Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
File:                     pffZAsirU0AJh6GIKrJ_fPoBt0A.mft (raw, json)
Hash identifier:          e4Uvu6X3aJVVk76d27sdR6J/QQTBjoI/MVLEqTE0i0k=
Subject key identifier:   28:C5:FC:0D:B2:CA:F7:AF:F6:39:91:96:2E:88:AA:E0:F8:7A:75:1A
Authority key identifier: A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40
Certificate issuer:       /CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
Certificate serial:       019CAC0FCD579CE237E3DF77B6AD071A3C3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
Manifest number:          049F
Signing time:             Mon 02 Mar 2026 01:00:42 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:42 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:42 +0000
Files and hashes:         1: pffZAsirU0AJh6GIKrJ_fPoBt0A.crl (hash: Gr2eEyVPAThxEDevSMomyoKwNgUIuacBCvobh9qaszU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:cd:57:9c:e2:37:e3:df:77:b6:ad:07:1a:3c:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5f7d902c8ab53400987a1882ab27f7cfa01b740
        Validity
            Not Before: Mar  2 01:00:42 2026 GMT
            Not After : Mar  3 01:00:42 2026 GMT
        Subject: CN=28c5fc0db2caf7aff63991962e88aae0f87a751a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3a:de:22:90:c9:35:08:5e:2f:58:37:52:58:
                    9a:c9:42:e1:6b:92:f4:80:df:95:41:18:8f:39:9a:
                    1e:62:c6:28:ce:f0:93:fe:4a:0b:81:7a:ad:43:71:
                    62:bd:25:c4:18:33:af:c0:6b:dc:a3:30:65:29:26:
                    99:a5:4d:6f:0c:27:77:d6:da:40:76:89:5b:2b:15:
                    36:24:f7:41:c4:0a:b0:e2:e6:3c:6e:d1:c9:96:28:
                    05:49:a3:8b:d0:10:b4:7f:20:a2:f9:67:3d:3a:9d:
                    d4:4b:9e:95:44:6f:de:c3:3c:05:ef:70:2b:64:ed:
                    96:4a:c4:85:cb:e0:d4:ec:bb:33:31:5d:57:8b:95:
                    2d:20:f4:ab:52:f5:bc:7d:48:fc:4a:c6:17:b7:ae:
                    23:4f:e5:c2:dc:d3:6a:83:4d:4f:16:75:eb:58:85:
                    56:35:c0:a9:0d:f3:ca:18:f8:c4:35:d9:fa:21:7a:
                    5e:6f:ab:97:3f:00:39:82:8b:b1:0d:24:ae:de:c8:
                    19:b0:69:69:a4:72:62:36:88:8f:32:7b:2c:24:9d:
                    0d:e6:63:e5:dd:7b:ac:e3:28:d3:0c:cf:0f:8b:fc:
                    13:3e:65:84:64:3c:47:3f:bf:42:43:9c:2e:58:9c:
                    bb:ad:5f:fc:33:a5:8a:09:fa:2e:48:5c:a2:85:26:
                    81:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C5:FC:0D:B2:CA:F7:AF:F6:39:91:96:2E:88:AA:E0:F8:7A:75:1A
            X509v3 Authority Key Identifier:
                keyid:A5:F7:D9:02:C8:AB:53:40:09:87:A1:88:2A:B2:7F:7C:FA:01:B7:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pffZAsirU0AJh6GIKrJ_fPoBt0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/710b27-f68b-436f-bcef-2d65e06687de/1/pffZAsirU0AJh6GIKrJ_fPoBt0A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:4b:93:63:3c:12:de:33:0c:02:3d:ed:2c:88:89:ae:b3:d8:
         07:7f:d6:96:4b:7b:43:3e:92:1e:4a:52:1a:a6:c1:b2:58:bb:
         c2:e1:e2:db:17:e8:a9:e3:fc:43:1f:e7:23:30:80:14:08:ed:
         31:9e:ef:fc:bc:ec:dc:12:f9:a5:4f:ba:51:ed:08:70:d9:6b:
         7a:2d:29:a5:8f:09:bd:f3:cb:20:11:91:b3:07:70:82:f2:ee:
         55:ef:25:da:ea:85:bb:92:ad:4d:85:5c:dd:e5:ca:05:49:6c:
         f4:55:c6:1d:ba:40:cb:a0:9e:c1:cd:97:6c:f8:5f:3c:1e:4d:
         bc:a7:61:5d:85:2c:89:ae:8c:9a:37:8d:08:b1:69:62:41:21:
         9a:eb:31:1d:a4:2e:c6:b6:c4:7e:21:63:55:9a:0a:70:da:56:
         9b:de:75:ba:51:eb:70:8c:2e:87:cf:0b:92:2b:1b:37:5f:01:
         0c:20:cd:78:69:c9:c1:f0:0e:72:5c:dd:61:40:71:1b:07:2f:
         93:97:d2:d9:df:d7:b4:c0:64:3a:68:60:35:6a:0e:fe:96:d3:
         80:c3:a2:f6:b7:37:ce:6b:37:e6:f3:3b:32:d8:19:fb:39:0c:
         ac:f1:df:a9:86:b5:2c:ff:63:ff:d3:73:7b:fb:08:fa:b9:50:
         2d:fe:4a:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD81XnOI34993tq0HGjw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZjdkOTAyYzhhYjUzNDAwOTg3YTE4ODJhYjI3ZjdjZmEw
MWI3NDAwHhcNMjYwMzAyMDEwMDQyWhcNMjYwMzAzMDEwMDQyWjAzMTEwLwYDVQQD
EygyOGM1ZmMwZGIyY2FmN2FmZjYzOTkxOTYyZTg4YWFlMGY4N2E3NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDreIpDJNQheL1g3UliayULha5L0
gN+VQRiPOZoeYsYozvCT/koLgXqtQ3FivSXEGDOvwGvcozBlKSaZpU1vDCd31tpA
dolbKxU2JPdBxAqw4uY8btHJligFSaOL0BC0fyCi+Wc9Op3US56VRG/ewzwF73Ar
ZO2WSsSFy+DU7LszMV1Xi5UtIPSrUvW8fUj8SsYXt64jT+XC3NNqg01PFnXrWIVW
NcCpDfPKGPjENdn6IXpeb6uXPwA5gouxDSSu3sgZsGlppHJiNoiPMnssJJ0N5mPl
3Xus4yjTDM8Pi/wTPmWEZDxHP79CQ5wuWJy7rV/8M6WKCfouSFyihSaBYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjF/A2yyvev9jmRli6IquD4enUaMB8GA1UdIwQY
MBaAFKX32QLIq1NACYehiCqyf3z6AbdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYt
MmQ2NWUwNjY4N2RlLzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC83MTBiMjctZjY4Yi00MzZmLWJjZWYtMmQ2NWUwNjY4N2Rl
LzEvcGZmWkFzaXJVMEFKaDZHSUtySl9mUG9CdDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ0uTYzwS
3jMMAj3tLIiJrrPYB3/Wlkt7Qz6SHkpSGqbBsli7wuHi2xfoqeP8Qx/nIzCAFAjt
MZ7v/Lzs3BL5pU+6Ue0IcNlrei0ppY8JvfPLIBGRswdwgvLuVe8l2uqFu5KtTYVc
3eXKBUls9FXGHbpAy6Cewc2XbPhfPB5NvKdhXYUsia6MmjeNCLFpYkEhmusxHaQu
xrbEfiFjVZoKcNpWm951ulHrcIwuh88LkisbN18BDCDNeGnJwfAOclzdYUBxGwcv
k5fS2d/XtMBkOmhgNWoO/pbTgMOi9rc3zms35vM7MtgZ+zkMrPHfqYa1LP9j/9Nz
e/sI+rlQLf5Kcw==
-----END CERTIFICATE-----