Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          +5ocXrBCUGksaiy6+qTdcvF8WWAGiB5204Z+kwRJdus=
Subject key identifier:   82:8B:9C:72:50:4E:FF:22:6B:EA:F4:50:D2:40:96:40:A5:18:C5:02
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       019CA9EB1435BC71ED902424F939D999BE69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          0EEA
Signing time:             Sun 01 Mar 2026 15:01:21 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:21 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:21 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: x1IvGJOop01MHrZ9jhmeDHhmPNZ4JC/fzZkI7kR/tV4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:eb:14:35:bc:71:ed:90:24:24:f9:39:d9:99:be:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: Mar  1 15:01:21 2026 GMT
            Not After : Mar  2 15:01:21 2026 GMT
        Subject: CN=828b9c72504eff226beaf450d2409640a518c502
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ee:25:14:14:0c:82:2d:08:18:c1:97:95:82:
                    63:3c:28:03:05:30:b1:9c:04:8a:51:e8:87:62:2b:
                    0e:6b:08:68:62:42:6a:84:b0:4b:ea:14:a9:0a:3b:
                    7e:29:a1:c6:0f:a1:30:e3:b8:24:93:28:01:da:ff:
                    64:06:ee:a0:20:96:fc:b9:10:c8:9e:4d:ac:6a:cc:
                    a0:b9:ba:94:4f:22:47:32:b2:91:c5:66:34:6a:5e:
                    53:92:e5:25:c0:57:25:c5:5f:52:4a:3b:52:ac:b0:
                    ec:17:f0:c4:ef:54:2a:90:ba:c1:8f:36:a7:52:0c:
                    f4:99:d6:80:6a:79:33:7b:24:43:1d:13:53:68:eb:
                    dd:64:59:9b:f2:d1:64:d9:4b:ce:cf:9d:71:37:f4:
                    2f:c4:4a:46:44:c2:a7:34:b6:85:f5:83:be:40:72:
                    65:3d:31:44:04:61:90:f8:00:60:54:7f:e8:7a:51:
                    97:76:24:24:cc:46:b5:c8:a5:00:79:dd:cd:c7:08:
                    73:a4:57:c5:4a:e0:0b:14:93:1e:05:1d:7e:9b:a1:
                    d6:85:b9:79:1b:d6:70:7a:ad:c7:f4:54:26:06:6b:
                    d1:3c:ed:98:0f:50:78:11:d3:7d:a1:12:fd:cf:fb:
                    55:4e:8f:ce:20:96:a0:d3:4a:68:48:a2:c6:ab:83:
                    95:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:8B:9C:72:50:4E:FF:22:6B:EA:F4:50:D2:40:96:40:A5:18:C5:02
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:05:b8:72:5e:fa:3c:e4:a0:b3:16:03:ea:18:71:cb:37:1e:
         c9:14:ab:16:b1:d5:ce:78:e7:8b:05:53:17:fc:20:0c:ae:3a:
         78:5b:6e:89:88:25:10:05:02:88:d9:38:a1:47:eb:5b:35:a8:
         a6:36:2d:f7:97:0f:eb:92:8f:0f:3c:dd:ed:f0:27:1f:50:58:
         a9:10:db:06:be:c5:96:42:06:32:17:8e:ac:ad:20:83:c8:13:
         10:87:da:4f:7d:50:56:71:d2:9e:b5:ad:c2:eb:a2:87:cb:3c:
         2c:1f:26:d6:f5:c9:57:69:48:a0:21:dd:15:ec:27:f3:db:64:
         49:5a:db:49:aa:66:f6:1a:62:8a:57:63:86:b5:8d:a6:2c:c2:
         ab:b0:1a:4e:86:28:9b:18:30:00:11:69:fb:80:56:d3:71:c8:
         0d:8a:21:6e:91:95:e0:1b:d2:74:be:37:a1:92:8d:9b:bb:27:
         7d:c8:9c:ce:bd:d9:4b:03:49:33:b3:b3:88:da:52:74:2f:73:
         d2:a8:77:d4:cd:a0:91:35:45:e7:6b:16:52:ad:ce:31:e2:43:
         34:76:df:02:8a:63:68:4e:7c:ab:7f:ef:78:ec:31:6d:83:12:
         1a:dd:fc:06:31:2c:11:76:e2:f4:25:4a:cf:43:27:08:b6:00:
         b2:d0:a1:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6xQ1vHHtkCQk+TnZmb5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjYwMzAxMTUwMTIxWhcNMjYwMzAyMTUwMTIxWjAzMTEwLwYDVQQD
Eyg4MjhiOWM3MjUwNGVmZjIyNmJlYWY0NTBkMjQwOTY0MGE1MThjNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+4lFBQMgi0IGMGXlYJjPCgDBTCx
nASKUeiHYisOawhoYkJqhLBL6hSpCjt+KaHGD6Ew47gkkygB2v9kBu6gIJb8uRDI
nk2sasygubqUTyJHMrKRxWY0al5TkuUlwFclxV9SSjtSrLDsF/DE71QqkLrBjzan
Ugz0mdaAankzeyRDHRNTaOvdZFmb8tFk2UvOz51xN/QvxEpGRMKnNLaF9YO+QHJl
PTFEBGGQ+ABgVH/oelGXdiQkzEa1yKUAed3NxwhzpFfFSuALFJMeBR1+m6HWhbl5
G9Zweq3H9FQmBmvRPO2YD1B4EdN9oRL9z/tVTo/OIJag00poSKLGq4OVvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKLnHJQTv8ia+r0UNJAlkClGMUCMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhgW4cl76
POSgsxYD6hhxyzceyRSrFrHVznjniwVTF/wgDK46eFtuiYglEAUCiNk4oUfrWzWo
pjYt95cP65KPDzzd7fAnH1BYqRDbBr7FlkIGMheOrK0gg8gTEIfaT31QVnHSnrWt
wuuih8s8LB8m1vXJV2lIoCHdFewn89tkSVrbSapm9hpiildjhrWNpizCq7AaToYo
mxgwABFp+4BW03HIDYohbpGV4BvSdL43oZKNm7snfciczr3ZSwNJM7OziNpSdC9z
0qh31M2gkTVF52sWUq3OMeJDNHbfAopjaE58q3/veOwxbYMSGt38BjEsEXbi9CVK
z0MnCLYAstChEw==
-----END CERTIFICATE-----