Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft
File:                     g2elJH2fTpT3vVcc8T01q0iwHSQ.mft (raw, json)
Hash identifier:          Coiq9PIJbxRZfqypddheUCoWrVAf/+4nampNuOXsU7U=
Subject key identifier:   15:63:4A:A9:B0:08:CD:30:2D:4F:B1:79:68:A6:A3:A5:91:C2:34:4F
Authority key identifier: 83:67:A5:24:7D:9F:4E:94:F7:BD:57:1C:F1:3D:35:AB:48:B0:1D:24
Certificate issuer:       /CN=8367a5247d9f4e94f7bd571cf13d35ab48b01d24
Certificate serial:       019CAC46B1C8EDF023DF9352DC8C8B9B1264
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g2elJH2fTpT3vVcc8T01q0iwHSQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft
Manifest number:          07D5
Signing time:             Mon 02 Mar 2026 02:00:40 +0000
Manifest this update:     Mon 02 Mar 2026 02:00:40 +0000
Manifest next update:     Tue 03 Mar 2026 02:00:40 +0000
Files and hashes:         1: g2elJH2fTpT3vVcc8T01q0iwHSQ.crl (hash: 21cy9fbzHq2iGLEo0+L73zeUvPDvIjRjo8IMAc/IwfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g2elJH2fTpT3vVcc8T01q0iwHSQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 02:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:46:b1:c8:ed:f0:23:df:93:52:dc:8c:8b:9b:12:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8367a5247d9f4e94f7bd571cf13d35ab48b01d24
        Validity
            Not Before: Mar  2 02:00:40 2026 GMT
            Not After : Mar  3 02:00:40 2026 GMT
        Subject: CN=15634aa9b008cd302d4fb17968a6a3a591c2344f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d6:3e:7d:ae:68:cf:00:d3:cf:04:66:26:9b:
                    16:72:b2:fd:dd:3c:0b:4f:1c:0f:fe:00:90:b6:9b:
                    38:8c:48:03:4a:43:7c:4e:40:f4:6a:f0:f9:36:a8:
                    27:6a:53:64:0b:7e:85:ff:7d:51:16:d5:ad:81:e0:
                    0c:c2:57:63:96:0f:94:b5:8e:f5:bd:98:10:47:d3:
                    ac:c1:11:9a:ad:3b:7f:44:5c:82:8a:fd:38:ad:d1:
                    4d:b9:26:02:54:6a:ec:b3:76:b1:8d:94:62:5f:a8:
                    79:e9:44:30:52:34:ca:3b:df:1b:14:8e:9e:7d:fd:
                    0c:7a:0d:57:38:65:b1:3e:f7:f1:e9:5c:5e:31:da:
                    52:99:76:e7:7c:01:ba:86:e5:20:54:38:09:9a:3f:
                    49:86:4b:72:a2:ed:ec:14:9e:58:a1:a4:48:22:6d:
                    56:81:d1:42:7b:0b:7c:6d:e1:11:e0:1b:85:20:ea:
                    a0:36:f7:00:c6:dc:bf:2e:c4:67:f1:20:ab:28:09:
                    70:c0:06:e7:f6:55:a7:d9:d9:eb:9f:0a:90:08:ad:
                    63:93:ad:b9:a0:ce:c3:d6:2f:fe:ee:02:2e:b8:d8:
                    93:8d:c0:b1:f7:8e:04:52:e7:33:15:6c:5c:22:41:
                    b2:d6:7f:a4:47:70:ad:23:a5:6b:58:8d:ce:4c:7c:
                    35:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:63:4A:A9:B0:08:CD:30:2D:4F:B1:79:68:A6:A3:A5:91:C2:34:4F
            X509v3 Authority Key Identifier:
                keyid:83:67:A5:24:7D:9F:4E:94:F7:BD:57:1C:F1:3D:35:AB:48:B0:1D:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2elJH2fTpT3vVcc8T01q0iwHSQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f8be9b-58f0-4544-b23f-6354ef0771c9/1/g2elJH2fTpT3vVcc8T01q0iwHSQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:7f:ad:f0:a2:d9:38:39:e5:4d:89:9e:f3:88:67:ae:d4:2a:
         6a:30:43:ba:05:10:ae:80:80:a0:44:92:0a:4d:b5:a2:88:c0:
         1d:1d:ba:9b:09:46:4a:85:4d:c4:a9:05:99:a9:82:7c:d8:4e:
         2b:0d:f0:84:b8:b4:5a:1d:a0:7b:82:c1:07:b2:21:e7:52:af:
         ab:32:59:ef:61:e8:c7:4a:b0:ae:38:c3:25:c2:c8:a3:cd:93:
         c1:80:cc:f7:7d:24:52:80:3e:50:0e:e5:0e:79:d8:3f:92:88:
         2b:7c:56:75:5d:15:53:a5:35:9e:d4:ea:79:ce:d1:3e:ea:06:
         3e:98:d9:8c:c1:54:3f:55:8d:b1:15:16:91:65:91:8e:bc:6b:
         e7:8a:09:91:05:91:81:57:b8:0b:51:8a:18:21:6f:85:11:60:
         07:21:16:74:c9:c9:20:1b:e5:54:b5:34:44:4c:34:af:1f:07:
         f5:86:ad:e9:31:f1:e6:d8:eb:41:c3:6d:12:fc:a6:c4:e4:54:
         cf:be:42:8f:26:0a:d0:e7:3b:b6:82:24:26:ed:74:7d:44:20:
         66:77:db:e1:b8:40:a4:35:ab:52:73:e0:b1:46:eb:22:ea:2a:
         fa:48:9b:45:0e:94:a9:aa:6d:60:c7:48:81:63:4c:03:9d:e8:
         b8:08:41:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysRrHI7fAj35NS3IyLmxJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjdhNTI0N2Q5ZjRlOTRmN2JkNTcxY2YxM2QzNWFiNDhi
MDFkMjQwHhcNMjYwMzAyMDIwMDQwWhcNMjYwMzAzMDIwMDQwWjAzMTEwLwYDVQQD
EygxNTYzNGFhOWIwMDhjZDMwMmQ0ZmIxNzk2OGE2YTNhNTkxYzIzNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdY+fa5ozwDTzwRmJpsWcrL93TwL
TxwP/gCQtps4jEgDSkN8TkD0avD5NqgnalNkC36F/31RFtWtgeAMwldjlg+UtY71
vZgQR9OswRGarTt/RFyCiv04rdFNuSYCVGrss3axjZRiX6h56UQwUjTKO98bFI6e
ff0Meg1XOGWxPvfx6VxeMdpSmXbnfAG6huUgVDgJmj9Jhktyou3sFJ5YoaRIIm1W
gdFCewt8beER4BuFIOqgNvcAxty/LsRn8SCrKAlwwAbn9lWn2dnrnwqQCK1jk625
oM7D1i/+7gIuuNiTjcCx944EUuczFWxcIkGy1n+kR3CtI6VrWI3OTHw1LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVjSqmwCM0wLU+xeWimo6WRwjRPMB8GA1UdIwQY
MBaAFINnpSR9n06U971XHPE9NatIsB0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJlbEpIMmZUcFQzdlZjYzhUMDFxMGl3SFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mOGJlOWItNThmMC00NTQ0LWIyM2Yt
NjM1NGVmMDc3MWM5LzEvZzJlbEpIMmZUcFQzdlZjYzhUMDFxMGl3SFNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mOGJlOWItNThmMC00NTQ0LWIyM2YtNjM1NGVmMDc3MWM5
LzEvZzJlbEpIMmZUcFQzdlZjYzhUMDFxMGl3SFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVn+t8KLZ
ODnlTYme84hnrtQqajBDugUQroCAoESSCk21oojAHR26mwlGSoVNxKkFmamCfNhO
Kw3whLi0Wh2ge4LBB7Ih51KvqzJZ72Hox0qwrjjDJcLIo82TwYDM930kUoA+UA7l
DnnYP5KIK3xWdV0VU6U1ntTqec7RPuoGPpjZjMFUP1WNsRUWkWWRjrxr54oJkQWR
gVe4C1GKGCFvhRFgByEWdMnJIBvlVLU0REw0rx8H9Yat6THx5tjrQcNtEvymxORU
z75CjyYK0Oc7toIkJu10fUQgZnfb4bhApDWrUnPgsUbrIuoq+kibRQ6UqaptYMdI
gWNMA53ouAhBcA==
-----END CERTIFICATE-----