Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          k1pFjzUOQwYc0CW4NXxJnzZwRs8YLUZ4YA5MIhOyh64=
Subject key identifier:   21:7E:69:FD:0F:7D:30:CF:51:FB:92:D1:D4:56:65:68:31:54:A1:B4
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       019CAF115CF71D77AEBBB1BA15CAE0D5C2B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          1108
Signing time:             Mon 02 Mar 2026 15:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 15:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 15:01:16 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: Vg/FDdFfWnY7bJTieQaVb+QeB8qS0Vj4U675+v1USQA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:11:5c:f7:1d:77:ae:bb:b1:ba:15:ca:e0:d5:c2:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Mar  2 15:01:16 2026 GMT
            Not After : Mar  3 15:01:16 2026 GMT
        Subject: CN=217e69fd0f7d30cf51fb92d1d45665683154a1b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:83:ce:0a:0c:a4:46:66:06:fe:62:0e:08:f8:
                    80:b6:04:0a:13:bf:31:97:4f:93:52:46:38:dc:60:
                    0c:cf:06:df:58:24:45:88:ed:e4:54:3d:09:e7:dd:
                    97:66:22:c0:93:9e:da:ef:c2:10:f0:5d:07:55:a2:
                    b5:6b:1b:5e:72:eb:86:ab:d9:84:f1:98:6e:26:35:
                    d0:7d:1c:91:01:b7:c8:55:cc:ae:98:cf:42:65:f2:
                    b0:82:3b:13:57:3c:3c:97:14:4a:f2:cd:cb:52:92:
                    98:df:8b:bd:3b:6a:d0:46:05:7e:84:0c:02:c5:01:
                    a3:c0:df:d2:23:b0:b2:4f:f8:f1:52:86:db:e5:e1:
                    46:8f:64:c9:2f:e0:1f:24:5d:4b:35:f8:0f:2c:01:
                    24:60:65:00:91:78:b0:92:d5:7e:28:94:87:3c:78:
                    68:fd:73:40:6d:aa:16:9b:e5:fd:5e:eb:65:e8:af:
                    12:85:7d:02:4f:80:5b:47:7e:3d:e4:d9:14:5f:7c:
                    93:c1:66:52:a9:76:e7:5d:5c:9b:46:4f:a0:d7:bb:
                    b4:a7:41:b6:0c:9b:fd:e8:ed:27:0e:d0:67:37:ba:
                    bb:07:33:69:83:e6:71:a9:df:37:4f:1f:43:63:83:
                    33:ef:65:ff:c0:6c:63:78:60:bf:04:d0:0e:21:bf:
                    38:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:7E:69:FD:0F:7D:30:CF:51:FB:92:D1:D4:56:65:68:31:54:A1:B4
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:45:4a:55:e0:4d:45:1d:8d:fa:68:06:30:12:74:03:7e:4a:
         46:82:ab:89:83:98:63:3c:84:7f:e2:a4:a9:63:b7:3e:ca:e8:
         70:ad:d5:df:94:58:f9:60:cc:15:38:fe:b2:9a:5e:df:c7:0d:
         ff:25:eb:13:8a:cb:8c:78:ee:df:67:b7:d4:8b:7e:f3:73:7c:
         66:67:da:93:bd:01:c8:cd:5d:8b:ec:64:58:37:79:36:50:5a:
         e6:6e:c1:16:88:05:c7:07:f8:ec:8d:04:dc:df:5f:96:11:58:
         fb:c1:48:63:0a:ac:f2:01:87:ad:e9:41:34:1a:75:f2:2c:ff:
         51:11:c4:39:50:92:55:03:ae:e2:cf:f6:bb:a2:91:45:d9:f6:
         fa:a0:7c:a2:a9:7c:48:8e:1e:55:3b:12:51:ba:83:d5:7a:39:
         19:f9:5b:64:50:3e:2e:7d:09:04:07:c8:93:f6:0e:13:f9:f4:
         58:0e:61:64:65:13:3f:77:83:a8:f7:6d:55:f1:f6:5d:2a:60:
         78:40:04:0b:86:b7:b6:1c:05:a1:1e:df:ce:2b:fc:aa:db:ff:
         e2:1e:c4:40:04:4f:24:cf:bb:8c:06:8d:de:26:99:03:ee:04:
         52:67:ef:17:8d:32:94:db:7c:a3:9c:e2:16:0f:87:6c:85:7f:
         85:46:60:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvEVz3HXeuu7G6Fcrg1cK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjYwMzAyMTUwMTE2WhcNMjYwMzAzMTUwMTE2WjAzMTEwLwYDVQQD
EygyMTdlNjlmZDBmN2QzMGNmNTFmYjkyZDFkNDU2NjU2ODMxNTRhMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYPOCgykRmYG/mIOCPiAtgQKE78x
l0+TUkY43GAMzwbfWCRFiO3kVD0J592XZiLAk57a78IQ8F0HVaK1axtecuuGq9mE
8ZhuJjXQfRyRAbfIVcyumM9CZfKwgjsTVzw8lxRK8s3LUpKY34u9O2rQRgV+hAwC
xQGjwN/SI7CyT/jxUobb5eFGj2TJL+AfJF1LNfgPLAEkYGUAkXiwktV+KJSHPHho
/XNAbaoWm+X9Xutl6K8ShX0CT4BbR3495NkUX3yTwWZSqXbnXVybRk+g17u0p0G2
DJv96O0nDtBnN7q7BzNpg+Zxqd83Tx9DY4Mz72X/wGxjeGC/BNAOIb84oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCF+af0PfTDPUfuS0dRWZWgxVKG0MB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEVKVeBN
RR2N+mgGMBJ0A35KRoKriYOYYzyEf+KkqWO3PsrocK3V35RY+WDMFTj+sppe38cN
/yXrE4rLjHju32e31It+83N8Zmfak70ByM1di+xkWDd5NlBa5m7BFogFxwf47I0E
3N9flhFY+8FIYwqs8gGHrelBNBp18iz/URHEOVCSVQOu4s/2u6KRRdn2+qB8oql8
SI4eVTsSUbqD1Xo5GflbZFA+Ln0JBAfIk/YOE/n0WA5hZGUTP3eDqPdtVfH2XSpg
eEAEC4a3thwFoR7fziv8qtv/4h7EQARPJM+7jAaN3iaZA+4EUmfvF40ylNt8o5zi
Fg+HbIV/hUZg0A==
-----END CERTIFICATE-----