Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft
File:                     LKw-jWOxw6_HxsC_2p1ayBe27m0.mft (raw, json)
Hash identifier:          HmlAgG9dB6P3L5C/coIBItoMQDdcBsb1d5wvqVZBApo=
Subject key identifier:   13:8B:A7:7B:77:2A:57:F0:9F:C7:37:EB:C9:EE:F4:A8:CB:53:4B:8E
Authority key identifier: 2C:AC:3E:8D:63:B1:C3:AF:C7:C6:C0:BF:DA:9D:5A:C8:17:B6:EE:6D
Certificate issuer:       /CN=2cac3e8d63b1c3afc7c6c0bfda9d5ac817b6ee6d
Certificate serial:       019CACB4B54150F293608451B8694FAD32ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft
Manifest number:          1223
Signing time:             Mon 02 Mar 2026 04:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:49 +0000
Files and hashes:         1: LKw-jWOxw6_HxsC_2p1ayBe27m0.crl (hash: WP0q8tksAeqVwoRVdviDjti0BYeoXyVnSgVnFK7B9rM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:b5:41:50:f2:93:60:84:51:b8:69:4f:ad:32:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cac3e8d63b1c3afc7c6c0bfda9d5ac817b6ee6d
        Validity
            Not Before: Mar  2 04:00:49 2026 GMT
            Not After : Mar  3 04:00:49 2026 GMT
        Subject: CN=138ba77b772a57f09fc737ebc9eef4a8cb534b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:94:22:c9:a7:43:48:74:32:6e:f2:31:e5:55:
                    cf:ec:1e:01:16:6d:a4:0b:b1:cb:52:79:55:23:95:
                    22:b4:3e:31:8d:73:92:58:49:42:c5:45:14:d2:01:
                    b5:84:4d:e4:d9:a0:c5:40:b0:fa:83:5d:3f:18:da:
                    6a:6d:44:6c:34:28:cf:3a:9d:6a:1b:f8:b4:fe:32:
                    40:ba:a8:2e:35:f0:cf:49:10:7c:96:96:a9:e1:17:
                    56:bf:e7:bc:72:67:4d:fe:a0:f7:16:05:f7:4b:7c:
                    41:bb:2c:d4:9c:61:35:e0:15:21:36:c5:7b:61:76:
                    e2:27:2f:75:38:71:ab:8b:89:ae:44:c3:2b:ca:61:
                    12:43:9b:d7:92:d6:b4:34:5b:d5:b1:3a:02:23:9d:
                    2c:69:bb:bf:5b:e7:7f:72:47:7b:17:b5:14:aa:27:
                    3e:bc:7a:0a:aa:77:68:9c:d2:5b:7d:b0:1f:3e:86:
                    f9:3e:16:5e:47:6f:df:47:1f:46:12:78:a8:c2:04:
                    93:45:be:a6:f1:a6:1f:0e:29:4a:8b:8c:f4:bc:e6:
                    80:6c:0b:60:47:d7:df:10:a6:03:ed:8e:9b:80:f2:
                    8b:ca:fe:36:3a:58:b2:eb:2f:e3:80:69:6a:13:d6:
                    dd:03:5d:79:3a:fe:6b:19:30:83:ce:66:10:c7:2b:
                    b2:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:8B:A7:7B:77:2A:57:F0:9F:C7:37:EB:C9:EE:F4:A8:CB:53:4B:8E
            X509v3 Authority Key Identifier:
                keyid:2C:AC:3E:8D:63:B1:C3:AF:C7:C6:C0:BF:DA:9D:5A:C8:17:B6:EE:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKw-jWOxw6_HxsC_2p1ayBe27m0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/17e999-e53d-48ca-980a-95ae64bd56ec/1/LKw-jWOxw6_HxsC_2p1ayBe27m0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:85:7d:14:9b:fe:b2:6e:97:e0:ac:6e:cb:4c:5c:58:e9:8c:
         91:7b:75:0f:ba:05:be:2a:c7:c9:aa:01:3d:5b:09:ba:7b:e2:
         56:0d:02:d0:ef:30:27:b0:29:f6:45:e9:50:cc:0a:bf:d1:a6:
         85:bb:b1:9c:98:09:4a:80:03:00:04:63:36:90:00:dd:2c:38:
         da:95:1f:82:c3:ff:a7:fc:1f:58:21:a1:9d:0b:e0:58:cf:c3:
         2e:08:f2:01:3f:70:d1:f5:c1:48:a8:de:48:0b:5e:e6:d2:cc:
         0b:ef:e7:90:b7:98:aa:23:d9:81:a6:d4:d5:cb:51:81:3f:24:
         00:35:4e:68:88:49:ee:b9:52:b0:55:db:bc:17:b8:c5:f1:5a:
         94:3e:a5:38:72:7a:b1:2c:d5:31:2b:1e:cc:21:d5:87:8b:59:
         ca:5d:65:6b:46:1f:09:21:d0:ad:e6:f2:a8:92:e3:d0:45:d1:
         00:98:21:db:85:65:6a:09:1c:9c:7c:93:4b:88:f0:08:8d:d3:
         b1:03:ae:23:05:8b:1e:07:34:d4:fe:27:1b:cc:ed:c0:30:fe:
         ca:9a:80:31:21:e9:e1:1c:2a:1f:e3:13:20:85:8c:6c:d4:b8:
         d4:17:2f:c9:de:10:22:e5:50:eb:70:05:ae:1f:63:ff:77:9d:
         31:a6:1b:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystLVBUPKTYIRRuGlPrTLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYWMzZThkNjNiMWMzYWZjN2M2YzBiZmRhOWQ1YWM4MTdi
NmVlNmQwHhcNMjYwMzAyMDQwMDQ5WhcNMjYwMzAzMDQwMDQ5WjAzMTEwLwYDVQQD
EygxMzhiYTc3Yjc3MmE1N2YwOWZjNzM3ZWJjOWVlZjRhOGNiNTM0YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZQiyadDSHQybvIx5VXP7B4BFm2k
C7HLUnlVI5UitD4xjXOSWElCxUUU0gG1hE3k2aDFQLD6g10/GNpqbURsNCjPOp1q
G/i0/jJAuqguNfDPSRB8lpap4RdWv+e8cmdN/qD3FgX3S3xBuyzUnGE14BUhNsV7
YXbiJy91OHGri4muRMMrymESQ5vXkta0NFvVsToCI50sabu/W+d/ckd7F7UUqic+
vHoKqndonNJbfbAfPob5PhZeR2/fRx9GEniowgSTRb6m8aYfDilKi4z0vOaAbAtg
R9ffEKYD7Y6bgPKLyv42Oliy6y/jgGlqE9bdA115Ov5rGTCDzmYQxyuyLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOLp3t3Klfwn8c368nu9KjLU0uOMB8GA1UdIwQY
MBaAFCysPo1jscOvx8bAv9qdWsgXtu5tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8xN2U5OTktZTUzZC00OGNhLTk4MGEt
OTVhZTY0YmQ1NmVjLzEvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8xN2U5OTktZTUzZC00OGNhLTk4MGEtOTVhZTY0YmQ1NmVj
LzEvTEt3LWpXT3h3Nl9IeHNDXzJwMWF5QmUyN20wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEoV9FJv+
sm6X4Kxuy0xcWOmMkXt1D7oFvirHyaoBPVsJunviVg0C0O8wJ7Ap9kXpUMwKv9Gm
hbuxnJgJSoADAARjNpAA3Sw42pUfgsP/p/wfWCGhnQvgWM/DLgjyAT9w0fXBSKje
SAte5tLMC+/nkLeYqiPZgabU1ctRgT8kADVOaIhJ7rlSsFXbvBe4xfFalD6lOHJ6
sSzVMSsezCHVh4tZyl1la0YfCSHQrebyqJLj0EXRAJgh24VlagkcnHyTS4jwCI3T
sQOuIwWLHgc01P4nG8ztwDD+ypqAMSHp4RwqH+MTIIWMbNS41Bcvyd4QIuVQ63AF
rh9j/3edMaYbWw==
-----END CERTIFICATE-----