Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
File:                     4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft (raw, json)
Hash identifier:          aejPjPVYsGs+kl9yLM+rTenbTSxHvJvXZypcviyth3U=
Subject key identifier:   E1:83:85:71:95:CD:49:A6:2D:90:86:31:6D:4E:7A:D4:C3:4D:2B:1C
Authority key identifier: E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08
Certificate issuer:       /CN=e1f43f3e61990fd3e5767debe98e51cc19cac708
Certificate serial:       019CAC0F982A523FC5FCEB5512AE0D577BC3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
Manifest number:          0700
Signing time:             Mon 02 Mar 2026 01:00:28 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:28 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:28 +0000
Files and hashes:         1: 4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl (hash: VBf0eZB5UxGo9TBBUp9ug7nAu1RypJWbqjnTYrIjVOY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:98:2a:52:3f:c5:fc:eb:55:12:ae:0d:57:7b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1f43f3e61990fd3e5767debe98e51cc19cac708
        Validity
            Not Before: Mar  2 01:00:28 2026 GMT
            Not After : Mar  3 01:00:28 2026 GMT
        Subject: CN=e183857195cd49a62d9086316d4e7ad4c34d2b1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:16:2e:b8:5c:2e:a3:da:b7:fb:2f:3a:b9:53:
                    fd:78:6d:1b:1c:eb:d2:63:be:1f:52:be:4d:f1:04:
                    27:c2:75:bf:0c:8f:19:f9:0f:af:13:6a:47:ac:fe:
                    e2:53:82:54:7a:95:9b:37:6c:ba:94:70:25:e3:44:
                    e6:76:ee:46:33:8c:48:86:22:71:fd:bf:49:dc:39:
                    43:fe:df:a0:4b:13:09:8c:ff:83:1a:e2:44:3d:1a:
                    7e:4f:d5:93:98:35:50:99:0f:2a:f1:ba:88:d1:5b:
                    68:e6:df:b4:71:94:ae:13:73:20:a6:3a:a2:d2:95:
                    8d:03:ee:38:2c:44:51:7d:9a:11:71:f1:58:55:8d:
                    08:b3:f2:e7:69:f9:99:c7:d3:1d:f3:c6:75:cc:6e:
                    4c:f4:d6:79:59:06:44:8c:b8:0b:d6:68:5f:2a:41:
                    56:71:b9:1e:81:57:63:73:f5:ff:04:e5:37:b9:02:
                    e9:1a:b4:8c:a4:76:5c:ff:ca:9a:c0:e4:b3:8b:00:
                    34:31:ff:67:4e:68:25:23:6c:76:6c:e9:59:c3:66:
                    ce:5b:09:8b:95:10:b5:13:61:5e:2c:72:7d:19:0b:
                    c9:77:6e:cc:b0:4a:a7:09:4b:f2:12:e7:af:96:6f:
                    c0:cc:42:c0:e8:6c:82:dd:a1:80:5b:a7:5f:bb:b1:
                    68:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:83:85:71:95:CD:49:A6:2D:90:86:31:6D:4E:7A:D4:C3:4D:2B:1C
            X509v3 Authority Key Identifier:
                keyid:E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:d4:ff:d7:65:e3:12:e6:ea:3c:35:fc:60:f0:77:c0:c7:ad:
         c4:6a:72:ca:42:80:81:91:39:ef:3e:ea:86:8d:c3:0a:a5:bd:
         b5:ac:07:04:dc:83:9b:58:1d:ea:0a:ce:12:4e:28:09:4c:47:
         de:8a:01:6d:92:05:39:c3:b3:13:fa:fb:09:10:ee:45:ed:b6:
         04:4c:8f:14:a4:e8:5e:e1:6d:8a:48:9d:f6:e1:e4:c9:26:3c:
         2d:b4:c5:53:d3:da:6d:ac:6d:ea:62:b7:2f:05:58:45:25:df:
         e5:c9:c3:cb:4a:cf:c2:4d:2a:ed:07:fc:9d:da:c5:ef:c5:20:
         bf:79:a7:4a:65:b9:13:e8:4b:6d:32:8a:8a:b0:3c:26:a6:b6:
         55:05:b9:33:30:c8:a0:0b:53:62:68:76:bb:76:09:34:18:20:
         55:fc:31:d1:72:79:0a:4f:67:08:3a:72:c9:78:cb:4c:35:31:
         4a:64:c5:cd:02:83:af:84:7d:f1:d5:e6:02:cc:7d:b9:8f:ac:
         13:f2:f1:90:a1:e8:f2:c7:3d:78:e0:8d:bf:7e:5a:b7:4b:69:
         41:61:20:47:77:c0:f7:22:d0:1b:55:0e:cd:05:c7:83:71:35:
         f6:f9:26:8b:8e:f3:28:ad:ae:4c:52:10:a3:5d:99:9d:c2:0b:
         77:61:0e:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD5gqUj/F/OtVEq4NV3vDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZjQzZjNlNjE5OTBmZDNlNTc2N2RlYmU5OGU1MWNjMTlj
YWM3MDgwHhcNMjYwMzAyMDEwMDI4WhcNMjYwMzAzMDEwMDI4WjAzMTEwLwYDVQQD
EyhlMTgzODU3MTk1Y2Q0OWE2MmQ5MDg2MzE2ZDRlN2FkNGMzNGQyYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhYuuFwuo9q3+y86uVP9eG0bHOvS
Y74fUr5N8QQnwnW/DI8Z+Q+vE2pHrP7iU4JUepWbN2y6lHAl40Tmdu5GM4xIhiJx
/b9J3DlD/t+gSxMJjP+DGuJEPRp+T9WTmDVQmQ8q8bqI0Vto5t+0cZSuE3Mgpjqi
0pWNA+44LERRfZoRcfFYVY0Is/LnafmZx9Md88Z1zG5M9NZ5WQZEjLgL1mhfKkFW
cbkegVdjc/X/BOU3uQLpGrSMpHZc/8qawOSziwA0Mf9nTmglI2x2bOlZw2bOWwmL
lRC1E2FeLHJ9GQvJd27MsEqnCUvyEuevlm/AzELA6GyC3aGAW6dfu7Fo3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOGDhXGVzUmmLZCGMW1OetTDTSscMB8GA1UdIwQY
MBaAFOH0Pz5hmQ/T5XZ96+mOUcwZyscIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAt
MzIzNDE2MGRiY2Q0LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAtMzIzNDE2MGRiY2Q0
LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD9T/12Xj
EubqPDX8YPB3wMetxGpyykKAgZE57z7qho3DCqW9tawHBNyDm1gd6grOEk4oCUxH
3ooBbZIFOcOzE/r7CRDuRe22BEyPFKToXuFtikid9uHkySY8LbTFU9Pabaxt6mK3
LwVYRSXf5cnDy0rPwk0q7Qf8ndrF78Ugv3mnSmW5E+hLbTKKirA8Jqa2VQW5MzDI
oAtTYmh2u3YJNBggVfwx0XJ5Ck9nCDpyyXjLTDUxSmTFzQKDr4R98dXmAsx9uY+s
E/LxkKHo8sc9eOCNv35at0tpQWEgR3fA9yLQG1UOzQXHg3E19vkmi47zKK2uTFIQ
o12ZncILd2EObA==
-----END CERTIFICATE-----