Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
File:                     WrJabDkrjmejrSH2D9MxHWt_Hlw.mft (raw, json)
Hash identifier:          iBl0dnwnmh434wlgfPfqxpSDWZyF42ghUdSPZTQ+eEY=
Subject key identifier:   73:BE:C9:C4:FE:BE:C6:6D:08:0A:4A:55:E5:52:40:9C:B8:99:9D:3C
Authority key identifier: 5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C
Certificate issuer:       /CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
Certificate serial:       019CAB6BCC64ACCEB68CB115DB1756E04B40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
Manifest number:          10E1
Signing time:             Sun 01 Mar 2026 22:01:34 +0000
Manifest this update:     Sun 01 Mar 2026 22:01:34 +0000
Manifest next update:     Mon 02 Mar 2026 22:01:34 +0000
Files and hashes:         1: WrJabDkrjmejrSH2D9MxHWt_Hlw.crl (hash: HYMZw0lxZXB/9uClrq7oRwyAScjB8LseKitlKFCJB9c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:cc:64:ac:ce:b6:8c:b1:15:db:17:56:e0:4b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ab25a6c392b8e67a3ad21f60fd3311d6b7f1e5c
        Validity
            Not Before: Mar  1 22:01:34 2026 GMT
            Not After : Mar  2 22:01:34 2026 GMT
        Subject: CN=73bec9c4febec66d080a4a55e552409cb8999d3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:43:73:8f:a7:58:0c:7f:48:52:d2:6d:ca:97:
                    88:b8:e0:50:27:f8:ca:7f:77:00:d9:65:85:d7:88:
                    19:ad:a9:7f:53:2b:b1:f9:f1:d0:24:64:67:a2:e6:
                    59:5e:f0:dc:bf:75:30:cc:07:e5:b0:1c:ab:5d:72:
                    7f:e2:25:e1:1f:b1:77:62:24:69:92:83:e3:c5:0d:
                    92:cd:8d:1a:13:19:b9:65:b6:97:36:c3:1a:21:bd:
                    d2:f9:3d:a8:78:fe:ed:dc:2d:6e:35:95:20:a7:30:
                    28:4a:92:f7:91:57:91:bd:cb:82:7b:50:87:76:fc:
                    b9:d6:c6:20:ca:10:1f:68:09:7a:2a:99:a2:42:be:
                    b3:ad:e3:11:47:0b:bb:f4:65:8a:81:52:9f:2d:67:
                    50:61:13:5f:f7:b3:27:67:a8:35:34:fe:8a:49:47:
                    3a:e8:bb:25:61:98:1a:43:96:d7:a3:46:25:8a:61:
                    c0:68:e8:6b:17:88:1f:b4:19:f0:d6:99:59:bc:8c:
                    5c:ad:09:fe:a0:36:a2:4e:53:a3:d2:c9:04:0c:5d:
                    ff:7c:1e:89:6b:69:64:98:80:5d:9f:9e:8f:d0:c8:
                    73:26:51:e2:74:70:90:3b:a6:ca:d6:15:cf:62:30:
                    a9:e6:06:ab:0f:f0:ba:a2:d5:79:c3:51:74:5d:53:
                    f5:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:BE:C9:C4:FE:BE:C6:6D:08:0A:4A:55:E5:52:40:9C:B8:99:9D:3C
            X509v3 Authority Key Identifier:
                keyid:5A:B2:5A:6C:39:2B:8E:67:A3:AD:21:F6:0F:D3:31:1D:6B:7F:1E:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrJabDkrjmejrSH2D9MxHWt_Hlw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/81f76f-d878-44a1-82c7-2ccb5f0c5f6b/1/WrJabDkrjmejrSH2D9MxHWt_Hlw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:81:44:18:63:39:27:f8:db:63:8f:4d:3f:aa:7c:8b:90:d3:
         f8:6e:4e:71:62:ab:a3:ac:f9:0d:ef:0e:c8:f2:41:49:54:92:
         fa:21:10:00:77:be:39:f6:ff:fa:bd:dc:0a:62:db:2a:09:ed:
         b5:3f:18:f9:77:bf:f9:9b:97:d7:d3:f5:f3:cb:e8:37:3d:14:
         7d:c2:dd:43:8b:bf:22:cc:ee:84:ae:19:5a:05:a9:d6:83:5b:
         26:5e:03:47:ba:f9:dc:53:d8:21:37:db:33:29:cf:db:6f:03:
         a7:7f:92:71:ea:a2:8b:1d:16:1d:b1:be:49:4f:c9:c9:31:c0:
         a6:b1:67:42:d9:e7:66:b7:10:e2:a0:9d:c0:2d:51:90:75:df:
         ff:85:38:6c:56:5a:92:0b:29:5c:1b:23:bb:da:23:9b:f4:59:
         c9:8d:ab:6b:31:c8:ce:97:43:05:9b:af:ce:b6:be:9a:8d:7e:
         fe:e1:21:ba:24:29:cb:13:16:99:eb:97:ba:ab:70:24:16:f2:
         e6:bb:80:f9:a4:af:60:ff:98:b9:d5:77:71:ff:a5:c8:af:62:
         ae:9c:ed:51:7e:85:82:08:c2:34:1c:b1:48:8b:6b:0c:4e:ad:
         41:7d:39:b3:2d:72:34:30:59:60:7a:8a:d2:c3:0c:57:20:64:
         ab:0f:be:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyra8xkrM62jLEV2xdW4EtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYjI1YTZjMzkyYjhlNjdhM2FkMjFmNjBmZDMzMTFkNmI3
ZjFlNWMwHhcNMjYwMzAxMjIwMTM0WhcNMjYwMzAyMjIwMTM0WjAzMTEwLwYDVQQD
Eyg3M2JlYzljNGZlYmVjNjZkMDgwYTRhNTVlNTUyNDA5Y2I4OTk5ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ENzj6dYDH9IUtJtypeIuOBQJ/jK
f3cA2WWF14gZral/Uyux+fHQJGRnouZZXvDcv3UwzAflsByrXXJ/4iXhH7F3YiRp
koPjxQ2SzY0aExm5ZbaXNsMaIb3S+T2oeP7t3C1uNZUgpzAoSpL3kVeRvcuCe1CH
dvy51sYgyhAfaAl6KpmiQr6zreMRRwu79GWKgVKfLWdQYRNf97MnZ6g1NP6KSUc6
6LslYZgaQ5bXo0YlimHAaOhrF4gftBnw1plZvIxcrQn+oDaiTlOj0skEDF3/fB6J
a2lkmIBdn56P0MhzJlHidHCQO6bK1hXPYjCp5garD/C6otV5w1F0XVP11QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHO+ycT+vsZtCApKVeVSQJy4mZ08MB8GA1UdIwQY
MBaAFFqyWmw5K45no60h9g/TMR1rfx5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzct
MmNjYjVmMGM1ZjZiLzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84MWY3NmYtZDg3OC00NGExLTgyYzctMmNjYjVmMGM1ZjZi
LzEvV3JKYWJEa3JqbWVqclNIMkQ5TXhIV3RfSGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdIFEGGM5
J/jbY49NP6p8i5DT+G5OcWKro6z5De8OyPJBSVSS+iEQAHe+Ofb/+r3cCmLbKgnt
tT8Y+Xe/+ZuX19P188voNz0UfcLdQ4u/IszuhK4ZWgWp1oNbJl4DR7r53FPYITfb
MynP228Dp3+Sceqiix0WHbG+SU/JyTHAprFnQtnnZrcQ4qCdwC1RkHXf/4U4bFZa
kgspXBsju9ojm/RZyY2razHIzpdDBZuvzra+mo1+/uEhuiQpyxMWmeuXuqtwJBby
5ruA+aSvYP+YudV3cf+lyK9irpztUX6FggjCNByxSItrDE6tQX05sy1yNDBZYHqK
0sMMVyBkqw++/Q==
-----END CERTIFICATE-----