Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
File:                     iqrwV67ry_cGh34qqnSjljgL4hU.mft (raw, json)
Hash identifier:          dqmupz7zR9KeFsOEKBdmcSijAXBWj5TAS18mT/0EQhM=
Subject key identifier:   E5:65:96:B8:14:44:88:2B:48:7B:E9:31:85:6B:5B:3A:AE:80:D3:B5
Authority key identifier: 8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15
Certificate issuer:       /CN=8aaaf057aeebcbf706877e2aaa74a396380be215
Certificate serial:       019CADFE39D648C9C461776A62E3081CB78C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
Manifest number:          05D9
Signing time:             Mon 02 Mar 2026 10:00:45 +0000
Manifest this update:     Mon 02 Mar 2026 10:00:45 +0000
Manifest next update:     Tue 03 Mar 2026 10:00:45 +0000
Files and hashes:         1: iqrwV67ry_cGh34qqnSjljgL4hU.crl (hash: 1cIXQJtTECr7D0BmN/77sMXvbLmwTHB8OHOeErR/eyA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:fe:39:d6:48:c9:c4:61:77:6a:62:e3:08:1c:b7:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aaaf057aeebcbf706877e2aaa74a396380be215
        Validity
            Not Before: Mar  2 10:00:45 2026 GMT
            Not After : Mar  3 10:00:45 2026 GMT
        Subject: CN=e56596b81444882b487be931856b5b3aae80d3b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:78:33:f0:d3:02:a4:92:43:5a:b6:bc:c8:30:
                    00:b8:6d:7c:8f:cd:9c:b0:b4:bf:47:31:42:2c:64:
                    39:e3:69:ca:dd:52:ce:b0:7a:54:c5:d2:d0:f3:7b:
                    1b:09:f8:a1:a1:f1:dd:9d:b3:7c:48:de:f2:32:fa:
                    c2:94:a7:36:0a:f1:28:35:50:38:59:0a:06:95:b4:
                    55:7d:d3:5c:d3:39:3a:e5:db:ca:0e:22:b3:3e:90:
                    53:41:bd:6c:aa:3f:ea:65:fd:66:ad:51:16:72:2f:
                    25:e3:e5:79:eb:9d:4a:56:4b:0b:7c:80:b7:9d:9b:
                    38:b0:d6:f1:e1:c9:1e:16:0e:3c:49:4f:93:e3:1b:
                    4f:2a:79:4a:fe:b6:46:4d:f1:45:cc:48:08:ab:d8:
                    27:f2:08:5d:93:bc:11:5b:36:1b:e7:cb:d2:4e:51:
                    18:4c:b5:9a:58:88:ae:ca:33:6a:fd:51:f4:d4:03:
                    3a:30:cd:37:43:1a:23:94:64:f7:1a:ab:f6:c4:00:
                    ab:99:bb:a0:a7:93:61:bb:d5:87:03:3e:6f:fa:3c:
                    c3:77:a6:42:c5:4f:c0:27:ea:71:93:f2:50:3d:3b:
                    0b:87:f0:b9:d9:9c:47:3d:a7:b3:9d:79:84:8c:90:
                    48:fd:ba:8e:e8:f0:b0:8a:8d:97:d3:4c:30:75:f3:
                    39:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:65:96:B8:14:44:88:2B:48:7B:E9:31:85:6B:5B:3A:AE:80:D3:B5
            X509v3 Authority Key Identifier:
                keyid:8A:AA:F0:57:AE:EB:CB:F7:06:87:7E:2A:AA:74:A3:96:38:0B:E2:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqrwV67ry_cGh34qqnSjljgL4hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/2240a9-54d5-4b82-8731-53090b3baa81/1/iqrwV67ry_cGh34qqnSjljgL4hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:97:9b:04:dc:81:77:00:2b:a3:73:69:43:bd:e1:60:08:46:
         af:92:93:d3:3f:96:98:fe:e3:f4:35:b3:9d:d7:d1:30:f0:cb:
         6a:3c:6f:d7:55:eb:09:65:76:db:57:b6:be:72:18:de:39:52:
         e1:f4:93:a8:88:02:d1:a9:ff:65:87:ad:43:27:a0:c9:0e:60:
         ba:57:c5:88:68:71:a2:df:44:c5:e5:e8:8f:c8:f9:4d:9c:c3:
         53:a8:36:f8:c8:10:48:e2:f1:9c:ee:cb:b2:a1:f1:b0:b6:4d:
         c3:33:bb:f3:12:41:41:83:d9:25:f9:c2:1c:a2:4d:c0:47:70:
         7d:a8:02:f5:7f:a3:36:7f:5b:db:55:2d:35:a7:95:fd:33:9c:
         e8:17:02:6d:80:3f:38:48:da:b1:1d:a9:61:3a:db:35:f3:32:
         46:1b:93:1d:27:58:2f:57:8d:d5:6a:5d:3d:8c:e9:c8:d9:bb:
         28:b1:e5:f4:de:15:bd:ae:43:e2:16:03:3e:0e:64:96:22:4a:
         40:9b:ca:cc:26:12:76:3f:0e:2f:83:49:31:3a:b3:9d:6d:70:
         aa:fc:d0:52:fc:db:0a:c7:e2:92:ec:ad:01:81:42:7c:c9:d5:
         96:ce:06:83:b2:87:29:77:0f:41:83:45:72:7d:56:bf:19:78:
         22:f2:1b:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/jnWSMnEYXdqYuMIHLeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWFmMDU3YWVlYmNiZjcwNjg3N2UyYWFhNzRhMzk2Mzgw
YmUyMTUwHhcNMjYwMzAyMTAwMDQ1WhcNMjYwMzAzMTAwMDQ1WjAzMTEwLwYDVQQD
EyhlNTY1OTZiODE0NDQ4ODJiNDg3YmU5MzE4NTZiNWIzYWFlODBkM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Hgz8NMCpJJDWra8yDAAuG18j82c
sLS/RzFCLGQ542nK3VLOsHpUxdLQ83sbCfihofHdnbN8SN7yMvrClKc2CvEoNVA4
WQoGlbRVfdNc0zk65dvKDiKzPpBTQb1sqj/qZf1mrVEWci8l4+V5651KVksLfIC3
nZs4sNbx4ckeFg48SU+T4xtPKnlK/rZGTfFFzEgIq9gn8ghdk7wRWzYb58vSTlEY
TLWaWIiuyjNq/VH01AM6MM03QxojlGT3Gqv2xACrmbugp5Nhu9WHAz5v+jzDd6ZC
xU/AJ+pxk/JQPTsLh/C52ZxHPaeznXmEjJBI/bqO6PCwio2X00wwdfM59wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOVllrgURIgrSHvpMYVrWzqugNO1MB8GA1UdIwQY
MBaAFIqq8Feu68v3Bod+Kqp0o5Y4C+IVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEt
NTMwOTBiM2JhYTgxLzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8yMjQwYTktNTRkNS00YjgyLTg3MzEtNTMwOTBiM2JhYTgx
LzEvaXFyd1Y2N3J5X2NHaDM0cXFuU2psamdMNGhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArJebBNyB
dwAro3NpQ73hYAhGr5KT0z+WmP7j9DWzndfRMPDLajxv11XrCWV221e2vnIY3jlS
4fSTqIgC0an/ZYetQyegyQ5gulfFiGhxot9ExeXoj8j5TZzDU6g2+MgQSOLxnO7L
sqHxsLZNwzO78xJBQYPZJfnCHKJNwEdwfagC9X+jNn9b21UtNaeV/TOc6BcCbYA/
OEjasR2pYTrbNfMyRhuTHSdYL1eN1WpdPYzpyNm7KLHl9N4Vva5D4hYDPg5kliJK
QJvKzCYSdj8OL4NJMTqznW1wqvzQUvzbCsfikuytAYFCfMnVls4Gg7KHKXcPQYNF
cn1Wvxl4IvIbHg==
-----END CERTIFICATE-----