Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          QXeexRJXwbSGKRfa70LeKJJquyu56umrt4YODXA9Hbo=
Subject key identifier:   56:85:37:16:28:09:D4:D6:3C:D3:CF:A7:DB:D0:BC:50:1F:F3:67:AD
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       019CAF47E0B8176099ABF1F3776B51D0CF3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          1849
Signing time:             Mon 02 Mar 2026 16:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 16:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 16:00:49 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: ve2sCbemZL8XbB/4pfY32bYpuxWEOFb4cD1wx2JvNnQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 15:05:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:af:47:e0:b8:17:60:99:ab:f1:f3:77:6b:51:d0:cf:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Mar  2 16:00:49 2026 GMT
            Not After : Mar  3 16:00:49 2026 GMT
        Subject: CN=568537162809d4d63cd3cfa7dbd0bc501ff367ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:89:f2:6f:1b:37:55:6a:ec:63:73:f6:25:d1:
                    bc:45:cc:4f:d5:82:ab:d5:23:ac:d2:8d:a5:be:0e:
                    12:ef:59:2c:36:dd:f3:3f:66:54:08:5f:d1:8a:62:
                    6d:da:59:93:2b:d9:6d:8b:4e:4e:39:f9:f0:d6:16:
                    be:62:73:27:d3:66:d5:1e:5b:bf:e3:8e:f2:c1:86:
                    ed:a5:2d:a8:f8:f4:c7:85:8e:b0:b0:f5:f5:ce:bf:
                    40:f5:e6:f6:e0:92:7f:84:5f:57:62:3d:54:f3:b8:
                    31:82:d6:27:ff:db:14:4a:d3:26:ac:14:78:1a:19:
                    12:41:ff:6e:88:c6:d6:4a:60:fe:fe:45:38:a4:bb:
                    50:10:26:71:76:cd:9b:31:f5:b8:a0:03:c6:f4:6d:
                    80:69:11:ff:f1:5b:22:7a:9b:4b:aa:e0:63:6b:42:
                    5c:34:8c:06:69:df:12:92:25:a5:f5:6a:03:94:5c:
                    c5:8b:56:59:76:b1:78:9f:4a:7c:2b:46:3f:d6:42:
                    f5:22:1f:29:13:5d:61:58:2f:bc:2f:8b:0c:83:69:
                    53:6d:dd:a7:67:9c:bd:fe:60:10:1a:ec:7b:9b:e7:
                    4a:49:a5:08:b6:17:99:67:bd:5b:70:37:38:63:56:
                    62:a0:be:e7:a7:6a:76:c2:17:e0:13:c3:f4:7b:6c:
                    9a:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:85:37:16:28:09:D4:D6:3C:D3:CF:A7:DB:D0:BC:50:1F:F3:67:AD
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:30:da:3a:b4:18:34:32:5a:b2:29:42:7f:46:ad:69:a4:0c:
         90:49:bd:59:7b:1b:c9:38:51:cf:8e:64:7a:1f:7d:bb:96:c1:
         b9:26:c8:7e:71:5f:2d:b7:cf:29:d9:d3:c8:58:6b:9a:de:06:
         8e:c7:d6:da:c2:26:30:1f:6c:4c:3f:6b:a7:ad:b2:a3:2e:d2:
         88:b7:60:b6:b8:1f:15:93:d1:4f:05:b5:ae:22:85:ed:3d:00:
         16:52:bb:64:d9:eb:f3:44:aa:67:3b:bb:5d:f2:57:88:ff:3f:
         cb:c2:c2:0b:02:89:3b:a5:de:d1:e4:01:ec:c5:7e:8e:db:ef:
         59:e9:d9:34:24:58:99:ac:87:b1:d3:61:de:eb:10:ba:fa:c4:
         4f:6b:ce:62:79:2b:74:02:c5:da:05:68:ad:85:89:e4:d0:22:
         6d:27:9e:9b:79:d1:bd:4b:72:24:0b:83:7b:32:cd:e9:4a:e8:
         a0:32:b1:7d:eb:bb:3c:d8:03:e3:3a:63:6b:ca:7e:c4:38:02:
         0e:6d:74:25:54:98:fb:2c:ba:5d:18:f5:b6:1d:77:35:ce:60:
         d6:df:0d:07:1f:22:89:67:63:d1:5e:02:4b:a5:93:51:de:2f:
         ec:53:2a:e2:9c:e6:91:18:36:90:f5:b9:08:c2:be:2f:8a:50:
         6a:bd:8a:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvR+C4F2CZq/Hzd2tR0M8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjYwMzAyMTYwMDQ5WhcNMjYwMzAzMTYwMDQ5WjAzMTEwLwYDVQQD
Eyg1Njg1MzcxNjI4MDlkNGQ2M2NkM2NmYTdkYmQwYmM1MDFmZjM2N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4nybxs3VWrsY3P2JdG8RcxP1YKr
1SOs0o2lvg4S71ksNt3zP2ZUCF/RimJt2lmTK9lti05OOfnw1ha+YnMn02bVHlu/
447ywYbtpS2o+PTHhY6wsPX1zr9A9eb24JJ/hF9XYj1U87gxgtYn/9sUStMmrBR4
GhkSQf9uiMbWSmD+/kU4pLtQECZxds2bMfW4oAPG9G2AaRH/8VsieptLquBja0Jc
NIwGad8SkiWl9WoDlFzFi1ZZdrF4n0p8K0Y/1kL1Ih8pE11hWC+8L4sMg2lTbd2n
Z5y9/mAQGux7m+dKSaUItheZZ71bcDc4Y1ZioL7np2p2whfgE8P0e2yaKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFaFNxYoCdTWPNPPp9vQvFAf82etMB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTDaOrQY
NDJasilCf0ataaQMkEm9WXsbyThRz45keh99u5bBuSbIfnFfLbfPKdnTyFhrmt4G
jsfW2sImMB9sTD9rp62yoy7SiLdgtrgfFZPRTwW1riKF7T0AFlK7ZNnr80SqZzu7
XfJXiP8/y8LCCwKJO6Xe0eQB7MV+jtvvWenZNCRYmayHsdNh3usQuvrET2vOYnkr
dALF2gVorYWJ5NAibSeem3nRvUtyJAuDezLN6UrooDKxfeu7PNgD4zpja8p+xDgC
Dm10JVSY+yy6XRj1th13Nc5g1t8NBx8iiWdj0V4CS6WTUd4v7FMq4pzmkRg2kPW5
CMK+L4pQar2KkQ==
-----END CERTIFICATE-----