Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          6OBJQ/H6xTqcV/AC7u42wzv6nHCXAPzFzlW5fg8DnHY=
Subject key identifier:   C1:77:7E:67:B1:B5:52:11:69:BB:E6:87:C1:FF:81:3A:A1:5C:66:63
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019CAB6B83803C54538F07EEDC4074EF6B3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0FE7
Signing time:             Sun 01 Mar 2026 22:01:15 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:15 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:15 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: 7gzk0j1rcZCLbtOzb/aleqsXEpCeAlv2K+u3FOUZDYM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:83:80:3c:54:53:8f:07:ee:dc:40:74:ef:6b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Mar  1 22:01:15 2026 GMT
            Not After : Mar  2 22:01:15 2026 GMT
        Subject: CN=c1777e67b1b5521169bbe687c1ff813aa15c6663
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:95:d2:3a:78:8a:6c:25:c6:7e:89:7a:85:9c:
                    95:d1:96:79:62:50:4d:3c:db:66:d4:2e:51:a4:a1:
                    f8:87:bb:2b:b5:74:1b:fa:00:32:c4:d1:07:fe:17:
                    54:c2:cd:79:74:6b:8f:8b:85:ca:0d:ba:70:c3:86:
                    a5:c5:cf:cc:ce:7f:a6:bb:ce:78:47:51:5d:4d:69:
                    6e:ee:44:da:b7:13:7b:13:2b:ab:3f:fb:d2:26:0e:
                    d2:a8:6c:b4:4c:f8:bd:9a:f3:82:ff:a5:28:74:b8:
                    d5:88:10:8a:77:2c:30:b7:eb:9b:b5:43:39:8f:9e:
                    77:b3:1b:7c:c6:c7:f7:ed:a5:26:99:25:4f:95:54:
                    4b:68:ce:ba:78:1d:25:2f:7a:c9:d6:85:d5:46:1c:
                    d1:ce:46:c6:dd:90:26:42:09:f8:02:31:53:85:52:
                    93:a3:44:51:60:44:8c:1a:30:e8:49:67:95:0e:7c:
                    bd:cc:d6:1e:80:61:ab:79:50:62:d6:22:26:8c:5f:
                    2c:30:93:47:d9:9e:72:1a:dc:1f:d4:98:76:11:33:
                    ce:d0:79:d3:1e:c6:04:dc:40:a4:e5:35:cc:ad:79:
                    77:1d:16:44:75:a5:81:b8:e2:12:45:45:c3:be:b3:
                    79:2f:3a:00:2d:34:99:04:21:a4:0f:87:e4:d2:c8:
                    81:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:77:7E:67:B1:B5:52:11:69:BB:E6:87:C1:FF:81:3A:A1:5C:66:63
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:fd:ac:f1:a1:e7:e4:f0:9e:3e:e6:59:fd:bb:fc:d2:d6:9c:
         14:c7:85:b6:ef:ce:62:77:c5:d1:1e:38:fc:8e:ae:05:b8:34:
         44:19:92:2a:76:cd:86:eb:63:9b:9d:60:49:bd:41:d8:c8:03:
         05:23:32:4c:a4:90:00:2a:49:61:96:00:fb:05:0b:5d:ff:3d:
         c7:6a:c1:c8:d7:ef:89:a2:49:40:0b:c3:a0:74:ae:bf:b4:61:
         eb:a9:28:35:8a:ee:8d:98:b7:01:f6:4a:8b:22:d5:97:f4:3e:
         e4:e4:c0:87:3b:9a:a8:7f:51:90:62:b3:a7:8d:61:5f:11:6b:
         03:40:ce:a9:81:64:03:73:23:99:6a:a5:92:56:be:89:82:97:
         7b:5d:32:2f:a7:8d:1a:39:a6:0b:0c:1b:6b:41:68:bc:e7:2b:
         56:62:b3:93:d9:b2:32:49:cc:ee:d1:d7:b5:cf:5a:77:a6:eb:
         40:85:73:c7:20:4a:7e:8d:cb:6a:d0:68:23:36:c1:e5:5d:fc:
         9d:64:a4:c2:eb:f1:ff:70:8a:6c:32:a0:9c:32:03:6d:17:8d:
         c6:f5:bd:f2:46:18:40:30:51:31:1f:0b:ac:ef:fa:7e:b7:65:
         5d:66:54:c3:80:bc:fd:45:2b:55:30:ce:0e:31:7c:96:ab:36:
         1a:d9:44:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra4OAPFRTjwfu3EB072s9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjYwMzAxMjIwMTE1WhcNMjYwMzAyMjIwMTE1WjAzMTEwLwYDVQQD
EyhjMTc3N2U2N2IxYjU1MjExNjliYmU2ODdjMWZmODEzYWExNWM2NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJXSOniKbCXGfol6hZyV0ZZ5YlBN
PNtm1C5RpKH4h7srtXQb+gAyxNEH/hdUws15dGuPi4XKDbpww4alxc/Mzn+mu854
R1FdTWlu7kTatxN7EyurP/vSJg7SqGy0TPi9mvOC/6UodLjViBCKdywwt+ubtUM5
j553sxt8xsf37aUmmSVPlVRLaM66eB0lL3rJ1oXVRhzRzkbG3ZAmQgn4AjFThVKT
o0RRYESMGjDoSWeVDny9zNYegGGreVBi1iImjF8sMJNH2Z5yGtwf1Jh2ETPO0HnT
HsYE3ECk5TXMrXl3HRZEdaWBuOISRUXDvrN5LzoALTSZBCGkD4fk0siB+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF3fmextVIRabvmh8H/gTqhXGZjMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb/2s8aHn
5PCePuZZ/bv80tacFMeFtu/OYnfF0R44/I6uBbg0RBmSKnbNhutjm51gSb1B2MgD
BSMyTKSQACpJYZYA+wULXf89x2rByNfviaJJQAvDoHSuv7Rh66koNYrujZi3AfZK
iyLVl/Q+5OTAhzuaqH9RkGKzp41hXxFrA0DOqYFkA3MjmWqlkla+iYKXe10yL6eN
GjmmCwwba0FovOcrVmKzk9myMknM7tHXtc9ad6brQIVzxyBKfo3LatBoIzbB5V38
nWSkwuvx/3CKbDKgnDIDbReNxvW98kYYQDBRMR8LrO/6frdlXWZUw4C8/UUrVTDO
DjF8lqs2GtlEew==
-----END CERTIFICATE-----