Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          /qFukGNuaztUCU6IBsEHlzaBeNYP34gwKXDBzu6MR1c=
Subject key identifier:   BE:77:42:8F:64:2E:2E:A8:25:B6:C7:E7:34:C0:25:56:A1:D3:AD:A4
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       019CADFE327A5F4D35BCD6B4A2B7216A209F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          1783
Signing time:             Mon 02 Mar 2026 10:00:43 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:43 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:43 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: 1yyZBV/c0iJTwBWhRY9oiaq4WZQAh2na8eA97tVv6/I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:32:7a:5f:4d:35:bc:d6:b4:a2:b7:21:6a:20:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Mar  2 10:00:43 2026 GMT
            Not After : Mar  3 10:00:43 2026 GMT
        Subject: CN=be77428f642e2ea825b6c7e734c02556a1d3ada4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:60:8d:ee:0f:0d:bf:d6:e4:5f:ed:00:8d:23:
                    7d:ec:36:66:f7:42:8e:fc:ae:1e:f4:25:2b:b1:74:
                    4b:5c:98:ee:5a:bb:52:8d:19:2e:31:51:ba:53:9f:
                    c1:c9:ce:0c:9f:e7:3b:0c:03:1c:07:63:71:95:68:
                    ab:17:2b:4a:79:8f:87:5a:92:69:7e:ef:05:0a:f2:
                    44:4d:21:95:5f:ae:38:fe:24:96:e3:19:09:a7:60:
                    06:26:71:ea:2a:53:b1:b2:49:f8:e0:7e:79:f6:fd:
                    1c:3c:a2:94:16:b1:de:5a:fb:ed:09:57:f6:74:9b:
                    e5:2a:c0:96:41:64:95:b2:07:43:e6:e6:cb:f8:99:
                    c5:ea:ff:fb:14:20:d9:e7:a9:b8:d8:f7:b5:bb:6c:
                    c0:f9:66:8c:d8:bd:e1:6d:7c:26:c6:a6:83:1e:7b:
                    d3:34:e1:0d:58:2d:10:20:8f:b9:d5:3d:f7:be:bc:
                    e3:9f:e8:be:91:ba:ad:4d:07:40:73:10:d9:d6:1a:
                    f3:fb:fc:4b:c4:55:95:fb:85:a9:5f:23:ff:aa:38:
                    4e:0c:09:73:74:a8:4e:00:f2:a0:49:d6:34:28:84:
                    d7:d3:6b:e3:f0:b8:ff:b9:92:8e:d6:a9:a2:28:cf:
                    db:fb:28:5d:ed:bf:13:55:24:2a:b6:05:6c:dd:20:
                    b5:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:77:42:8F:64:2E:2E:A8:25:B6:C7:E7:34:C0:25:56:A1:D3:AD:A4
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:92:76:76:b7:c6:2d:9d:3d:2f:fa:20:be:be:a8:8f:fe:a2:
         cb:b7:ea:79:b6:6d:89:59:79:df:8e:19:aa:43:c2:7c:31:7d:
         15:46:39:38:8a:5a:c4:ee:f9:32:de:02:49:ed:56:c5:93:1d:
         1f:2f:af:ac:4f:dd:49:62:39:d1:2f:12:4e:c8:ae:f3:28:63:
         27:93:7f:b5:35:e8:2e:cc:10:b0:23:d0:ab:d9:68:9e:45:13:
         cf:c6:96:42:1c:2f:20:dc:bb:22:c0:8e:fb:a1:77:74:3e:c0:
         45:28:3a:af:47:cd:7a:1f:96:1d:18:b5:bf:e7:b2:88:bd:70:
         e2:75:57:0a:92:8c:e5:a1:c3:25:b7:27:ae:e6:b9:d5:26:04:
         71:c2:2d:50:e1:78:96:21:0d:8d:ee:27:3d:d6:f8:a8:22:e2:
         96:90:eb:43:c1:22:60:90:c6:02:e0:b1:cf:79:74:94:52:cb:
         46:43:dc:cf:a8:17:1b:bf:b7:34:db:0e:b3:60:80:cd:7b:cd:
         06:fc:69:9f:54:bb:ab:53:f6:68:b9:09:22:db:48:72:50:68:
         99:9a:00:87:dc:a5:29:bc:2b:53:d6:94:41:12:6e:61:ad:d6:
         5b:b1:70:5f:d8:f6:d8:a5:db:c3:36:e8:a0:5e:f1:9e:6e:2d:
         45:2d:b7:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/jJ6X001vNa0orchaiCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjYwMzAyMTAwMDQzWhcNMjYwMzAzMTAwMDQzWjAzMTEwLwYDVQQD
EyhiZTc3NDI4ZjY0MmUyZWE4MjViNmM3ZTczNGMwMjU1NmExZDNhZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWCN7g8Nv9bkX+0AjSN97DZm90KO
/K4e9CUrsXRLXJjuWrtSjRkuMVG6U5/Byc4Mn+c7DAMcB2NxlWirFytKeY+HWpJp
fu8FCvJETSGVX644/iSW4xkJp2AGJnHqKlOxskn44H559v0cPKKUFrHeWvvtCVf2
dJvlKsCWQWSVsgdD5ubL+JnF6v/7FCDZ56m42Pe1u2zA+WaM2L3hbXwmxqaDHnvT
NOENWC0QII+51T33vrzjn+i+kbqtTQdAcxDZ1hrz+/xLxFWV+4WpXyP/qjhODAlz
dKhOAPKgSdY0KITX02vj8Lj/uZKO1qmiKM/b+yhd7b8TVSQqtgVs3SC1iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL53Qo9kLi6oJbbH5zTAJVah062kMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOpJ2drfG
LZ09L/ogvr6oj/6iy7fqebZtiVl5344ZqkPCfDF9FUY5OIpaxO75Mt4CSe1WxZMd
Hy+vrE/dSWI50S8STsiu8yhjJ5N/tTXoLswQsCPQq9lonkUTz8aWQhwvINy7IsCO
+6F3dD7ARSg6r0fNeh+WHRi1v+eyiL1w4nVXCpKM5aHDJbcnrua51SYEccItUOF4
liENje4nPdb4qCLilpDrQ8EiYJDGAuCxz3l0lFLLRkPcz6gXG7+3NNsOs2CAzXvN
Bvxpn1S7q1P2aLkJIttIclBomZoAh9ylKbwrU9aUQRJuYa3WW7FwX9j22KXbwzbo
oF7xnm4tRS23aQ==
-----END CERTIFICATE-----