Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
File:                     0NxXC8HJZLq37VbGc6pAUY-FRXg.mft (raw, json)
Hash identifier:          Vf4ltU8Ll4evfyhxQf376o6Mp4x7Nu5d9j085S3fjHY=
Subject key identifier:   5B:70:D6:07:81:7E:8A:98:B0:29:4E:73:1E:33:8A:08:2F:98:19:64
Authority key identifier: D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78
Certificate issuer:       /CN=d0dc570bc1c964bab7ed56c673aa40518f854578
Certificate serial:       019CAD5A51472FE2A2EBBE0F4DB6E7C410C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
Manifest number:          1845
Signing time:             Mon 02 Mar 2026 07:01:43 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:43 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:43 +0000
Files and hashes:         1: 0NxXC8HJZLq37VbGc6pAUY-FRXg.crl (hash: TmA2bcUa7hUMCcDpQWlsCeotblg9QpzospriNN8qsgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:51:47:2f:e2:a2:eb:be:0f:4d:b6:e7:c4:10:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0dc570bc1c964bab7ed56c673aa40518f854578
        Validity
            Not Before: Mar  2 07:01:43 2026 GMT
            Not After : Mar  3 07:01:43 2026 GMT
        Subject: CN=5b70d607817e8a98b0294e731e338a082f981964
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:e1:be:09:19:dd:c0:d7:04:44:cc:40:4b:10:
                    94:f7:6e:16:d3:61:73:e5:3f:ad:ec:12:3e:1c:e6:
                    00:09:7d:68:ed:27:43:d3:07:e7:6f:8a:bb:14:2a:
                    99:6b:3d:bc:18:c3:73:94:93:ce:65:ca:0a:97:b7:
                    03:5c:1e:46:1b:71:23:b7:ef:3c:b7:d9:50:20:4a:
                    cd:ee:f5:6f:1c:2f:8d:0a:27:5a:f0:29:fd:53:eb:
                    71:9f:2a:63:98:08:40:30:c1:a3:34:1a:96:60:35:
                    d1:96:f5:14:83:bf:e7:c5:fa:3f:9b:c8:e8:97:52:
                    1f:9f:36:07:42:d2:6a:ac:af:22:df:60:b2:65:5b:
                    eb:84:57:c6:4e:b2:10:3d:2e:a9:0d:28:58:37:57:
                    77:c8:d2:94:2f:ce:bf:52:38:45:da:44:53:e5:9b:
                    d9:9e:aa:cb:46:b4:78:d6:32:66:4e:94:07:9e:56:
                    07:0c:cf:8d:61:6b:96:e2:21:99:59:2a:bc:4c:db:
                    fe:8c:db:20:cd:b7:70:3d:33:3a:a4:93:77:1c:a6:
                    d6:22:c7:90:3c:5b:1b:19:ef:09:09:3d:82:b5:b9:
                    34:ac:c7:6c:44:5b:ea:62:f4:7e:15:ff:4c:cc:ef:
                    ff:23:3b:3a:bd:6d:78:07:ec:62:e3:3e:d2:fd:de:
                    70:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:70:D6:07:81:7E:8A:98:B0:29:4E:73:1E:33:8A:08:2F:98:19:64
            X509v3 Authority Key Identifier:
                keyid:D0:DC:57:0B:C1:C9:64:BA:B7:ED:56:C6:73:AA:40:51:8F:85:45:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0NxXC8HJZLq37VbGc6pAUY-FRXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/47d692-dd40-4bf2-893f-d38dd0b78909/1/0NxXC8HJZLq37VbGc6pAUY-FRXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ce:a3:8c:a0:8d:e5:8f:b4:2e:72:68:c8:d3:0b:8d:b3:dc:
         c2:12:a1:90:e4:e3:7f:4d:a6:5d:13:c0:5c:52:65:7b:6e:a9:
         63:db:dd:cc:db:42:89:49:f2:28:e8:06:1c:58:45:b4:1e:d7:
         97:2f:5b:51:43:62:3a:7f:54:3b:4e:b2:f1:b0:e5:df:3b:f5:
         56:5a:b0:98:89:58:cf:c3:dd:16:ab:71:11:30:54:c9:24:9e:
         6c:7f:8b:a1:3c:4d:f5:6a:fa:4f:c1:77:40:f6:9a:a7:07:16:
         5f:5f:c5:71:bd:76:a8:f1:6c:e6:13:b6:01:05:0c:12:50:34:
         97:4e:be:c5:25:b8:6c:7c:05:cf:ee:c3:b8:9d:80:c0:04:42:
         bd:ad:9d:f2:1e:ab:35:3e:31:12:73:14:d3:26:e1:ba:b6:2d:
         44:e4:d4:77:7e:e9:ba:6b:f9:f0:d0:12:03:c7:b5:e3:d8:99:
         4c:17:e7:38:1c:b2:b6:cc:f3:1a:97:18:4a:04:b3:e0:62:2a:
         96:8e:95:98:35:bf:8b:c0:66:63:0c:c0:5e:f8:68:bd:2e:7e:
         c7:cd:2b:9a:a5:d4:27:39:3a:85:49:a5:53:55:4b:09:2c:11:
         ed:36:26:c1:f7:96:29:39:94:15:12:eb:12:cc:9f:22:c0:a2:
         d1:ad:66:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWlFHL+Ki674PTbbnxBDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZGM1NzBiYzFjOTY0YmFiN2VkNTZjNjczYWE0MDUxOGY4
NTQ1NzgwHhcNMjYwMzAyMDcwMTQzWhcNMjYwMzAzMDcwMTQzWjAzMTEwLwYDVQQD
Eyg1YjcwZDYwNzgxN2U4YTk4YjAyOTRlNzMxZTMzOGEwODJmOTgxOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+G+CRndwNcERMxASxCU924W02Fz
5T+t7BI+HOYACX1o7SdD0wfnb4q7FCqZaz28GMNzlJPOZcoKl7cDXB5GG3Ejt+88
t9lQIErN7vVvHC+NCida8Cn9U+txnypjmAhAMMGjNBqWYDXRlvUUg7/nxfo/m8jo
l1IfnzYHQtJqrK8i32CyZVvrhFfGTrIQPS6pDShYN1d3yNKUL86/UjhF2kRT5ZvZ
nqrLRrR41jJmTpQHnlYHDM+NYWuW4iGZWSq8TNv+jNsgzbdwPTM6pJN3HKbWIseQ
PFsbGe8JCT2Ctbk0rMdsRFvqYvR+Ff9MzO//Izs6vW14B+xi4z7S/d5wXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtw1geBfoqYsClOcx4ziggvmBlkMB8GA1UdIwQY
MBaAFNDcVwvByWS6t+1WxnOqQFGPhUV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2Yt
ZDM4ZGQwYjc4OTA5LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80N2Q2OTItZGQ0MC00YmYyLTg5M2YtZDM4ZGQwYjc4OTA5
LzEvME54WEM4SEpaTHEzN1ZiR2M2cEFVWS1GUlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZc6jjKCN
5Y+0LnJoyNMLjbPcwhKhkOTjf02mXRPAXFJle26pY9vdzNtCiUnyKOgGHFhFtB7X
ly9bUUNiOn9UO06y8bDl3zv1VlqwmIlYz8PdFqtxETBUySSebH+LoTxN9Wr6T8F3
QPaapwcWX1/Fcb12qPFs5hO2AQUMElA0l06+xSW4bHwFz+7DuJ2AwARCva2d8h6r
NT4xEnMU0ybhurYtROTUd37pumv58NASA8e149iZTBfnOByytszzGpcYSgSz4GIq
lo6VmDW/i8BmYwzAXvhovS5+x80rmqXUJzk6hUmlU1VLCSwR7TYmwfeWKTmUFRLr
EsyfIsCi0a1mVQ==
-----END CERTIFICATE-----