Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          4GAH4yTNsg6sFT5PUNXLbUN7j5Z0fvDHqAdbPBmIwm8=
Subject key identifier:   26:FC:5A:99:9B:0C:08:00:5D:29:1C:30:86:90:D6:CD:CC:AF:5C:B8
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       019CADC7906C056E57EF2983650C3A3916F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          1844
Signing time:             Mon 02 Mar 2026 09:01:02 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:02 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:02 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: tCOUTWHJ/HlljyQ7fhjBXxi27/vZ1HEf/V94u8EvAB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:90:6c:05:6e:57:ef:29:83:65:0c:3a:39:16:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Mar  2 09:01:02 2026 GMT
            Not After : Mar  3 09:01:02 2026 GMT
        Subject: CN=26fc5a999b0c08005d291c308690d6cdccaf5cb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:db:6a:0f:ac:bb:2c:27:0e:1d:b9:ee:ac:f6:
                    32:6f:59:55:7c:8f:5f:fa:30:a0:1c:8b:b7:91:a1:
                    19:2e:61:42:d4:2a:14:78:78:a4:c3:d1:c3:64:4c:
                    68:29:2c:7a:2f:fb:bb:2e:16:0d:24:95:23:4f:1c:
                    34:7d:da:a1:11:6f:b5:0c:83:c9:9c:59:9c:06:af:
                    38:fa:6b:e3:01:f0:de:51:d9:15:68:e9:c8:4d:dc:
                    10:82:54:35:2c:c7:aa:9b:89:11:55:dd:78:8b:61:
                    77:9b:45:12:92:e9:73:c7:4f:34:15:e8:6c:5e:d7:
                    3c:57:38:91:8a:c2:39:00:7c:3f:c2:2f:bb:08:83:
                    41:e0:82:6f:cc:ad:0e:b3:d3:c0:22:ee:73:36:27:
                    f6:e0:13:74:42:47:c6:b1:4a:07:d1:c3:6a:7f:89:
                    ef:59:db:8e:b1:c5:84:c7:b8:29:1e:17:e8:b8:5e:
                    22:de:85:68:7a:7e:3f:fc:e8:7e:07:08:bc:cd:a8:
                    ea:61:76:3e:05:83:26:a4:ff:24:b9:b0:58:cb:16:
                    f6:05:62:ce:28:3b:26:ca:d2:2a:5b:42:41:61:07:
                    5a:33:b2:f1:f1:9f:e2:bc:35:94:8a:ed:b2:84:97:
                    df:a1:ce:6a:93:05:53:5a:1b:10:df:78:dc:af:75:
                    e5:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:FC:5A:99:9B:0C:08:00:5D:29:1C:30:86:90:D6:CD:CC:AF:5C:B8
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:bd:a2:e4:2d:f3:91:bd:75:6b:d9:1f:19:ae:ea:b2:ab:a6:
         2e:5a:13:09:31:65:74:0b:2f:7b:70:45:09:86:3e:aa:39:e6:
         80:c7:f3:b3:99:21:5b:21:b0:79:03:a7:b8:73:01:cd:32:1a:
         7d:c0:53:10:03:ca:42:50:ab:39:c8:93:7b:05:b7:3f:2c:60:
         31:15:ff:8b:7b:19:d3:63:8f:e7:c0:08:1a:8a:24:7e:09:12:
         3e:1b:6a:4b:25:6b:4d:c0:f4:27:79:00:fa:63:c5:53:17:4d:
         53:97:fc:5a:8b:6b:f4:ee:29:0b:d3:7d:fe:dc:4f:cf:25:90:
         3a:41:0f:3e:c2:4d:54:e2:48:c3:3a:66:78:23:e0:bc:3f:63:
         36:44:42:56:70:3b:85:94:cb:27:67:7f:87:64:8b:b5:02:2b:
         30:be:b2:f7:24:25:ef:2a:cd:37:c1:fc:c7:43:3e:d6:21:6f:
         5d:a9:e1:49:f4:33:dc:8f:85:9a:94:6b:c1:ee:97:d3:91:4f:
         04:0c:2f:7f:2c:b1:25:2c:65:34:fc:ce:9d:3b:d6:47:d5:1f:
         84:9c:85:29:4a:de:51:e3:44:a6:3f:2f:08:ae:86:69:25:15:
         c0:c6:18:34:7a:fc:d2:35:18:40:4a:76:23:dc:2c:61:6d:b2:
         8b:bf:02:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx5BsBW5X7ymDZQw6ORbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjYwMzAyMDkwMTAyWhcNMjYwMzAzMDkwMTAyWjAzMTEwLwYDVQQD
EygyNmZjNWE5OTliMGMwODAwNWQyOTFjMzA4NjkwZDZjZGNjYWY1Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodtqD6y7LCcOHbnurPYyb1lVfI9f
+jCgHIu3kaEZLmFC1CoUeHikw9HDZExoKSx6L/u7LhYNJJUjTxw0fdqhEW+1DIPJ
nFmcBq84+mvjAfDeUdkVaOnITdwQglQ1LMeqm4kRVd14i2F3m0USkulzx080Fehs
Xtc8VziRisI5AHw/wi+7CINB4IJvzK0Os9PAIu5zNif24BN0QkfGsUoH0cNqf4nv
WduOscWEx7gpHhfouF4i3oVoen4//Oh+Bwi8zajqYXY+BYMmpP8kubBYyxb2BWLO
KDsmytIqW0JBYQdaM7Lx8Z/ivDWUiu2yhJffoc5qkwVTWhsQ33jcr3XlZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCb8WpmbDAgAXSkcMIaQ1s3Mr1y4MB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm72i5C3z
kb11a9kfGa7qsqumLloTCTFldAsve3BFCYY+qjnmgMfzs5khWyGweQOnuHMBzTIa
fcBTEAPKQlCrOciTewW3PyxgMRX/i3sZ02OP58AIGookfgkSPhtqSyVrTcD0J3kA
+mPFUxdNU5f8Wotr9O4pC9N9/txPzyWQOkEPPsJNVOJIwzpmeCPgvD9jNkRCVnA7
hZTLJ2d/h2SLtQIrML6y9yQl7yrNN8H8x0M+1iFvXanhSfQz3I+FmpRrwe6X05FP
BAwvfyyxJSxlNPzOnTvWR9UfhJyFKUreUeNEpj8vCK6GaSUVwMYYNHr80jUYQEp2
I9wsYW2yi78CuA==
-----END CERTIFICATE-----