Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
File:                     vFxHuPnkKkkot2dDFqcap21AHjw.mft (raw, json)
Hash identifier:          NIlPJ0V28ity74/3PAy0fqa8LAF0jqkwrnqGGuFWScU=
Subject key identifier:   9D:5F:86:8F:4A:D5:26:66:30:FF:DD:AA:E8:5B:13:1D:92:9D:0C:DB
Authority key identifier: BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C
Certificate issuer:       /CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
Certificate serial:       019CAD5A4CC5ADEC9DA41012EAD3D3BCA635
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
Manifest number:          0DD8
Signing time:             Mon 02 Mar 2026 07:01:42 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:42 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:42 +0000
Files and hashes:         1: vFxHuPnkKkkot2dDFqcap21AHjw.crl (hash: t1FwCLMTEcTtYxD4xMsOKG1mgbMz1C4dUDvuE1ww0ls=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:4c:c5:ad:ec:9d:a4:10:12:ea:d3:d3:bc:a6:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc5c47b8f9e42a4928b7674316a71aa76d401e3c
        Validity
            Not Before: Mar  2 07:01:42 2026 GMT
            Not After : Mar  3 07:01:42 2026 GMT
        Subject: CN=9d5f868f4ad5266630ffddaae85b131d929d0cdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:14:d9:0c:7a:6f:20:3e:1f:ba:4b:46:bc:ed:
                    18:d0:9c:82:57:f0:1b:38:fc:fe:22:54:49:13:5a:
                    f2:67:6a:1e:a6:44:82:da:f8:2f:0b:a0:3e:14:a3:
                    11:d1:b8:71:d5:99:66:ac:1b:b4:01:2f:c2:15:00:
                    0d:68:16:83:bd:7a:b2:9d:09:c8:86:6d:0a:d4:98:
                    7b:05:f6:3e:90:05:54:08:db:f5:2c:0e:6a:7b:8c:
                    e0:82:b8:01:37:9a:ad:92:fe:f0:00:81:8c:e9:8b:
                    90:19:83:84:c8:ef:3c:4e:d6:b2:3e:32:e5:cd:f2:
                    7a:69:36:1b:25:23:98:40:df:47:d4:b2:ce:16:aa:
                    aa:8f:0c:9d:e1:00:05:1a:8b:bf:51:21:80:d1:80:
                    0d:e4:99:7b:55:8c:f4:f0:99:c8:32:0c:75:d3:a0:
                    44:0c:41:bb:b1:37:ea:06:11:73:7e:01:da:5c:db:
                    fd:b4:6c:e5:c1:d3:f9:9f:55:47:36:86:83:de:3b:
                    1c:cb:f2:23:87:64:5b:2d:57:af:5a:66:46:cf:a9:
                    00:4a:9f:8c:70:a0:f7:85:db:05:ce:17:25:c0:fa:
                    46:10:3a:14:de:36:20:81:2f:b5:3b:88:49:ae:53:
                    ae:fa:7c:71:e8:6f:36:94:c3:05:62:d6:e5:fe:51:
                    2a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:5F:86:8F:4A:D5:26:66:30:FF:DD:AA:E8:5B:13:1D:92:9D:0C:DB
            X509v3 Authority Key Identifier:
                keyid:BC:5C:47:B8:F9:E4:2A:49:28:B7:67:43:16:A7:1A:A7:6D:40:1E:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFxHuPnkKkkot2dDFqcap21AHjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fd8762-47bc-4511-93a5-7a18c179076d/1/vFxHuPnkKkkot2dDFqcap21AHjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:23:bc:90:91:c8:13:cd:f6:31:91:7f:fd:79:cf:59:e8:9f:
         01:a3:49:31:00:4d:66:48:27:8d:cd:ac:1b:f6:fe:9e:58:3b:
         0f:2a:04:22:e8:bd:38:0d:91:a4:d4:74:c8:90:1b:c4:84:f0:
         89:1f:37:58:26:47:f2:e6:1c:f3:c6:72:e8:a9:6d:4a:6b:fb:
         af:35:69:ba:e4:ed:6a:fa:15:aa:92:a2:27:19:d8:3f:4c:2f:
         96:2c:c4:1e:ba:97:89:dc:62:db:73:8d:f0:94:cb:6f:b5:4b:
         1e:66:c9:42:95:58:d6:d9:11:67:e8:bc:9a:92:1a:79:79:d4:
         84:eb:30:62:ad:6a:59:1e:47:12:bf:07:39:f5:5e:53:16:06:
         3b:d7:f3:10:4a:ce:dd:f0:d2:e9:b7:b7:e9:44:82:97:6e:5d:
         22:e0:4c:1a:63:7c:cd:dd:5c:e4:8c:69:b4:f8:c9:44:fe:42:
         eb:39:59:df:4b:22:b0:2c:33:5e:35:af:42:7a:f2:74:0c:e7:
         b4:f3:23:d3:5c:67:52:18:00:b2:52:46:3f:56:7f:3e:fb:a5:
         82:a2:05:ba:7f:72:71:6e:4e:d4:59:b8:69:f5:b3:b8:6f:cc:
         e2:93:4e:4a:82:0f:5a:44:e7:64:b4:de:72:ee:15:c7:b8:2e:
         7a:cf:10:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWkzFreydpBAS6tPTvKY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNWM0N2I4ZjllNDJhNDkyOGI3Njc0MzE2YTcxYWE3NmQ0
MDFlM2MwHhcNMjYwMzAyMDcwMTQyWhcNMjYwMzAzMDcwMTQyWjAzMTEwLwYDVQQD
Eyg5ZDVmODY4ZjRhZDUyNjY2MzBmZmRkYWFlODViMTMxZDkyOWQwY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxTZDHpvID4fuktGvO0Y0JyCV/Ab
OPz+IlRJE1ryZ2oepkSC2vgvC6A+FKMR0bhx1ZlmrBu0AS/CFQANaBaDvXqynQnI
hm0K1Jh7BfY+kAVUCNv1LA5qe4zggrgBN5qtkv7wAIGM6YuQGYOEyO88TtayPjLl
zfJ6aTYbJSOYQN9H1LLOFqqqjwyd4QAFGou/USGA0YAN5Jl7VYz08JnIMgx106BE
DEG7sTfqBhFzfgHaXNv9tGzlwdP5n1VHNoaD3jscy/Ijh2RbLVevWmZGz6kASp+M
cKD3hdsFzhclwPpGEDoU3jYggS+1O4hJrlOu+nxx6G82lMMFYtbl/lEqFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1fho9K1SZmMP/dquhbEx2SnQzbMB8GA1UdIwQY
MBaAFLxcR7j55CpJKLdnQxanGqdtQB48MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUt
N2ExOGMxNzkwNzZkLzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mZDg3NjItNDdiYy00NTExLTkzYTUtN2ExOGMxNzkwNzZk
LzEvdkZ4SHVQbmtLa2tvdDJkREZxY2FwMjFBSGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeyO8kJHI
E832MZF//XnPWeifAaNJMQBNZkgnjc2sG/b+nlg7DyoEIui9OA2RpNR0yJAbxITw
iR83WCZH8uYc88Zy6KltSmv7rzVpuuTtavoVqpKiJxnYP0wvlizEHrqXidxi23ON
8JTLb7VLHmbJQpVY1tkRZ+i8mpIaeXnUhOswYq1qWR5HEr8HOfVeUxYGO9fzEErO
3fDS6be36USCl25dIuBMGmN8zd1c5IxptPjJRP5C6zlZ30sisCwzXjWvQnrydAzn
tPMj01xnUhgAslJGP1Z/PvulgqIFun9ycW5O1Fm4afWzuG/M4pNOSoIPWkTnZLTe
cu4Vx7gues8QAQ==
-----END CERTIFICATE-----