Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
File:                     UW2UBk9zhVXozjZaGVfWnnaICcQ.mft (raw, json)
Hash identifier:          1VH7ct00es8pBCiwfmEa8e1+byvqtoezxNDFllu9vJs=
Subject key identifier:   F9:81:2D:B2:4A:42:73:B8:98:5B:E9:5A:41:E7:D7:81:99:D5:18:F0
Authority key identifier: 51:6D:94:06:4F:73:85:55:E8:CE:36:5A:19:57:D6:9E:76:88:09:C4
Certificate issuer:       /CN=516d94064f738555e8ce365a1957d69e768809c4
Certificate serial:       019CAD5A26EF90484C94FFA51680BB6968AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
Manifest number:          0828
Signing time:             Mon 02 Mar 2026 07:01:32 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:32 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:32 +0000
Files and hashes:         1: UW2UBk9zhVXozjZaGVfWnnaICcQ.crl (hash: CjiV8xwGO7BJH6uzcGTMsD4R+z+kJ6kwH3eHTio/ADM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:5a:26:ef:90:48:4c:94:ff:a5:16:80:bb:69:68:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=516d94064f738555e8ce365a1957d69e768809c4
        Validity
            Not Before: Mar  2 07:01:32 2026 GMT
            Not After : Mar  3 07:01:32 2026 GMT
        Subject: CN=f9812db24a4273b8985be95a41e7d78199d518f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7f:e9:58:c3:09:03:c9:87:24:10:9b:a6:62:
                    ae:ce:7c:1f:6a:0b:62:4f:d3:8a:da:f1:0a:1f:37:
                    22:d0:96:43:4f:20:69:d3:fa:a8:cd:0d:26:8f:5a:
                    5b:20:23:eb:db:9d:9d:93:8e:7b:f2:b3:7c:a9:3e:
                    c4:0d:43:e7:a3:ba:d2:2c:02:a2:67:f5:2b:02:fe:
                    aa:2d:40:c1:7c:c2:a2:03:14:5c:01:3c:b8:e3:ad:
                    b4:f4:39:46:7a:96:cf:c0:be:48:ee:9c:7e:f7:38:
                    9a:68:70:6f:8b:d2:d3:64:f3:08:6b:57:2e:37:64:
                    08:0c:68:94:dd:d7:a9:d7:90:2a:d2:86:a6:8e:c7:
                    f0:ba:a0:c9:35:1f:1d:e3:c8:4d:5e:3d:56:ac:fd:
                    7e:e8:0c:a9:f6:31:30:bc:f6:6f:7c:00:44:59:88:
                    79:f9:d6:72:ec:47:ed:22:67:0b:5e:07:b9:b9:a0:
                    63:b7:05:6f:0d:25:29:dd:96:c0:b0:80:ca:e0:60:
                    fe:c5:46:54:51:ac:5a:fb:76:86:69:94:66:fa:e6:
                    61:97:82:29:0c:a5:36:8e:17:1f:27:49:25:dd:2b:
                    28:cb:be:64:52:b7:37:33:5a:2d:54:f7:f6:dd:b3:
                    77:64:61:27:b9:bd:a2:e3:ec:64:8f:88:38:5f:e3:
                    8d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:81:2D:B2:4A:42:73:B8:98:5B:E9:5A:41:E7:D7:81:99:D5:18:F0
            X509v3 Authority Key Identifier:
                keyid:51:6D:94:06:4F:73:85:55:E8:CE:36:5A:19:57:D6:9E:76:88:09:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UW2UBk9zhVXozjZaGVfWnnaICcQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b81895-c605-41e2-b283-c0565fa840d4/1/UW2UBk9zhVXozjZaGVfWnnaICcQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:83:6e:ba:5e:35:e8:8e:9c:c3:f7:52:55:04:04:77:a5:09:
         76:be:f1:31:32:43:12:95:a0:a0:0d:ad:88:58:f3:21:92:7c:
         0b:59:39:58:b7:e2:eb:1f:1b:48:e4:8c:01:38:83:10:42:10:
         76:82:8e:fd:8a:55:2b:cd:55:76:c3:11:c2:55:f3:c0:ee:a1:
         43:f5:c8:0a:63:f2:5a:66:49:6d:f8:11:4a:3c:ec:df:c9:f7:
         5e:b4:ef:0f:08:cd:fb:90:1a:66:33:6b:70:e3:77:0b:f8:c0:
         cf:52:fe:44:8a:6e:af:cd:85:58:c0:33:3f:71:1d:6f:a2:84:
         83:68:94:79:0d:03:67:d3:4c:f7:58:12:1c:38:5d:53:62:75:
         85:45:9f:2a:16:b9:37:8c:c9:14:2a:9d:41:e7:42:c8:78:e4:
         e6:b5:3c:f1:e6:46:e4:7b:e7:2d:35:41:db:b9:f3:90:d3:6a:
         31:79:92:c3:1d:36:7c:9a:af:29:0e:42:50:29:8f:d5:d0:07:
         11:3c:f9:eb:de:37:de:fc:b5:d4:33:07:ab:87:42:4c:43:56:
         f7:1e:70:53:91:d1:5b:b7:7f:03:9d:48:a2:ae:6e:55:20:44:
         e0:ef:25:8d:43:c4:cf:6c:3e:31:71:e3:e5:59:1e:e5:88:47:
         c4:9c:da:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWibvkEhMlP+lFoC7aWisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNmQ5NDA2NGY3Mzg1NTVlOGNlMzY1YTE5NTdkNjllNzY4
ODA5YzQwHhcNMjYwMzAyMDcwMTMyWhcNMjYwMzAzMDcwMTMyWjAzMTEwLwYDVQQD
EyhmOTgxMmRiMjRhNDI3M2I4OTg1YmU5NWE0MWU3ZDc4MTk5ZDUxOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH/pWMMJA8mHJBCbpmKuznwfagti
T9OK2vEKHzci0JZDTyBp0/qozQ0mj1pbICPr252dk4578rN8qT7EDUPno7rSLAKi
Z/UrAv6qLUDBfMKiAxRcATy446209DlGepbPwL5I7px+9ziaaHBvi9LTZPMIa1cu
N2QIDGiU3dep15Aq0oamjsfwuqDJNR8d48hNXj1WrP1+6Ayp9jEwvPZvfABEWYh5
+dZy7EftImcLXge5uaBjtwVvDSUp3ZbAsIDK4GD+xUZUUaxa+3aGaZRm+uZhl4Ip
DKU2jhcfJ0kl3Ssoy75kUrc3M1otVPf23bN3ZGEnub2i4+xkj4g4X+ONMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPmBLbJKQnO4mFvpWkHn14GZ1RjwMB8GA1UdIwQY
MBaAFFFtlAZPc4VV6M42WhlX1p52iAnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9iODE4OTUtYzYwNS00MWUyLWIyODMt
YzA1NjVmYTg0MGQ0LzEvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9iODE4OTUtYzYwNS00MWUyLWIyODMtYzA1NjVmYTg0MGQ0
LzEvVVcyVUJrOXpoVlhvempaYUdWZldubmFJQ2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIoNuul41
6I6cw/dSVQQEd6UJdr7xMTJDEpWgoA2tiFjzIZJ8C1k5WLfi6x8bSOSMATiDEEIQ
doKO/YpVK81VdsMRwlXzwO6hQ/XICmPyWmZJbfgRSjzs38n3XrTvDwjN+5AaZjNr
cON3C/jAz1L+RIpur82FWMAzP3Edb6KEg2iUeQ0DZ9NM91gSHDhdU2J1hUWfKha5
N4zJFCqdQedCyHjk5rU88eZG5HvnLTVB27nzkNNqMXmSwx02fJqvKQ5CUCmP1dAH
ETz569433vy11DMHq4dCTENW9x5wU5HRW7d/A51Ioq5uVSBE4O8ljUPEz2w+MXHj
5Vke5YhHxJzagg==
-----END CERTIFICATE-----