Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          81YiNcrucNXfqmDmUKqCjehKvLp9Bk6wb94wSGRyszE=
Subject key identifier:   0C:48:8F:0C:38:E6:A6:B4:76:99:81:17:CA:8D:9B:BA:BA:89:03:45
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       019CAD59F015534CF3EA2534DC5C8150A14C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 07:01:18 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:18 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:18 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: WzWJJDEnjoaGg4vfd2Xfk+MbjojJ5ldOyqTtr0sDIqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:f0:15:53:4c:f3:ea:25:34:dc:5c:81:50:a1:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Mar  2 07:01:18 2026 GMT
            Not After : Mar  3 07:01:18 2026 GMT
        Subject: CN=0c488f0c38e6a6b476998117ca8d9bbaba890345
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:8e:b7:07:00:e8:59:c2:bb:ae:d0:5d:83:09:
                    56:a5:0c:e6:6f:f7:44:03:1d:33:8c:3a:ae:b1:ec:
                    1b:b2:fd:b2:ab:ba:94:d1:7c:23:f6:19:c7:90:f5:
                    20:50:af:84:89:50:71:4c:19:11:98:60:9a:53:bc:
                    57:b8:50:a3:97:e2:f5:a7:ec:1a:0f:39:af:d1:dc:
                    5b:ff:e2:9a:7a:5f:95:c4:ac:25:80:dc:e9:21:62:
                    21:af:e4:92:48:f7:72:7d:30:8e:59:84:85:ae:65:
                    c0:13:94:b8:e9:8f:5d:ce:17:b6:ce:45:c7:29:f8:
                    76:1f:97:62:a9:8d:e5:dc:24:6d:b1:cc:78:0d:df:
                    67:3c:28:58:e7:4d:82:91:ac:8c:fb:54:99:b9:7e:
                    89:ba:6e:37:2c:6a:95:de:f8:03:33:60:19:0f:29:
                    15:9a:02:b9:30:53:1c:ad:99:0f:57:97:20:77:ee:
                    f7:12:28:9c:ad:96:9b:3a:93:95:6f:85:b9:3c:4e:
                    44:6c:06:c3:c7:67:87:cf:4b:09:0d:37:f4:ed:6c:
                    3b:b7:e3:7a:f1:f4:4e:aa:78:f8:18:99:83:b1:37:
                    35:d5:b7:5f:a0:e3:c8:5e:d4:48:f1:6b:c6:b8:89:
                    97:81:02:a4:60:e6:cd:32:34:a4:ee:fc:e9:17:aa:
                    db:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:48:8F:0C:38:E6:A6:B4:76:99:81:17:CA:8D:9B:BA:BA:89:03:45
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:02:9c:0e:3d:8c:4e:83:b2:fe:04:ea:90:98:7a:bf:bf:af:
         90:ec:77:5a:4d:b1:3c:88:a9:02:06:7c:bc:f3:e0:c9:98:22:
         c9:08:4e:90:aa:72:f1:47:35:7d:8f:81:cf:4b:91:a3:37:cd:
         e6:d4:6c:8c:bc:2d:65:2c:42:fe:f7:d9:41:15:4c:c0:5a:57:
         c7:25:b1:3f:02:6d:fe:9f:a3:3f:31:87:2b:e6:77:e5:cb:05:
         ac:63:e9:63:79:9d:69:e1:77:9c:99:3e:8b:3b:a0:f5:ea:e8:
         23:24:1f:6f:4b:09:33:1e:55:07:0a:ad:41:ab:72:2e:b6:c0:
         fa:fc:75:14:11:39:2a:e1:65:a5:cc:a7:42:73:6d:5b:7b:2c:
         3b:d3:21:07:09:ac:19:9f:f7:7b:ee:2f:07:60:6c:3f:17:d9:
         2e:09:3a:19:98:36:0d:da:88:a0:c1:38:49:d4:1f:7f:a6:60:
         a4:b8:1d:9c:d5:31:99:94:44:6c:46:f2:c0:c8:e6:66:2b:a3:
         54:eb:b3:72:70:65:a9:53:ed:89:c5:53:a1:72:e7:38:65:9f:
         52:be:1e:81:79:d9:2b:6f:08:fb:50:dc:fb:06:24:07:f4:d5:
         65:db:18:18:3f:da:92:1d:05:6c:66:77:bc:4b:f2:65:92:73:
         eb:31:63:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfAVU0zz6iU03FyBUKFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjYwMzAyMDcwMTE4WhcNMjYwMzAzMDcwMTE4WjAzMTEwLwYDVQQD
EygwYzQ4OGYwYzM4ZTZhNmI0NzY5OTgxMTdjYThkOWJiYWJhODkwMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y63BwDoWcK7rtBdgwlWpQzmb/dE
Ax0zjDqusewbsv2yq7qU0Xwj9hnHkPUgUK+EiVBxTBkRmGCaU7xXuFCjl+L1p+wa
Dzmv0dxb/+Kael+VxKwlgNzpIWIhr+SSSPdyfTCOWYSFrmXAE5S46Y9dzhe2zkXH
Kfh2H5diqY3l3CRtscx4Dd9nPChY502CkayM+1SZuX6Jum43LGqV3vgDM2AZDykV
mgK5MFMcrZkPV5cgd+73EiicrZabOpOVb4W5PE5EbAbDx2eHz0sJDTf07Ww7t+N6
8fROqnj4GJmDsTc11bdfoOPIXtRI8WvGuImXgQKkYObNMjSk7vzpF6rbaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxIjww45qa0dpmBF8qNm7q6iQNFMB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATAKcDj2M
ToOy/gTqkJh6v7+vkOx3Wk2xPIipAgZ8vPPgyZgiyQhOkKpy8Uc1fY+Bz0uRozfN
5tRsjLwtZSxC/vfZQRVMwFpXxyWxPwJt/p+jPzGHK+Z35csFrGPpY3mdaeF3nJk+
izug9eroIyQfb0sJMx5VBwqtQatyLrbA+vx1FBE5KuFlpcynQnNtW3ssO9MhBwms
GZ/3e+4vB2BsPxfZLgk6GZg2DdqIoME4SdQff6ZgpLgdnNUxmZREbEbywMjmZiuj
VOuzcnBlqVPticVToXLnOGWfUr4egXnZK28I+1Dc+wYkB/TVZdsYGD/akh0FbGZ3
vEvyZZJz6zFj8g==
-----END CERTIFICATE-----