Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
File:                     9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft (raw, json)
Hash identifier:          iql7MboxYWmoBEe1FHa5P9EP0uSbbRfB8YonprsNerU=
Subject key identifier:   DE:45:6B:53:32:98:4D:57:70:83:56:45:E7:1C:E7:7A:97:C2:94:FA
Authority key identifier: F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F
Certificate issuer:       /CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
Certificate serial:       019CAB6B282550D80D5831AA970D6241927C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
Manifest number:          0C52
Signing time:             Sun 01 Mar 2026 22:00:52 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:52 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:52 +0000
Files and hashes:         1: 9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl (hash: Kve2kDIUhGGUubSb27rasCDEOGsfyJUuotIX1vhxatI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:28:25:50:d8:0d:58:31:aa:97:0d:62:41:92:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4ed5e5dbba1eab6d3958e5941829c9da1b2c67f
        Validity
            Not Before: Mar  1 22:00:52 2026 GMT
            Not After : Mar  2 22:00:52 2026 GMT
        Subject: CN=de456b5332984d5770835645e71ce77a97c294fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1c:9e:a2:ac:b9:40:21:f2:eb:99:98:78:69:
                    14:3e:fe:f4:11:5a:a3:e7:b2:3b:ff:54:44:41:09:
                    13:80:53:65:0d:33:dd:1f:25:54:22:17:a4:67:f1:
                    4f:5b:09:25:a3:fd:00:3a:6d:5f:ba:ec:94:90:00:
                    1e:28:b2:94:40:c0:c9:3c:f1:d5:c4:6c:3b:33:fb:
                    12:26:82:22:19:37:a8:31:29:da:66:52:b8:89:c2:
                    00:8d:bc:3f:06:ee:bf:78:90:8f:a9:fa:ff:c8:70:
                    d3:89:4d:37:07:bb:97:80:68:ae:98:d2:3d:0f:b2:
                    0c:8f:4c:e6:91:08:eb:bf:f0:6f:0d:ec:ce:61:bb:
                    31:8c:88:ed:c7:56:6c:a8:e7:55:64:ea:a7:5f:ca:
                    ae:be:c2:42:86:bf:08:a8:07:70:bd:cf:3c:0a:1f:
                    b3:25:b4:37:15:a6:c9:1d:36:46:5f:2f:fa:4e:ef:
                    ae:78:bf:c5:b5:8c:c2:09:eb:8b:81:ab:79:cc:14:
                    c2:9d:d7:69:a1:0a:c1:ab:f5:cf:9f:27:10:d7:4b:
                    5b:12:c8:37:58:8d:e2:7d:dd:45:6c:5e:d1:55:ba:
                    8c:6c:e4:d6:c1:ad:18:04:72:d2:ae:e9:75:34:1e:
                    d2:5c:d6:71:91:2d:ac:47:22:23:e0:c3:1b:65:3e:
                    45:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:45:6B:53:32:98:4D:57:70:83:56:45:E7:1C:E7:7A:97:C2:94:FA
            X509v3 Authority Key Identifier:
                keyid:F4:ED:5E:5D:BB:A1:EA:B6:D3:95:8E:59:41:82:9C:9D:A1:B2:C6:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/afc86c-25b0-474c-a5c4-db1a6bbcbb72/1/9O1eXbuh6rbTlY5ZQYKcnaGyxn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:52:dd:d6:f9:87:39:0e:d7:b1:92:a4:78:64:ea:25:0b:59:
         63:e9:23:92:9b:c8:8b:84:c1:d6:7a:92:86:5d:71:cd:b8:1c:
         27:46:6e:b9:e2:95:e4:fd:e3:ec:36:f5:18:49:f1:77:8c:da:
         86:9c:d7:a6:c0:22:6d:ef:be:b0:bc:37:f0:fb:0e:08:fd:a2:
         d6:6c:04:fc:93:da:83:5e:0e:bd:44:1b:d0:a7:2d:0e:5f:12:
         63:a9:c6:9d:6d:1b:b2:24:f7:dc:42:aa:68:90:ba:64:cf:99:
         60:97:26:1c:12:fb:09:7f:79:e9:d0:22:c7:18:31:76:c6:f1:
         44:28:a8:fb:9f:65:b9:28:e7:89:af:cb:35:d0:65:27:be:08:
         24:19:55:97:80:0c:8d:68:83:cc:49:c9:7c:5f:31:12:83:1d:
         ac:1b:ac:47:a7:12:3a:90:5c:6b:22:22:5c:19:bf:cf:ee:a5:
         7e:c8:f9:95:ec:98:98:df:c6:84:d1:d6:a6:05:4b:b0:9b:75:
         9e:61:bc:e0:24:f2:0d:ee:1c:d0:9a:40:02:6e:bd:61:17:24:
         5a:4c:55:76:7f:f5:49:c2:68:5a:5a:39:06:6b:ab:0c:e9:09:
         e0:3f:29:45:9e:33:1f:6c:cd:0b:5e:13:c7:0f:41:37:19:b7:
         af:fe:35:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrayglUNgNWDGqlw1iQZJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZWQ1ZTVkYmJhMWVhYjZkMzk1OGU1OTQxODI5YzlkYTFi
MmM2N2YwHhcNMjYwMzAxMjIwMDUyWhcNMjYwMzAyMjIwMDUyWjAzMTEwLwYDVQQD
EyhkZTQ1NmI1MzMyOTg0ZDU3NzA4MzU2NDVlNzFjZTc3YTk3YzI5NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxyeoqy5QCHy65mYeGkUPv70EVqj
57I7/1REQQkTgFNlDTPdHyVUIhekZ/FPWwklo/0AOm1fuuyUkAAeKLKUQMDJPPHV
xGw7M/sSJoIiGTeoMSnaZlK4icIAjbw/Bu6/eJCPqfr/yHDTiU03B7uXgGiumNI9
D7IMj0zmkQjrv/BvDezOYbsxjIjtx1ZsqOdVZOqnX8quvsJChr8IqAdwvc88Ch+z
JbQ3FabJHTZGXy/6Tu+ueL/FtYzCCeuLgat5zBTCnddpoQrBq/XPnycQ10tbEsg3
WI3ifd1FbF7RVbqMbOTWwa0YBHLSrul1NB7SXNZxkS2sRyIj4MMbZT5F1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5Fa1MymE1XcINWRecc53qXwpT6MB8GA1UdIwQY
MBaAFPTtXl27oeq205WOWUGCnJ2hssZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQt
ZGIxYTZiYmNiYjcyLzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hZmM4NmMtMjViMC00NzRjLWE1YzQtZGIxYTZiYmNiYjcy
LzEvOU8xZVhidWg2cmJUbFk1WlFZS2NuYUd5eG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhVLd1vmH
OQ7XsZKkeGTqJQtZY+kjkpvIi4TB1nqShl1xzbgcJ0ZuueKV5P3j7Db1GEnxd4za
hpzXpsAibe++sLw38PsOCP2i1mwE/JPag14OvUQb0KctDl8SY6nGnW0bsiT33EKq
aJC6ZM+ZYJcmHBL7CX956dAixxgxdsbxRCio+59luSjnia/LNdBlJ74IJBlVl4AM
jWiDzEnJfF8xEoMdrBusR6cSOpBcayIiXBm/z+6lfsj5leyYmN/GhNHWpgVLsJt1
nmG84CTyDe4c0JpAAm69YRckWkxVdn/1ScJoWlo5BmurDOkJ4D8pRZ4zH2zNC14T
xw9BNxm3r/413w==
-----END CERTIFICATE-----