Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
File:                     rkIjS6xhcScD45im1b8EjFyfQDI.mft (raw, json)
Hash identifier:          5gKaNFnkPxv/v4OdihhWFeaekyXRUuXxo5hNhUXEG8o=
Subject key identifier:   4B:24:62:9B:7B:CF:E6:F8:09:E6:44:4E:F2:80:AC:5E:6A:5E:77:EA
Authority key identifier: AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32
Certificate issuer:       /CN=ae42234bac61712703e398a6d5bf048c5c9f4032
Certificate serial:       019CAA589C7513195C5E7AAE1425385DF002
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
Manifest number:          0977
Signing time:             Sun 01 Mar 2026 17:00:59 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:59 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:59 +0000
Files and hashes:         1: rkIjS6xhcScD45im1b8EjFyfQDI.crl (hash: 7nmyb8OfSy5X2LFAgR7J9ZRE/ANZGCWa3nc7IpV0kZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:9c:75:13:19:5c:5e:7a:ae:14:25:38:5d:f0:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae42234bac61712703e398a6d5bf048c5c9f4032
        Validity
            Not Before: Mar  1 17:00:59 2026 GMT
            Not After : Mar  2 17:00:59 2026 GMT
        Subject: CN=4b24629b7bcfe6f809e6444ef280ac5e6a5e77ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e6:99:26:95:ba:b2:b6:4f:da:bc:76:88:e8:
                    7a:e6:02:c4:97:39:9b:61:2f:ec:b1:ae:eb:55:9d:
                    58:cc:9e:9b:2f:29:12:b4:77:56:8a:62:63:b7:f3:
                    a7:ca:a9:b8:76:b0:38:60:e7:35:b1:5c:0c:71:b0:
                    50:47:49:40:24:b6:f0:a0:c4:9e:f3:eb:2c:36:82:
                    cb:6c:c1:ab:ee:bc:35:99:59:9f:33:06:dd:42:38:
                    f5:00:2a:00:45:a7:5d:cd:6c:85:9e:b2:e5:ec:d3:
                    1a:16:96:f9:c0:1a:74:9b:4a:59:8f:cf:b7:2e:31:
                    1f:ce:93:96:06:e7:84:81:ff:3e:73:5c:0c:4b:ca:
                    f9:49:59:43:8e:be:5c:a0:23:6d:9f:c1:b5:d3:aa:
                    4b:6c:b0:2f:d7:e4:9c:4b:5c:b7:80:ff:d1:5b:24:
                    27:d0:9e:bd:3b:f1:a4:de:7b:b4:7b:7b:0d:6a:4d:
                    3f:53:a5:8b:c8:14:40:88:b6:6c:93:a0:4b:09:68:
                    06:27:2d:1a:ff:61:69:a4:17:ce:f3:1d:58:1a:93:
                    16:0d:f4:bf:1b:13:3f:33:5d:82:68:60:54:c3:05:
                    38:98:ac:c5:b9:ee:c2:65:60:7e:45:66:1d:ef:9c:
                    bc:ff:2a:81:34:e1:34:a2:f2:97:3b:1a:f4:ee:b8:
                    1d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:24:62:9B:7B:CF:E6:F8:09:E6:44:4E:F2:80:AC:5E:6A:5E:77:EA
            X509v3 Authority Key Identifier:
                keyid:AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:bc:81:a3:90:ec:a5:22:fe:96:1b:a2:13:20:b3:1f:3f:26:
         2e:fb:e8:31:69:8f:d5:6e:db:20:ff:fd:a7:fa:4f:b5:52:b0:
         ed:ef:67:47:14:05:37:c3:0f:4c:8e:a4:ec:23:42:a3:5c:02:
         c5:25:48:b9:d8:e9:2b:d9:ec:c2:48:12:7f:36:67:bb:bd:0b:
         89:8b:80:e0:c0:1e:3e:13:54:a0:bb:d9:b3:b5:88:7c:a6:6d:
         2e:36:bc:aa:85:28:e8:0f:78:2d:3d:4b:ab:7c:4d:ac:d6:fe:
         75:c2:52:d1:d5:49:8d:ce:0c:8f:7a:3b:87:5f:52:6b:2e:08:
         90:80:f6:a0:e4:a2:45:38:0d:11:ce:62:25:72:48:1c:b3:be:
         03:2e:7f:0c:17:ca:97:f1:29:6d:8f:64:92:91:34:46:f6:c1:
         ff:53:0a:c4:18:b0:86:a4:3f:a8:9d:77:4e:3d:10:4c:a2:b3:
         09:92:d0:77:cb:74:f0:88:21:9f:48:84:71:5d:e0:0b:ce:84:
         fc:a3:69:71:98:7a:da:98:3a:03:02:df:b8:61:7d:f9:84:93:
         cf:21:d0:c3:28:11:ab:f8:38:02:b7:d6:7c:e9:2c:43:4b:03:
         d4:19:57:fc:32:11:e0:1b:35:bb:19:13:af:07:17:52:7d:6f:
         49:b1:a6:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWJx1ExlcXnquFCU4XfACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNDIyMzRiYWM2MTcxMjcwM2UzOThhNmQ1YmYwNDhjNWM5
ZjQwMzIwHhcNMjYwMzAxMTcwMDU5WhcNMjYwMzAyMTcwMDU5WjAzMTEwLwYDVQQD
Eyg0YjI0NjI5YjdiY2ZlNmY4MDllNjQ0NGVmMjgwYWM1ZTZhNWU3N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eaZJpW6srZP2rx2iOh65gLElzmb
YS/ssa7rVZ1YzJ6bLykStHdWimJjt/Onyqm4drA4YOc1sVwMcbBQR0lAJLbwoMSe
8+ssNoLLbMGr7rw1mVmfMwbdQjj1ACoARaddzWyFnrLl7NMaFpb5wBp0m0pZj8+3
LjEfzpOWBueEgf8+c1wMS8r5SVlDjr5coCNtn8G106pLbLAv1+ScS1y3gP/RWyQn
0J69O/Gk3nu0e3sNak0/U6WLyBRAiLZsk6BLCWgGJy0a/2FppBfO8x1YGpMWDfS/
GxM/M12CaGBUwwU4mKzFue7CZWB+RWYd75y8/yqBNOE0ovKXOxr07rgdgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEskYpt7z+b4CeZETvKArF5qXnfqMB8GA1UdIwQY
MBaAFK5CI0usYXEnA+OYptW/BIxcn0AyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1Yjct
ZWUyYmNmMTg2ZjI0LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1YjctZWUyYmNmMTg2ZjI0
LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqLyBo5Ds
pSL+lhuiEyCzHz8mLvvoMWmP1W7bIP/9p/pPtVKw7e9nRxQFN8MPTI6k7CNCo1wC
xSVIudjpK9nswkgSfzZnu70LiYuA4MAePhNUoLvZs7WIfKZtLja8qoUo6A94LT1L
q3xNrNb+dcJS0dVJjc4Mj3o7h19Say4IkID2oOSiRTgNEc5iJXJIHLO+Ay5/DBfK
l/EpbY9kkpE0RvbB/1MKxBiwhqQ/qJ13Tj0QTKKzCZLQd8t08Ighn0iEcV3gC86E
/KNpcZh62pg6AwLfuGF9+YSTzyHQwygRq/g4ArfWfOksQ0sD1BlX/DIR4Bs1uxkT
rwcXUn1vSbGmYg==
-----END CERTIFICATE-----