Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          nbL5mQnze4cJzKDnoueyMJfGvyCjXkiOBMgsAGvAtvw=
Subject key identifier:   AE:F3:97:E5:0A:F5:AC:52:BF:C2:76:B8:44:5C:F6:DC:30:9D:70:BA
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       019CAC1018771AB0289782D7B5FEBB5C00E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1843
Signing time:             Mon 02 Mar 2026 01:01:01 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:01 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:01 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: 8pbPflgMkWNzm2St30ZjFWxvaXgqy/1nXC7U4qIJMw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:18:77:1a:b0:28:97:82:d7:b5:fe:bb:5c:00:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Mar  2 01:01:01 2026 GMT
            Not After : Mar  3 01:01:01 2026 GMT
        Subject: CN=aef397e50af5ac52bfc276b8445cf6dc309d70ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:11:a2:f6:68:c9:c7:be:41:0d:f4:aa:6d:3c:
                    97:b3:01:45:3f:bb:b0:25:9e:a8:84:e3:fa:d7:df:
                    0c:0b:9f:61:91:19:8d:65:c0:12:e9:e9:32:3b:21:
                    31:02:ea:97:6a:6c:7d:c8:49:f3:b0:65:51:60:a3:
                    14:14:9c:7a:94:80:f7:f7:15:e4:66:7a:af:31:fe:
                    12:d0:b4:cb:b7:c4:d9:71:9a:93:48:3c:b9:03:ed:
                    e6:cc:a3:be:73:d5:19:f6:5d:ad:62:cc:62:98:b2:
                    ab:06:ff:4a:d9:16:6e:02:38:b1:c1:83:08:e5:92:
                    c1:6b:cf:95:f0:47:29:aa:69:de:14:c7:49:1d:b1:
                    0f:a4:b9:10:75:56:95:af:c2:5d:95:3e:9a:fb:18:
                    19:a5:5f:c1:75:02:40:8f:a6:e4:4e:00:a0:5d:a6:
                    08:f5:93:3d:60:e1:e1:84:45:76:c6:99:2f:ce:56:
                    cc:fb:f9:61:77:21:85:bb:dc:d7:a6:97:fa:0b:5e:
                    e5:a3:8b:9b:7c:69:2e:ad:f9:0b:a5:44:6a:ea:19:
                    61:f5:4d:f6:ae:77:f7:04:9c:79:d1:e4:19:8c:48:
                    3c:ed:7f:1a:93:0a:86:fe:7b:d3:fa:29:84:91:2e:
                    ac:57:c6:e6:22:55:ab:dc:bd:a2:f3:36:1d:83:e9:
                    85:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:F3:97:E5:0A:F5:AC:52:BF:C2:76:B8:44:5C:F6:DC:30:9D:70:BA
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:8d:97:95:15:ed:6f:e9:c0:91:54:39:05:b2:4b:d9:22:40:
         e4:66:d1:30:81:83:36:65:64:a2:21:18:e5:c6:1a:2a:db:95:
         89:07:04:7c:b0:ea:8e:d5:3b:6f:59:59:3e:d9:c8:2b:e8:f6:
         7c:87:47:30:27:54:12:83:2c:cd:d3:46:6d:8b:e1:6a:dd:08:
         1a:52:db:cb:b4:63:cf:cb:23:44:4f:66:ec:69:30:2a:08:b9:
         92:dd:7a:83:14:ed:b0:c8:bb:15:e3:00:d3:a4:21:e9:04:65:
         ef:fd:8d:38:cf:22:08:d0:76:c4:fc:b3:71:29:e0:30:45:e7:
         01:3b:50:6b:07:49:c7:1b:d9:2d:09:92:1a:96:85:97:78:ce:
         8e:36:17:39:dc:ea:46:1c:05:8a:39:41:73:78:0d:51:48:0e:
         7e:eb:d3:36:65:52:c4:1a:7a:1b:3b:23:a9:10:a9:c8:3a:c7:
         8d:3a:b5:5c:cd:73:7f:0f:c6:ce:63:86:d4:e6:9e:6c:a8:6e:
         33:a8:83:3f:ad:a3:9d:28:3c:19:73:17:76:eb:fd:b6:35:aa:
         0c:2b:82:1b:f7:63:76:b6:dd:c8:50:1a:0c:23:39:72:0d:14:
         f3:74:c8:7b:90:e5:fd:c0:ef:11:9a:58:19:79:e6:eb:fe:80:
         28:50:57:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysEBh3GrAol4LXtf67XADiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjYwMzAyMDEwMTAxWhcNMjYwMzAzMDEwMTAxWjAzMTEwLwYDVQQD
EyhhZWYzOTdlNTBhZjVhYzUyYmZjMjc2Yjg0NDVjZjZkYzMwOWQ3MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRGi9mjJx75BDfSqbTyXswFFP7uw
JZ6ohOP6198MC59hkRmNZcAS6ekyOyExAuqXamx9yEnzsGVRYKMUFJx6lID39xXk
ZnqvMf4S0LTLt8TZcZqTSDy5A+3mzKO+c9UZ9l2tYsximLKrBv9K2RZuAjixwYMI
5ZLBa8+V8EcpqmneFMdJHbEPpLkQdVaVr8JdlT6a+xgZpV/BdQJAj6bkTgCgXaYI
9ZM9YOHhhEV2xpkvzlbM+/lhdyGFu9zXppf6C17lo4ubfGkurfkLpURq6hlh9U32
rnf3BJx50eQZjEg87X8akwqG/nvT+imEkS6sV8bmIlWr3L2i8zYdg+mF1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7zl+UK9axSv8J2uERc9twwnXC6MB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWY2XlRXt
b+nAkVQ5BbJL2SJA5GbRMIGDNmVkoiEY5cYaKtuViQcEfLDqjtU7b1lZPtnIK+j2
fIdHMCdUEoMszdNGbYvhat0IGlLby7Rjz8sjRE9m7GkwKgi5kt16gxTtsMi7FeMA
06Qh6QRl7/2NOM8iCNB2xPyzcSngMEXnATtQawdJxxvZLQmSGpaFl3jOjjYXOdzq
RhwFijlBc3gNUUgOfuvTNmVSxBp6GzsjqRCpyDrHjTq1XM1zfw/GzmOG1OaebKhu
M6iDP62jnSg8GXMXduv9tjWqDCuCG/djdrbdyFAaDCM5cg0U83TIe5Dl/cDvEZpY
GXnm6/6AKFBXIw==
-----END CERTIFICATE-----