Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          VvfqAkNnCPcsjwwcpcKKxQwOinbGsmhmqOEjUnCU1mk=
Subject key identifier:   05:EC:D5:2C:07:9D:D9:0B:81:4F:8A:3D:F0:BA:31:5A:A2:95:37:C7
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       019CAB6B95678A34A02F8D2376053B59E9EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          14D6
Signing time:             Sun 01 Mar 2026 22:01:20 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:20 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:20 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: EomtHhiL92cGx9dxdLHAiewS3QdpQN2EFgsuCcYSw5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:95:67:8a:34:a0:2f:8d:23:76:05:3b:59:e9:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: Mar  1 22:01:20 2026 GMT
            Not After : Mar  2 22:01:20 2026 GMT
        Subject: CN=05ecd52c079dd90b814f8a3df0ba315aa29537c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:9a:2c:43:2f:aa:3c:00:1a:10:90:93:75:ae:
                    43:ce:b1:b6:19:58:e6:36:b2:4c:cb:62:2f:80:e3:
                    52:8b:51:31:60:81:8b:27:c1:d5:54:5a:bf:2a:46:
                    24:46:fd:83:53:7d:cc:7e:d6:a8:b5:18:b0:2f:8b:
                    95:d5:cd:65:89:5a:20:47:8c:f1:5c:cd:b5:57:53:
                    9d:5d:f0:51:3c:c8:72:d9:02:fb:60:8e:51:28:8b:
                    43:58:79:2e:28:74:f5:5c:c4:92:4f:86:e9:e6:66:
                    6d:39:fe:04:63:93:a6:7d:4c:5a:9c:d4:07:2a:6f:
                    3f:87:14:4d:87:5b:57:a3:64:a7:bd:03:bd:49:03:
                    e7:80:d9:a2:1e:28:5c:d7:83:fa:b4:74:2a:f7:6f:
                    d6:6a:6c:60:68:11:05:ec:65:8b:91:7a:42:04:49:
                    47:11:f7:8d:6d:50:9d:08:9f:12:ac:56:ac:92:52:
                    f4:95:83:d1:38:8f:85:ac:2b:fd:66:a6:db:99:1f:
                    a9:bf:21:59:0d:12:f2:fa:6b:d2:be:55:88:87:3c:
                    b8:68:5f:c6:d7:00:69:e7:79:d6:0d:9f:e7:2e:91:
                    68:3f:5a:66:b7:63:27:b3:66:de:df:85:2f:6f:53:
                    73:73:b3:2d:8a:98:d3:a9:9e:90:85:7e:f2:33:52:
                    96:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:EC:D5:2C:07:9D:D9:0B:81:4F:8A:3D:F0:BA:31:5A:A2:95:37:C7
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:d6:7a:35:9b:4e:0d:e2:a9:70:8d:07:a7:4b:23:5f:dc:55:
         69:4d:d8:bf:ef:37:9c:24:02:f5:2f:75:b5:46:d2:8c:33:88:
         18:55:34:22:15:ad:23:9d:90:87:dc:4f:a8:1a:5c:7c:a6:f9:
         82:c6:ab:e0:d7:c8:7e:20:c0:dc:cb:1a:c2:ed:52:0a:98:78:
         2c:ff:70:a8:7d:9b:70:4b:55:3f:17:d2:4d:bf:2b:ba:04:3e:
         f4:0b:ed:98:5d:b4:d7:ec:c6:4d:ec:58:41:92:10:65:fc:bf:
         a9:07:b4:ac:f2:76:bb:e1:02:39:b4:7e:c7:61:5e:72:bf:0f:
         b8:e6:db:5e:ad:1e:68:da:d6:92:e6:48:5f:94:15:e6:67:53:
         88:2a:1b:b1:c1:25:51:6d:ed:2c:f6:f8:ce:6f:d2:db:65:81:
         72:17:67:15:af:b5:d6:f4:2d:37:98:74:90:8e:98:87:a3:67:
         58:94:a4:ba:bd:cf:6b:01:f6:c2:8e:7b:42:17:44:63:cf:75:
         a4:0e:52:9b:9e:5a:18:99:e3:46:9e:02:a5:81:f2:77:d2:89:
         ec:14:02:68:68:23:0f:ad:dc:d0:0e:96:00:ce:a6:63:00:b5:
         21:11:32:0d:95:4a:3a:cf:86:af:8a:5b:5a:fb:8c:ea:39:6d:
         0d:c7:e2:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra5VnijSgL40jdgU7WensMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjYwMzAxMjIwMTIwWhcNMjYwMzAyMjIwMTIwWjAzMTEwLwYDVQQD
EygwNWVjZDUyYzA3OWRkOTBiODE0ZjhhM2RmMGJhMzE1YWEyOTUzN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxposQy+qPAAaEJCTda5DzrG2GVjm
NrJMy2IvgONSi1ExYIGLJ8HVVFq/KkYkRv2DU33MftaotRiwL4uV1c1liVogR4zx
XM21V1OdXfBRPMhy2QL7YI5RKItDWHkuKHT1XMSST4bp5mZtOf4EY5OmfUxanNQH
Km8/hxRNh1tXo2SnvQO9SQPngNmiHihc14P6tHQq92/WamxgaBEF7GWLkXpCBElH
EfeNbVCdCJ8SrFasklL0lYPROI+FrCv9ZqbbmR+pvyFZDRLy+mvSvlWIhzy4aF/G
1wBp53nWDZ/nLpFoP1pmt2Mns2be34Uvb1Nzc7MtipjTqZ6QhX7yM1KWcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAXs1SwHndkLgU+KPfC6MVqilTfHMB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPtZ6NZtO
DeKpcI0Hp0sjX9xVaU3Yv+83nCQC9S91tUbSjDOIGFU0IhWtI52Qh9xPqBpcfKb5
gsar4NfIfiDA3Msawu1SCph4LP9wqH2bcEtVPxfSTb8rugQ+9AvtmF201+zGTexY
QZIQZfy/qQe0rPJ2u+ECObR+x2Fecr8PuObbXq0eaNrWkuZIX5QV5mdTiCobscEl
UW3tLPb4zm/S22WBchdnFa+11vQtN5h0kI6Yh6NnWJSkur3PawH2wo57QhdEY891
pA5Sm55aGJnjRp4CpYHyd9KJ7BQCaGgjD63c0A6WAM6mYwC1IREyDZVKOs+Gr4pb
WvuM6jltDcfiDw==
-----END CERTIFICATE-----