Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
File:                     mD8bE53ySgXC5SVgUrAhJRfkc1E.mft (raw, json)
Hash identifier:          C3JO+siKZtXn6eyukRngFBy+utNrnx74048Mjwxbsv4=
Subject key identifier:   6A:9F:C6:67:9E:23:D0:0E:AC:53:CC:9A:9D:9E:72:C4:50:2A:7C:58
Authority key identifier: 98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51
Certificate issuer:       /CN=983f1b139df24a05c2e5256052b0212517e47351
Certificate serial:       019CACB4A8611DD3FDCFF29802918AFD8355
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
Manifest number:          0448
Signing time:             Mon 02 Mar 2026 04:00:46 +0000
Manifest this update:     Mon 02 Mar 2026 04:00:46 +0000
Manifest next update:     Tue 03 Mar 2026 04:00:46 +0000
Files and hashes:         1: mD8bE53ySgXC5SVgUrAhJRfkc1E.crl (hash: xZN/rTctlEUyG4/P8JJ7VHCf9n5dJ6aXruMHnXigGzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:b4:a8:61:1d:d3:fd:cf:f2:98:02:91:8a:fd:83:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=983f1b139df24a05c2e5256052b0212517e47351
        Validity
            Not Before: Mar  2 04:00:46 2026 GMT
            Not After : Mar  3 04:00:46 2026 GMT
        Subject: CN=6a9fc6679e23d00eac53cc9a9d9e72c4502a7c58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:33:f3:b1:c9:e3:9d:cb:f1:39:21:0d:65:cb:
                    b4:6b:24:4f:df:c3:74:bb:70:39:6b:bb:20:6f:01:
                    85:2a:b7:df:c1:73:9b:de:f7:20:a8:c1:82:ef:d4:
                    d8:70:3d:88:d9:71:a8:30:5f:d5:be:7c:61:48:75:
                    f7:bc:92:8c:db:7b:c7:d2:ce:25:d5:ca:da:73:3f:
                    c1:11:e1:39:29:24:ad:2f:d2:bd:93:1b:eb:78:81:
                    28:3d:b5:78:04:a6:9c:31:ec:1b:c7:a5:a3:a7:e0:
                    3a:91:42:2d:42:f6:b7:fa:1a:3b:e0:ac:1e:3c:8f:
                    85:d5:46:03:30:6d:fe:a3:1b:dd:e2:a9:ca:d8:93:
                    c3:a4:bc:06:4e:de:03:fb:af:46:f0:5e:d7:e6:7d:
                    e2:04:80:20:c4:f5:aa:2e:9f:e5:36:a9:a5:a0:4a:
                    67:8f:a7:61:2e:15:fb:87:fc:c3:be:3c:06:ea:78:
                    ab:0b:d4:a0:e0:f6:2a:6e:fd:bd:79:17:f8:82:89:
                    0f:f3:d6:ea:f2:61:e8:45:7c:da:e4:35:72:06:23:
                    b1:40:13:6b:a7:1d:6d:f9:46:3e:e2:49:e7:3b:fb:
                    e4:95:3f:b8:d7:4f:12:e8:8b:4b:9d:b4:34:4c:a4:
                    ce:50:3f:fd:a4:fb:5d:9b:16:70:2b:a5:c0:02:19:
                    dd:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:9F:C6:67:9E:23:D0:0E:AC:53:CC:9A:9D:9E:72:C4:50:2A:7C:58
            X509v3 Authority Key Identifier:
                keyid:98:3F:1B:13:9D:F2:4A:05:C2:E5:25:60:52:B0:21:25:17:E4:73:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mD8bE53ySgXC5SVgUrAhJRfkc1E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c2cc5f-25a6-42bb-a970-ef9644312ddb/1/mD8bE53ySgXC5SVgUrAhJRfkc1E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:aa:e4:b7:44:16:5d:99:03:cf:8d:59:71:4e:62:68:10:eb:
         2b:c4:20:27:0e:82:c3:d2:01:75:4d:c2:f1:db:ce:ff:20:05:
         fe:fb:ec:d3:a6:fe:17:4f:e3:e1:34:e6:50:c5:a5:b1:86:24:
         3e:8a:26:09:d6:73:78:6d:ea:d4:12:51:2c:4b:5b:10:d8:a1:
         cf:76:42:9a:e5:b0:74:c9:27:ac:08:82:8f:e0:6e:7a:05:0c:
         e6:8b:0b:f9:20:15:4d:a5:26:43:67:6d:4b:34:dd:f7:63:c7:
         cb:cc:97:b8:48:d6:80:90:90:85:3f:22:58:20:cb:1a:8b:b7:
         79:56:14:00:e9:11:13:9e:07:64:de:33:5e:a2:67:03:e9:7b:
         ff:6c:d4:74:f6:1a:78:61:d3:eb:3e:fc:fc:3c:94:86:d8:cc:
         4f:a3:cc:19:e3:7d:52:ca:60:8a:2c:14:27:87:fe:aa:e5:0b:
         d2:b5:49:08:12:62:78:06:db:84:66:6a:f5:c4:28:0f:3e:e7:
         7d:48:c9:31:2b:2d:c2:db:62:b8:8b:9e:88:12:93:ff:03:77:
         74:e4:19:5c:df:7f:f5:2c:62:ad:c8:6b:7c:df:9a:53:12:89:
         55:82:e0:79:58:6c:dc:88:cf:21:8a:fd:f3:dd:8e:02:40:16:
         87:c5:45:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZystKhhHdP9z/KYApGK/YNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4M2YxYjEzOWRmMjRhMDVjMmU1MjU2MDUyYjAyMTI1MTdl
NDczNTEwHhcNMjYwMzAyMDQwMDQ2WhcNMjYwMzAzMDQwMDQ2WjAzMTEwLwYDVQQD
Eyg2YTlmYzY2NzllMjNkMDBlYWM1M2NjOWE5ZDllNzJjNDUwMmE3YzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDPzscnjncvxOSENZcu0ayRP38N0
u3A5a7sgbwGFKrffwXOb3vcgqMGC79TYcD2I2XGoMF/VvnxhSHX3vJKM23vH0s4l
1cracz/BEeE5KSStL9K9kxvreIEoPbV4BKacMewbx6Wjp+A6kUItQva3+ho74Kwe
PI+F1UYDMG3+oxvd4qnK2JPDpLwGTt4D+69G8F7X5n3iBIAgxPWqLp/lNqmloEpn
j6dhLhX7h/zDvjwG6nirC9Sg4PYqbv29eRf4gokP89bq8mHoRXza5DVyBiOxQBNr
px1t+UY+4knnO/vklT+4108S6ItLnbQ0TKTOUD/9pPtdmxZwK6XAAhndRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGqfxmeeI9AOrFPMmp2ecsRQKnxYMB8GA1UdIwQY
MBaAFJg/GxOd8koFwuUlYFKwISUX5HNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAt
ZWY5NjQ0MzEyZGRiLzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9jMmNjNWYtMjVhNi00MmJiLWE5NzAtZWY5NjQ0MzEyZGRi
LzEvbUQ4YkU1M3lTZ1hDNVNWZ1VyQWhKUmZrYzFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnKrkt0QW
XZkDz41ZcU5iaBDrK8QgJw6Cw9IBdU3C8dvO/yAF/vvs06b+F0/j4TTmUMWlsYYk
PoomCdZzeG3q1BJRLEtbENihz3ZCmuWwdMknrAiCj+BuegUM5osL+SAVTaUmQ2dt
SzTd92PHy8yXuEjWgJCQhT8iWCDLGou3eVYUAOkRE54HZN4zXqJnA+l7/2zUdPYa
eGHT6z78/DyUhtjMT6PMGeN9UspgiiwUJ4f+quUL0rVJCBJieAbbhGZq9cQoDz7n
fUjJMSstwttiuIueiBKT/wN3dOQZXN9/9SxirchrfN+aUxKJVYLgeVhs3IjPIYr9
892OAkAWh8VFqw==
-----END CERTIFICATE-----