Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
File:                     7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft (raw, json)
Hash identifier:          HC3q1b8wNnGf72fOjVQYrtzfHF6DLlDoqoDJJVsJ5os=
Subject key identifier:   D2:8C:17:D2:34:25:7C:F1:CB:95:A1:F2:B1:E1:8E:46:54:35:29:64
Authority key identifier: EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23
Certificate issuer:       /CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
Certificate serial:       019CAA586C565C4907A0DAE15FAA5691A271
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
Manifest number:          0C6C
Signing time:             Sun 01 Mar 2026 17:00:47 +0000
Manifest this update:     Sun 01 Mar 2026 17:00:47 +0000
Manifest next update:     Mon 02 Mar 2026 17:00:47 +0000
Files and hashes:         1: 7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl (hash: ODdQQm3MNYBhz6C/aGTbY8kFfNXA8le+ZSMW/qltkR8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:58:6c:56:5c:49:07:a0:da:e1:5f:aa:56:91:a2:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee68b664ccd50ca767d46ffb34f53a06d120b523
        Validity
            Not Before: Mar  1 17:00:47 2026 GMT
            Not After : Mar  2 17:00:47 2026 GMT
        Subject: CN=d28c17d234257cf1cb95a1f2b1e18e4654352964
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:cd:8f:4a:81:f0:c1:72:8f:1b:7c:9a:53:02:
                    87:ad:58:2a:87:4a:12:48:79:30:95:11:44:c4:60:
                    a6:cf:e0:e0:b4:9b:40:12:da:ec:36:99:71:b6:4d:
                    a9:83:76:7b:3e:65:66:fe:55:aa:a6:de:66:3e:3d:
                    dc:e4:52:8e:c9:46:a6:42:a3:7d:ff:02:fb:ea:fe:
                    89:e5:1d:01:9b:4e:af:06:ed:7b:bd:3e:64:0a:b8:
                    9c:3a:f0:6d:77:d5:3a:a1:37:dc:16:de:a3:b4:58:
                    9e:12:a9:67:64:4b:4c:8c:20:ab:cf:d1:a7:34:5b:
                    b7:76:60:9d:00:84:1b:44:a5:98:44:fc:7f:78:dd:
                    ed:09:07:f6:aa:3d:02:59:69:26:79:83:9a:71:6c:
                    d8:09:8b:ba:4b:38:dc:14:dd:0a:56:5a:f7:c5:df:
                    6d:f1:c7:1e:14:d0:1d:9c:ee:c9:82:31:18:ef:1c:
                    ff:3a:0d:7f:1b:49:77:78:e2:eb:85:33:16:ff:fc:
                    e9:80:3a:c6:43:d1:61:a2:40:47:60:d5:b2:33:92:
                    d1:59:67:00:7f:f7:4c:3d:db:2d:66:3e:bf:5e:d9:
                    19:4e:08:b7:b9:a9:9e:bc:a7:9e:cb:1a:f5:38:a5:
                    de:6d:ba:fa:04:74:60:45:f8:37:72:93:a9:13:5a:
                    26:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:8C:17:D2:34:25:7C:F1:CB:95:A1:F2:B1:E1:8E:46:54:35:29:64
            X509v3 Authority Key Identifier:
                keyid:EE:68:B6:64:CC:D5:0C:A7:67:D4:6F:FB:34:F5:3A:06:D1:20:B5:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/ba76ec-5d1a-4375-849e-ded7ac252544/1/7mi2ZMzVDKdn1G_7NPU6BtEgtSM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:bf:64:4f:24:8b:e8:f8:80:1c:d7:05:00:63:6e:df:e4:43:
         20:50:de:f2:be:c7:2c:ff:92:c4:52:62:71:00:94:57:75:d1:
         70:60:97:a0:b8:28:8d:1c:a0:39:fd:d8:a1:34:51:1c:10:99:
         83:b7:0b:c7:a0:a3:cf:87:2f:5c:b1:78:68:59:bd:59:3c:83:
         7b:b1:24:0e:45:79:64:15:f8:c8:d3:34:f1:08:2d:9b:d9:73:
         96:28:fc:26:06:1e:71:54:8f:e2:5d:62:92:9b:b5:6e:d8:7a:
         65:6c:78:23:a4:b4:88:ec:30:b4:57:ea:60:03:db:cd:52:34:
         48:bb:16:7f:da:7f:e8:97:8a:53:2f:16:51:b9:c8:ab:14:8d:
         b3:ab:c5:7b:ab:07:fc:52:4c:2b:ef:32:c4:39:4a:fc:f9:cd:
         a8:2a:e8:14:bc:94:8d:41:c3:91:e6:b0:d1:91:82:2c:3a:a6:
         6b:aa:fa:ad:f1:22:f1:c1:50:61:f4:ac:0b:4d:75:ae:35:79:
         14:ae:60:57:45:66:85:9d:5f:ce:31:63:3e:69:06:b8:62:ba:
         21:77:34:36:3c:88:59:5c:2a:a0:84:38:e1:86:18:e1:49:3e:
         00:b7:d8:63:50:51:8e:5d:39:a1:c4:10:06:85:ea:b1:ad:9e:
         3d:86:2c:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWGxWXEkHoNrhX6pWkaJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNjhiNjY0Y2NkNTBjYTc2N2Q0NmZmYjM0ZjUzYTA2ZDEy
MGI1MjMwHhcNMjYwMzAxMTcwMDQ3WhcNMjYwMzAyMTcwMDQ3WjAzMTEwLwYDVQQD
EyhkMjhjMTdkMjM0MjU3Y2YxY2I5NWExZjJiMWUxOGU0NjU0MzUyOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM2PSoHwwXKPG3yaUwKHrVgqh0oS
SHkwlRFExGCmz+DgtJtAEtrsNplxtk2pg3Z7PmVm/lWqpt5mPj3c5FKOyUamQqN9
/wL76v6J5R0Bm06vBu17vT5kCricOvBtd9U6oTfcFt6jtFieEqlnZEtMjCCrz9Gn
NFu3dmCdAIQbRKWYRPx/eN3tCQf2qj0CWWkmeYOacWzYCYu6SzjcFN0KVlr3xd9t
8cceFNAdnO7JgjEY7xz/Og1/G0l3eOLrhTMW//zpgDrGQ9FhokBHYNWyM5LRWWcA
f/dMPdstZj6/XtkZTgi3uamevKeeyxr1OKXebbr6BHRgRfg3cpOpE1omKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKMF9I0JXzxy5Wh8rHhjkZUNSlkMB8GA1UdIwQY
MBaAFO5otmTM1QynZ9Rv+zT1OgbRILUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUt
ZGVkN2FjMjUyNTQ0LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iYTc2ZWMtNWQxYS00Mzc1LTg0OWUtZGVkN2FjMjUyNTQ0
LzEvN21pMlpNelZES2RuMUdfN05QVTZCdEVndFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmr9kTySL
6PiAHNcFAGNu3+RDIFDe8r7HLP+SxFJicQCUV3XRcGCXoLgojRygOf3YoTRRHBCZ
g7cLx6Cjz4cvXLF4aFm9WTyDe7EkDkV5ZBX4yNM08Qgtm9lzlij8JgYecVSP4l1i
kpu1bth6ZWx4I6S0iOwwtFfqYAPbzVI0SLsWf9p/6JeKUy8WUbnIqxSNs6vFe6sH
/FJMK+8yxDlK/PnNqCroFLyUjUHDkeaw0ZGCLDqma6r6rfEi8cFQYfSsC011rjV5
FK5gV0VmhZ1fzjFjPmkGuGK6IXc0NjyIWVwqoIQ44YYY4Uk+ALfYY1BRjl05ocQQ
BoXqsa2ePYYsKw==
-----END CERTIFICATE-----