Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
File:                     dNUnZVf32kEAET2Fc5VmSBVA5hw.mft (raw, json)
Hash identifier:          QXGRD0/3AfdWJZS0eRUa+FPiG+B36YEpkVtIxllkrMw=
Subject key identifier:   CD:38:55:5E:8C:86:B1:ED:8C:3A:C0:D8:98:5B:8A:41:4B:EE:D1:B3
Authority key identifier: 74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C
Certificate issuer:       /CN=74d5276557f7da4100113d85739566481540e61c
Certificate serial:       019CA9EAEB09B6CCAADB1B4B2628BF364D6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
Manifest number:          0AF7
Signing time:             Sun 01 Mar 2026 15:01:10 +0000
Manifest this update:     Sun 01 Mar 2026 15:01:10 +0000
Manifest next update:     Mon 02 Mar 2026 15:01:10 +0000
Files and hashes:         1: dNUnZVf32kEAET2Fc5VmSBVA5hw.crl (hash: aIvWokngiTepJj0fujtFO90zUXt2g2alz9jWSYDrb4U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:a9:ea:eb:09:b6:cc:aa:db:1b:4b:26:28:bf:36:4d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74d5276557f7da4100113d85739566481540e61c
        Validity
            Not Before: Mar  1 15:01:10 2026 GMT
            Not After : Mar  2 15:01:10 2026 GMT
        Subject: CN=cd38555e8c86b1ed8c3ac0d8985b8a414beed1b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:68:4e:92:9c:fd:ed:98:20:fb:55:fb:1b:1f:
                    5c:e2:c3:ee:54:1f:21:ad:12:57:9e:4a:a0:94:1a:
                    ab:1b:00:4b:ce:9b:93:a5:90:1c:9b:a9:31:c2:89:
                    a4:eb:69:a1:b6:a4:0a:9e:b7:d3:d6:fd:b9:15:67:
                    af:2b:eb:25:f8:24:92:1b:39:f8:fb:28:21:99:62:
                    24:19:d7:ea:4a:12:0f:90:4e:74:f0:80:ee:c8:f6:
                    40:45:d2:e3:11:5f:66:79:87:fe:10:1e:6e:32:c2:
                    98:93:a0:03:47:89:89:a8:e6:f4:3d:5b:81:0f:69:
                    e8:47:b4:c5:08:68:8d:8b:ca:85:ac:eb:04:d0:12:
                    1a:c0:c1:7e:49:69:bc:5f:99:d8:b5:bb:a3:14:0b:
                    76:1b:1f:12:e2:cc:3d:54:57:8f:bf:f1:2f:25:c8:
                    d9:fb:8d:99:28:fa:23:27:66:c7:bc:5f:14:3d:8f:
                    e5:13:35:0a:77:36:9f:14:a2:02:68:8b:e1:96:18:
                    79:7b:5d:29:36:34:f4:50:ab:ac:4f:4d:99:59:81:
                    31:e0:b7:34:4e:cc:b0:22:d4:63:9e:18:f2:57:49:
                    7a:24:ea:28:0e:83:40:b0:4a:e7:94:99:06:fe:17:
                    74:97:91:c9:77:99:53:8c:4e:f1:28:10:cf:a3:b9:
                    7e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:38:55:5E:8C:86:B1:ED:8C:3A:C0:D8:98:5B:8A:41:4B:EE:D1:B3
            X509v3 Authority Key Identifier:
                keyid:74:D5:27:65:57:F7:DA:41:00:11:3D:85:73:95:66:48:15:40:E6:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNUnZVf32kEAET2Fc5VmSBVA5hw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e5af16-ddfd-4f3d-96a6-5c5a78bb2b8d/1/dNUnZVf32kEAET2Fc5VmSBVA5hw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:0d:88:36:2a:b7:ef:0d:97:19:a9:eb:b1:1f:a3:03:0d:2f:
         8a:44:8d:8f:01:07:dd:61:f4:da:e0:7e:ea:45:24:f8:6e:d9:
         74:27:4b:e0:06:d9:79:ad:16:2d:26:a6:73:44:a1:8b:c5:bf:
         8e:6a:a7:0f:d8:5d:b9:cf:9a:a7:40:bf:23:d3:18:a5:67:5b:
         0a:19:52:d4:49:7a:71:2e:56:f3:7c:ee:0b:95:52:07:eb:f6:
         dd:e1:da:04:94:b1:98:4d:55:1e:22:cb:b2:30:37:8c:d3:5e:
         13:6a:da:d7:ab:04:d4:5c:8f:4c:90:89:03:61:36:45:ea:7d:
         8e:88:fa:20:31:4a:66:2a:79:1d:42:75:21:e8:bf:1d:9b:bc:
         72:05:aa:49:b9:48:dd:35:56:50:89:99:ca:20:4d:7a:23:59:
         56:be:e5:8b:f9:e8:3e:8d:a1:61:e7:9a:8a:d9:f7:57:ee:3e:
         94:27:14:5f:32:ee:de:b2:42:e8:94:e9:ae:b7:36:7e:a7:e3:
         b7:d2:de:0a:98:d0:2a:b2:68:bb:0c:85:52:56:17:15:c4:01:
         e0:97:92:13:d7:f8:df:d5:b6:c3:9e:1e:05:92:d9:2c:e4:b5:
         05:66:df:36:41:37:1f:50:7f:7a:d3:a0:54:b0:10:a6:66:de:
         54:50:b5:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6usJtsyq2xtLJii/Nk1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDUyNzY1NTdmN2RhNDEwMDExM2Q4NTczOTU2NjQ4MTU0
MGU2MWMwHhcNMjYwMzAxMTUwMTEwWhcNMjYwMzAyMTUwMTEwWjAzMTEwLwYDVQQD
EyhjZDM4NTU1ZThjODZiMWVkOGMzYWMwZDg5ODViOGE0MTRiZWVkMWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWhOkpz97Zgg+1X7Gx9c4sPuVB8h
rRJXnkqglBqrGwBLzpuTpZAcm6kxwomk62mhtqQKnrfT1v25FWevK+sl+CSSGzn4
+yghmWIkGdfqShIPkE508IDuyPZARdLjEV9meYf+EB5uMsKYk6ADR4mJqOb0PVuB
D2noR7TFCGiNi8qFrOsE0BIawMF+SWm8X5nYtbujFAt2Gx8S4sw9VFePv/EvJcjZ
+42ZKPojJ2bHvF8UPY/lEzUKdzafFKICaIvhlhh5e10pNjT0UKusT02ZWYEx4Lc0
TsywItRjnhjyV0l6JOooDoNAsErnlJkG/hd0l5HJd5lTjE7xKBDPo7l+nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM04VV6MhrHtjDrA2JhbikFL7tGzMB8GA1UdIwQY
MBaAFHTVJ2VX99pBABE9hXOVZkgVQOYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYt
NWM1YTc4YmIyYjhkLzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lNWFmMTYtZGRmZC00ZjNkLTk2YTYtNWM1YTc4YmIyYjhk
LzEvZE5VblpWZjMya0VBRVQyRmM1Vm1TQlZBNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQA2INiq3
7w2XGanrsR+jAw0vikSNjwEH3WH02uB+6kUk+G7ZdCdL4AbZea0WLSamc0Shi8W/
jmqnD9hduc+ap0C/I9MYpWdbChlS1El6cS5W83zuC5VSB+v23eHaBJSxmE1VHiLL
sjA3jNNeE2ra16sE1FyPTJCJA2E2Rep9joj6IDFKZip5HUJ1Iei/HZu8cgWqSblI
3TVWUImZyiBNeiNZVr7li/noPo2hYeeaitn3V+4+lCcUXzLu3rJC6JTprrc2fqfj
t9LeCpjQKrJouwyFUlYXFcQB4JeSE9f439W2w54eBZLZLOS1BWbfNkE3H1B/etOg
VLAQpmbeVFC1QQ==
-----END CERTIFICATE-----