Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          9KF6Vk/hk9i/Baw4fJEM2zmYSuUNAhPNDH5wVNLua7A=
Subject key identifier:   E7:DA:44:2A:F4:AA:5E:3A:F1:B9:67:98:F5:E8:C9:40:E2:73:8F:CB
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       019CAB33FDBEC5B4F8EDF0451200432A617A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          13D5
Signing time:             Sun 01 Mar 2026 21:00:37 +0000
Manifest this update:     Sun 01 Mar 2026 21:00:37 +0000
Manifest next update:     Mon 02 Mar 2026 21:00:37 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: BmQgfY9UlBh8w0+ChPiPMTfxzV2ZmOXNcxAHpP+x9jw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:33:fd:be:c5:b4:f8:ed:f0:45:12:00:43:2a:61:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Mar  1 21:00:37 2026 GMT
            Not After : Mar  2 21:00:37 2026 GMT
        Subject: CN=e7da442af4aa5e3af1b96798f5e8c940e2738fcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ec:9f:00:2e:d5:f6:92:5e:8a:e9:e1:e2:11:
                    b5:8c:b3:3e:20:ef:20:21:21:a9:d0:32:ed:1d:fe:
                    c7:1a:cb:66:d0:f9:cc:77:7d:64:a1:16:8b:7e:49:
                    88:83:04:bf:fc:ad:96:e7:17:90:6d:ee:cd:87:2a:
                    f3:2f:06:d3:16:ce:7d:f6:f7:8d:8b:46:76:bc:5b:
                    d1:04:c4:f8:e0:f5:7a:a2:4c:ef:fa:b4:98:95:db:
                    0b:39:e1:95:f2:e9:67:2f:e5:4e:54:64:78:97:47:
                    9f:b4:36:61:60:ab:e4:00:30:17:dc:e3:04:a2:8d:
                    fe:b5:a4:b4:da:bb:0c:ab:66:68:be:a0:ab:8e:9d:
                    f3:be:66:aa:97:ea:0f:ab:1c:41:92:9e:92:2f:be:
                    81:59:38:f7:b7:8a:e6:5b:60:fa:a3:6f:6f:40:e7:
                    f6:a4:44:b8:60:b7:1e:8e:f6:9d:84:46:57:5d:5e:
                    d2:17:c7:2e:e8:88:6a:b7:ce:3f:11:c0:ab:96:02:
                    a2:64:dd:6c:0a:56:68:13:4a:79:09:b9:9d:59:35:
                    56:37:77:2b:14:13:f0:63:1a:e1:58:07:d4:a1:f4:
                    3e:5a:05:46:bf:05:eb:e0:e9:46:c8:4c:fb:cf:87:
                    4f:25:95:1d:f1:27:d2:da:81:fa:45:91:04:c9:b1:
                    11:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:DA:44:2A:F4:AA:5E:3A:F1:B9:67:98:F5:E8:C9:40:E2:73:8F:CB
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:4f:bf:3a:72:be:b9:aa:f4:80:c2:fd:12:b1:e2:fb:b3:39:
         2a:c1:26:cd:77:cd:6e:86:70:22:85:e0:7f:e6:d3:66:4d:f4:
         05:81:74:64:41:95:f9:74:c1:37:c1:08:8b:3c:1a:b6:f9:05:
         47:10:01:e2:f1:ff:7a:77:63:4c:ca:ef:d1:2c:4c:03:ad:a4:
         d9:3b:be:88:b1:2f:5e:9e:9d:3f:ef:f7:22:ab:86:6d:a3:95:
         2e:47:5b:c0:df:9d:ce:78:ac:9f:11:16:09:6b:c0:dd:c7:04:
         98:e1:04:49:5e:0e:6b:98:c0:5b:f7:86:e2:11:e2:c9:c8:62:
         95:5f:f4:b1:18:ed:60:e7:82:bd:86:a3:4e:61:3c:fd:f8:fa:
         fc:f9:9a:67:41:c6:28:0f:20:89:31:42:71:34:c4:f0:ba:47:
         de:41:1b:bd:f9:59:5a:83:94:e4:6b:d5:27:aa:fa:ab:29:d6:
         a4:63:42:cb:69:6f:c4:80:1b:af:37:2c:b5:9e:35:7c:d0:29:
         46:60:3c:01:c7:ce:b8:ac:4f:4c:e2:22:1b:da:1d:a6:16:2b:
         5a:1a:94:26:88:4b:88:89:c2:e1:a6:3d:92:0f:be:1b:72:9b:
         9c:19:c7:49:a8:48:96:6d:79:5c:20:23:cc:16:74:eb:6e:57:
         58:d7:8c:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrM/2+xbT47fBFEgBDKmF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjYwMzAxMjEwMDM3WhcNMjYwMzAyMjEwMDM3WjAzMTEwLwYDVQQD
EyhlN2RhNDQyYWY0YWE1ZTNhZjFiOTY3OThmNWU4Yzk0MGUyNzM4ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+yfAC7V9pJeiunh4hG1jLM+IO8g
ISGp0DLtHf7HGstm0PnMd31koRaLfkmIgwS//K2W5xeQbe7NhyrzLwbTFs599veN
i0Z2vFvRBMT44PV6okzv+rSYldsLOeGV8ulnL+VOVGR4l0eftDZhYKvkADAX3OME
oo3+taS02rsMq2ZovqCrjp3zvmaql+oPqxxBkp6SL76BWTj3t4rmW2D6o29vQOf2
pES4YLcejvadhEZXXV7SF8cu6Ihqt84/EcCrlgKiZN1sClZoE0p5CbmdWTVWN3cr
FBPwYxrhWAfUofQ+WgVGvwXr4OlGyEz7z4dPJZUd8SfS2oH6RZEEybERGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfaRCr0ql468blnmPXoyUDic4/LMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnU+/OnK+
uar0gML9ErHi+7M5KsEmzXfNboZwIoXgf+bTZk30BYF0ZEGV+XTBN8EIizwatvkF
RxAB4vH/endjTMrv0SxMA62k2Tu+iLEvXp6dP+/3IquGbaOVLkdbwN+dznisnxEW
CWvA3ccEmOEESV4Oa5jAW/eG4hHiychilV/0sRjtYOeCvYajTmE8/fj6/PmaZ0HG
KA8giTFCcTTE8LpH3kEbvflZWoOU5GvVJ6r6qynWpGNCy2lvxIAbrzcstZ41fNAp
RmA8AcfOuKxPTOIiG9odphYrWhqUJohLiInC4aY9kg++G3KbnBnHSahIlm15XCAj
zBZ0625XWNeMgA==
-----END CERTIFICATE-----