Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
File:                     P2LKnF7__TIKvS2Px-j4Nee70es.mft (raw, json)
Hash identifier:          0BtmUJmZd6mcsLUDOccMlfrcZY9kr2CaJDnDklWSZcc=
Subject key identifier:   5F:09:A5:45:C9:28:EB:1A:28:FA:A1:4D:64:CA:CB:46:E6:1E:4A:AB
Authority key identifier: 3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB
Certificate issuer:       /CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
Certificate serial:       019CAB3443724CB5C18563A63B4A16E7DCFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
Manifest number:          0C3F
Signing time:             Sun 01 Mar 2026 21:00:54 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:54 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:54 +0000
Files and hashes:         1: P2LKnF7__TIKvS2Px-j4Nee70es.crl (hash: TtdFVJRPjU/zOttnoicQAkeAuJPtKuO9B1Q5N47xi2I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:43:72:4c:b5:c1:85:63:a6:3b:4a:16:e7:dc:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
        Validity
            Not Before: Mar  1 21:00:54 2026 GMT
            Not After : Mar  2 21:00:54 2026 GMT
        Subject: CN=5f09a545c928eb1a28faa14d64cacb46e61e4aab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:aa:11:a6:da:b0:fb:82:84:56:28:a6:31:8a:
                    be:4a:2c:84:02:62:be:85:12:33:b8:be:0a:e9:1f:
                    97:d0:72:e3:3b:53:e2:e4:7a:06:83:9f:0d:27:25:
                    82:93:8e:90:d4:60:ed:67:15:c4:45:c0:2c:f1:2f:
                    af:7e:c2:bc:fb:14:0d:ea:37:16:23:2b:30:a4:72:
                    f3:4f:c7:2f:9f:c0:93:5a:8b:4c:1c:57:fb:35:dc:
                    db:0f:c7:b2:18:0b:c5:51:3e:5b:38:34:0f:5b:0a:
                    85:a6:23:85:53:84:d2:77:3a:93:71:74:e2:a0:71:
                    e2:a1:8f:a0:df:c7:5a:bc:b4:35:96:63:b2:10:fe:
                    00:c3:24:7b:3d:90:34:4a:e3:30:58:df:1f:12:98:
                    8a:20:d8:b3:2c:ad:ca:a1:b8:87:a1:a2:57:53:79:
                    91:ff:ff:70:48:76:b1:a3:06:ac:bb:87:2a:66:f4:
                    e6:21:c4:e4:00:e2:af:ee:b2:17:85:6b:49:15:4f:
                    f7:f6:0a:3e:45:03:fc:a7:4d:78:60:23:72:0e:e4:
                    45:0e:59:72:48:98:d9:27:8c:0c:1e:f2:b5:1d:14:
                    ca:1b:4b:8b:ae:fa:19:c0:34:26:ce:71:ec:d5:46:
                    a4:14:50:70:ce:e0:b2:2c:95:b4:f7:15:b5:86:1c:
                    63:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:09:A5:45:C9:28:EB:1A:28:FA:A1:4D:64:CA:CB:46:E6:1E:4A:AB
            X509v3 Authority Key Identifier:
                keyid:3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:92:b3:fd:8b:9a:84:c3:0b:80:ec:47:4e:40:22:2a:25:67:
         c6:5f:9b:c0:4c:30:08:49:bf:96:1c:0f:16:c1:81:16:12:39:
         75:54:71:d3:94:4f:2a:be:aa:97:df:2f:6a:4d:2a:ea:d1:03:
         38:31:4d:c1:de:25:99:cd:a8:56:2b:b7:9d:d5:45:5f:5b:a6:
         4b:7a:c1:79:b8:c1:e2:b9:82:0b:52:67:b8:40:a0:ed:d4:ae:
         62:0b:4f:29:c5:88:b5:c1:b0:ab:92:ee:c5:75:a6:22:da:85:
         28:1d:cc:1b:59:5c:fb:2c:a9:3e:63:d5:c1:23:81:eb:62:23:
         68:12:fd:d5:78:ca:a5:5c:3c:3f:22:30:66:cb:47:74:2b:15:
         a3:16:b2:5b:bd:19:c8:6b:f6:b3:23:c3:0a:bc:85:a2:62:4f:
         6f:41:99:b2:39:b8:c0:73:71:e8:bc:d0:06:24:fd:b9:64:53:
         df:df:29:27:ce:6b:69:b5:c3:65:e5:f5:e7:bf:9e:c4:d8:86:
         eb:08:78:8b:e5:83:a9:f0:38:23:79:5a:98:f1:97:f9:27:b8:
         2c:7e:f4:b7:d2:15:33:00:98:3e:b9:fc:ac:04:d3:fe:72:d5:
         7d:cb:30:5a:73:cf:1b:ea:5f:d6:3c:10:a8:d7:4b:c2:43:30:
         02:d9:c6:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNENyTLXBhWOmO0oW59z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjJjYTljNWVmZmZkMzIwYWJkMmQ4ZmM3ZThmODM1ZTdi
YmQxZWIwHhcNMjYwMzAxMjEwMDU0WhcNMjYwMzAyMjEwMDU0WjAzMTEwLwYDVQQD
Eyg1ZjA5YTU0NWM5MjhlYjFhMjhmYWExNGQ2NGNhY2I0NmU2MWU0YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqoRptqw+4KEViimMYq+SiyEAmK+
hRIzuL4K6R+X0HLjO1Pi5HoGg58NJyWCk46Q1GDtZxXERcAs8S+vfsK8+xQN6jcW
IyswpHLzT8cvn8CTWotMHFf7NdzbD8eyGAvFUT5bODQPWwqFpiOFU4TSdzqTcXTi
oHHioY+g38davLQ1lmOyEP4AwyR7PZA0SuMwWN8fEpiKINizLK3KobiHoaJXU3mR
//9wSHaxowasu4cqZvTmIcTkAOKv7rIXhWtJFU/39go+RQP8p014YCNyDuRFDlly
SJjZJ4wMHvK1HRTKG0uLrvoZwDQmznHs1UakFFBwzuCyLJW09xW1hhxjswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8JpUXJKOsaKPqhTWTKy0bmHkqrMB8GA1UdIwQY
MBaAFD9iypxe//0yCr0tj8fo+DXnu9HrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4Njkt
MDA5MDgwZThkZmY1LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4NjktMDA5MDgwZThkZmY1
LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVJKz/Yua
hMMLgOxHTkAiKiVnxl+bwEwwCEm/lhwPFsGBFhI5dVRx05RPKr6ql98vak0q6tED
ODFNwd4lmc2oViu3ndVFX1umS3rBebjB4rmCC1JnuECg7dSuYgtPKcWItcGwq5Lu
xXWmItqFKB3MG1lc+yypPmPVwSOB62IjaBL91XjKpVw8PyIwZstHdCsVoxayW70Z
yGv2syPDCryFomJPb0GZsjm4wHNx6LzQBiT9uWRT398pJ85rabXDZeX157+exNiG
6wh4i+WDqfA4I3lamPGX+Se4LH70t9IVMwCYPrn8rATT/nLVfcswWnPPG+pf1jwQ
qNdLwkMwAtnGow==
-----END CERTIFICATE-----