Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
File:                     Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft (raw, json)
Hash identifier:          oDYv2Lf8ScLg1pPu2AjUCzHNfiy95G2QC/uKjvgg8gM=
Subject key identifier:   6B:52:23:68:62:18:47:EC:D9:08:98:28:56:A9:0E:30:FB:36:DA:55
Authority key identifier: 4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC
Certificate issuer:       /CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
Certificate serial:       019CAC1014BCD55424BB0C4FB1863C85AAAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
Manifest number:          1845
Signing time:             Mon 02 Mar 2026 01:01:00 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:00 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:00 +0000
Files and hashes:         1: Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl (hash: /WR6Orb8Zb60VRVWtvrEbJa6j2uqdjoiJYRzvkkhJMQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:14:bc:d5:54:24:bb:0c:4f:b1:86:3c:85:aa:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a1ed4bf502c0f2d8bc87026c18ac9859b0f1dec
        Validity
            Not Before: Mar  2 01:01:00 2026 GMT
            Not After : Mar  3 01:01:00 2026 GMT
        Subject: CN=6b522368621847ecd908982856a90e30fb36da55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:01:27:c0:c6:17:79:da:74:3b:9f:83:25:db:
                    58:86:45:ac:e9:84:a9:ed:6d:3b:81:f8:d2:e9:70:
                    c0:93:dc:ef:49:1f:e0:0c:2c:5b:ad:68:77:5f:de:
                    e1:fa:e1:b3:e1:de:7b:eb:f1:45:b5:cc:21:90:ca:
                    c4:6f:f7:00:f5:86:82:28:3c:97:0a:b0:97:11:79:
                    8f:da:46:68:93:60:1b:8a:5d:31:80:cb:98:e9:8a:
                    68:50:e7:a9:f6:85:de:17:82:6a:ef:98:a9:08:a3:
                    cb:61:2a:b2:2d:e4:0c:d4:13:8f:d6:14:47:cf:21:
                    56:4f:48:57:72:b5:c9:45:3a:3a:6e:c7:f8:7a:0d:
                    35:d7:e1:14:90:21:cf:e0:5f:ed:5a:32:1d:94:17:
                    70:a6:d8:0f:d4:7f:48:83:59:f3:98:73:53:41:4f:
                    d4:33:f9:20:bc:eb:ab:74:7f:f0:d5:23:93:e8:a1:
                    1f:54:e4:d0:50:8b:66:57:b2:d2:f8:5a:7a:11:1f:
                    90:68:74:d4:5c:ad:7b:5f:bb:86:3d:b0:b4:d5:4a:
                    8e:7c:b5:c3:f4:84:be:7f:83:ad:86:8a:08:ab:d1:
                    ab:df:e2:78:28:65:03:3d:d8:10:5b:3d:c8:e7:3b:
                    58:9c:b4:a2:5c:a0:a3:41:8a:23:91:4e:32:6b:9c:
                    c0:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:52:23:68:62:18:47:EC:D9:08:98:28:56:A9:0E:30:FB:36:DA:55
            X509v3 Authority Key Identifier:
                keyid:4A:1E:D4:BF:50:2C:0F:2D:8B:C8:70:26:C1:8A:C9:85:9B:0F:1D:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/97c916-81b1-4b3a-9fee-356a19f55506/1/Sh7Uv1AsDy2LyHAmwYrJhZsPHew.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:6f:a3:0a:f9:ea:ec:45:7e:27:26:74:da:e7:0a:e9:db:0c:
         3b:f0:30:fb:65:f1:76:45:fc:0b:2e:8f:4f:54:21:13:6e:d5:
         9b:1e:6a:c0:1f:51:41:17:a9:48:52:84:2f:fa:91:07:c2:61:
         fb:a2:c7:37:ac:9d:32:c5:29:dc:1c:9b:61:d4:b3:a7:b7:c1:
         6a:fb:2f:e7:b6:c5:e0:60:b7:4a:9c:5e:d0:82:fa:03:06:db:
         9f:0d:1c:31:d2:06:54:fa:f9:87:ca:df:10:49:65:d5:29:9e:
         9d:53:08:3d:7d:60:57:e4:93:47:ec:6d:9b:d0:01:7d:a5:49:
         60:d1:89:04:1a:bc:de:d7:5e:ff:28:6d:84:85:6b:16:cc:fc:
         1a:61:95:0f:63:df:8e:e4:75:93:b1:49:0a:09:ec:5e:c9:a1:
         d8:e8:06:7a:d0:2e:9e:79:30:f1:65:00:42:02:96:bd:c7:66:
         ad:3d:87:14:e8:6e:77:02:7b:fe:72:5e:1b:84:86:15:78:27:
         93:a8:2b:82:cc:76:da:22:36:7d:08:c4:f2:3d:1c:79:ce:10:
         be:9e:7b:28:f8:1e:c0:ae:9e:60:ce:17:70:b9:b1:08:a2:17:
         73:6c:33:c2:c0:30:04:5b:83:70:78:c4:10:23:16:f0:a1:2c:
         2f:99:d0:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEBS81VQkuwxPsYY8haqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMWVkNGJmNTAyYzBmMmQ4YmM4NzAyNmMxOGFjOTg1OWIw
ZjFkZWMwHhcNMjYwMzAyMDEwMTAwWhcNMjYwMzAzMDEwMTAwWjAzMTEwLwYDVQQD
Eyg2YjUyMjM2ODYyMTg0N2VjZDkwODk4Mjg1NmE5MGUzMGZiMzZkYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQEnwMYXedp0O5+DJdtYhkWs6YSp
7W07gfjS6XDAk9zvSR/gDCxbrWh3X97h+uGz4d576/FFtcwhkMrEb/cA9YaCKDyX
CrCXEXmP2kZok2Abil0xgMuY6YpoUOep9oXeF4Jq75ipCKPLYSqyLeQM1BOP1hRH
zyFWT0hXcrXJRTo6bsf4eg011+EUkCHP4F/tWjIdlBdwptgP1H9Ig1nzmHNTQU/U
M/kgvOurdH/w1SOT6KEfVOTQUItmV7LS+Fp6ER+QaHTUXK17X7uGPbC01UqOfLXD
9IS+f4OthooIq9Gr3+J4KGUDPdgQWz3I5ztYnLSiXKCjQYojkU4ya5zAVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtSI2hiGEfs2QiYKFapDjD7NtpVMB8GA1UdIwQY
MBaAFEoe1L9QLA8ti8hwJsGKyYWbDx3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUt
MzU2YTE5ZjU1NTA2LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85N2M5MTYtODFiMS00YjNhLTlmZWUtMzU2YTE5ZjU1NTA2
LzEvU2g3VXYxQXNEeTJMeUhBbXdZckpoWnNQSGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2+jCvnq
7EV+JyZ02ucK6dsMO/Aw+2XxdkX8Cy6PT1QhE27Vmx5qwB9RQRepSFKEL/qRB8Jh
+6LHN6ydMsUp3BybYdSzp7fBavsv57bF4GC3Spxe0IL6Awbbnw0cMdIGVPr5h8rf
EEll1SmenVMIPX1gV+STR+xtm9ABfaVJYNGJBBq83tde/yhthIVrFsz8GmGVD2Pf
juR1k7FJCgnsXsmh2OgGetAunnkw8WUAQgKWvcdmrT2HFOhudwJ7/nJeG4SGFXgn
k6grgsx22iI2fQjE8j0cec4Qvp57KPgewK6eYM4XcLmxCKIXc2wzwsAwBFuDcHjE
ECMW8KEsL5nQYg==
-----END CERTIFICATE-----