4Kwh
vhUAHAH7EY8oZPbTyL12RPY69ygXCEcWrr079ULgot6XsW6SGIl8eS7PV5Iazl1M
ng1bbgfNrEgfto6lb9vqbzLqkL1gB2CfvXtzQLLhvtMin8/W0iQWBRTIegbL6foL
FKyR0sM/OxhK/w==
-----END CERTIFICATE-----