Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          wZoS6mEtutYI3JTHCVld6AktyJ6a9T3BR1e9z2qqeNY=
Subject key identifier:   DB:CB:74:3E:DB:FF:6F:08:14:D7:62:1F:31:82:AC:F8:32:DA:EF:0C
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       019CABD9E11FB04C6D03CBCE6A9CC6E68919
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          1842
Signing time:             Mon 02 Mar 2026 00:01:48 +0000
Manifest this update:     Mon 02 Mar 2026 00:01:48 +0000
Manifest next update:     Tue 03 Mar 2026 00:01:48 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: +6QoZivKdMEJoNDOGX4thlwslLFuc3hpWAucFVob7QA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:d9:e1:1f:b0:4c:6d:03:cb:ce:6a:9c:c6:e6:89:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Mar  2 00:01:48 2026 GMT
            Not After : Mar  3 00:01:48 2026 GMT
        Subject: CN=dbcb743edbff6f0814d7621f3182acf832daef0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:ca:c0:f4:de:f4:ee:46:f0:9a:d6:17:ff:68:
                    de:a9:14:11:4e:7d:03:13:1c:0b:72:a2:2c:c6:ed:
                    e6:c7:b9:95:4b:8e:ee:2e:d7:a9:2c:a9:7e:54:6e:
                    22:b4:1f:59:9d:2c:c4:ff:8c:e9:88:a1:6d:35:86:
                    6c:d3:d3:41:54:a3:28:c1:d1:46:d7:d0:84:6c:56:
                    4d:11:51:47:b1:d8:fd:82:a4:89:41:07:98:62:2a:
                    60:50:c3:f2:31:b8:65:1d:1b:e6:68:cc:58:89:89:
                    1b:39:33:77:27:a2:33:b2:d1:78:58:83:4d:68:4c:
                    c8:db:41:d1:24:15:9b:9e:7a:5c:7c:e3:1e:b2:b0:
                    99:28:28:78:7c:3f:42:fe:7e:78:83:1c:dd:07:6c:
                    ed:e9:1f:55:7e:93:f9:55:e9:6b:8b:36:b2:6c:04:
                    59:4d:47:dd:01:40:b4:34:60:33:7e:91:f2:8b:f7:
                    70:14:b1:88:b8:36:7c:21:91:09:43:89:1f:75:9d:
                    16:43:b9:ea:40:45:8e:fe:d2:4d:dc:6b:d1:32:a6:
                    08:32:e6:87:a4:68:8f:cd:f9:60:1f:5b:63:98:67:
                    28:cd:61:aa:af:f0:bb:db:01:c8:6a:f8:4e:8e:50:
                    f9:77:fe:31:c5:06:d6:a1:3c:01:0e:fe:97:7b:95:
                    32:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:CB:74:3E:DB:FF:6F:08:14:D7:62:1F:31:82:AC:F8:32:DA:EF:0C
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e0:1f:63:6e:c3:76:33:c9:16:5c:0f:31:ae:d2:46:e4:ce:
         52:42:5a:6b:b9:f9:2a:db:87:0f:82:83:07:ab:51:87:47:24:
         e7:f1:29:77:1b:db:17:3c:db:0a:77:86:bd:18:cd:1b:7c:26:
         a3:8f:b4:6c:74:13:5f:e9:17:e3:22:b2:a1:05:f9:7a:f1:de:
         31:77:c1:bd:76:9a:17:ac:f4:bf:49:48:11:4e:0f:49:ec:5e:
         fe:75:09:5e:1b:8c:7a:ad:7f:6a:47:60:05:d7:0e:5e:6c:98:
         4e:39:f4:69:39:67:95:74:1a:e6:f0:2a:55:6a:73:8c:a0:9d:
         72:e7:7b:4d:4b:e6:f3:ff:79:3f:bf:32:49:a8:39:31:6f:f3:
         bf:77:9d:c8:61:11:81:56:55:13:fb:38:7f:be:6b:d8:0c:51:
         6c:5e:56:e1:16:4a:d6:14:20:03:ec:d2:fd:b2:ee:65:cf:cb:
         30:3b:53:2b:23:63:5d:5f:7b:dd:aa:bd:3d:78:0d:a6:be:0b:
         3b:27:4e:62:17:b2:db:2d:25:21:de:79:e4:7f:87:cd:4b:81:
         f9:5a:fe:bf:73:b0:94:c4:e1:08:70:e6:79:c6:57:4e:96:0f:
         a1:8f:47:29:bd:d3:d3:77:4d:94:99:b1:99:45:34:19:c3:52:
         fe:8b:0a:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2eEfsExtA8vOapzG5okZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjYwMzAyMDAwMTQ4WhcNMjYwMzAzMDAwMTQ4WjAzMTEwLwYDVQQD
EyhkYmNiNzQzZWRiZmY2ZjA4MTRkNzYyMWYzMTgyYWNmODMyZGFlZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMrA9N707kbwmtYX/2jeqRQRTn0D
ExwLcqIsxu3mx7mVS47uLtepLKl+VG4itB9ZnSzE/4zpiKFtNYZs09NBVKMowdFG
19CEbFZNEVFHsdj9gqSJQQeYYipgUMPyMbhlHRvmaMxYiYkbOTN3J6IzstF4WINN
aEzI20HRJBWbnnpcfOMesrCZKCh4fD9C/n54gxzdB2zt6R9VfpP5VelrizaybARZ
TUfdAUC0NGAzfpHyi/dwFLGIuDZ8IZEJQ4kfdZ0WQ7nqQEWO/tJN3GvRMqYIMuaH
pGiPzflgH1tjmGcozWGqr/C72wHIavhOjlD5d/4xxQbWoTwBDv6Xe5UydQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvLdD7b/28IFNdiHzGCrPgy2u8MMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeAfY27D
djPJFlwPMa7SRuTOUkJaa7n5KtuHD4KDB6tRh0ck5/EpdxvbFzzbCneGvRjNG3wm
o4+0bHQTX+kX4yKyoQX5evHeMXfBvXaaF6z0v0lIEU4PSexe/nUJXhuMeq1/akdg
BdcOXmyYTjn0aTlnlXQa5vAqVWpzjKCdcud7TUvm8/95P78ySag5MW/zv3edyGER
gVZVE/s4f75r2AxRbF5W4RZK1hQgA+zS/bLuZc/LMDtTKyNjXV973aq9PXgNpr4L
OydOYhey2y0lId555H+HzUuB+Vr+v3OwlMThCHDmecZXTpYPoY9HKb3T03dNlJmx
mUU0GcNS/osKag==
-----END CERTIFICATE-----