Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
File:                     icKIUyrvyGlxuY1bTR2YGW2ey4U.mft (raw, json)
Hash identifier:          KpCgvP9pVlYTnnAQuB7YEJLS8CaruNUcl9u6eXuLiBY=
Subject key identifier:   A4:B0:C5:C2:D4:D1:95:9E:5F:B5:D5:E2:88:DD:2A:8F:93:7E:EE:26
Authority key identifier: 89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85
Certificate issuer:       /CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
Certificate serial:       019CAD59937F6A798D41CF0A53B636B323B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
Manifest number:          09B7
Signing time:             Mon 02 Mar 2026 07:00:54 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:54 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:54 +0000
Files and hashes:         1: icKIUyrvyGlxuY1bTR2YGW2ey4U.crl (hash: df1u8sSAI4xWB+UtfH5BEBmIKzpB0txAn+EE4K/qiuw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:93:7f:6a:79:8d:41:cf:0a:53:b6:36:b3:23:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89c288532aefc86971b98d5b4d1d98196d9ecb85
        Validity
            Not Before: Mar  2 07:00:54 2026 GMT
            Not After : Mar  3 07:00:54 2026 GMT
        Subject: CN=a4b0c5c2d4d1959e5fb5d5e288dd2a8f937eee26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:1b:05:45:16:be:d6:70:fd:3e:48:25:02:22:
                    30:55:06:6a:f7:95:25:5f:fb:53:7c:6a:a1:da:17:
                    15:77:31:bd:0c:23:67:35:06:02:f2:17:f7:94:5b:
                    88:cb:94:4d:3e:6a:75:c7:17:d0:03:d0:e0:77:97:
                    62:f0:56:e9:ca:cf:a9:c0:3a:e9:33:69:5b:7c:67:
                    76:18:23:b0:db:71:26:4d:60:73:21:57:a8:f6:e7:
                    b0:1a:09:1b:b4:90:53:56:7b:db:e0:e7:3a:4c:a1:
                    1b:dd:89:9b:18:4b:b6:2c:27:51:59:de:50:dc:4b:
                    bf:ea:1a:3b:8b:f5:49:a3:77:56:0b:00:4d:50:6a:
                    1c:5d:12:eb:21:18:ca:a6:55:b0:f3:12:41:f8:0b:
                    3c:78:e8:cc:2c:cd:a4:07:ad:80:00:54:69:3b:d7:
                    a6:72:85:da:ff:45:e9:5d:f2:62:fc:82:f7:4d:2d:
                    16:95:45:4b:4f:ac:6b:3b:59:e3:d3:c0:d0:d7:1f:
                    3d:d2:13:bd:89:0a:b6:95:b9:22:51:0a:a7:8e:75:
                    40:44:ce:dc:60:06:2a:98:c6:2b:14:59:c9:58:05:
                    e0:62:0d:06:df:c2:da:97:94:d2:f7:bf:c5:e2:0b:
                    c8:1b:d7:34:af:42:2a:2c:f0:e3:49:bd:11:16:cd:
                    df:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:B0:C5:C2:D4:D1:95:9E:5F:B5:D5:E2:88:DD:2A:8F:93:7E:EE:26
            X509v3 Authority Key Identifier:
                keyid:89:C2:88:53:2A:EF:C8:69:71:B9:8D:5B:4D:1D:98:19:6D:9E:CB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icKIUyrvyGlxuY1bTR2YGW2ey4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/18dd8b-a010-42ca-bc99-0f867d9ff58e/1/icKIUyrvyGlxuY1bTR2YGW2ey4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:c7:be:e9:75:85:4d:73:a8:c2:d3:bc:3e:90:f5:a5:ac:7a:
         24:22:88:3b:34:41:92:5e:30:38:0d:f3:1d:f8:10:2b:3e:36:
         fc:90:b1:ba:fe:13:e6:30:dc:9c:51:20:60:fa:1b:84:dd:cb:
         ab:bc:d8:46:aa:f0:b6:f6:c9:57:45:43:f4:a9:5b:2d:84:15:
         04:3c:bb:57:12:12:cf:dd:84:6e:cf:79:c7:8b:87:6b:d0:84:
         63:68:07:dc:19:6b:93:03:6f:8c:f9:e6:7e:04:2a:bc:a8:f5:
         ae:d1:22:86:0c:db:e8:0a:99:34:c7:5e:42:05:3b:32:c3:a6:
         ed:1a:e9:79:ca:e5:63:06:65:33:9a:8f:10:02:3d:ee:37:b1:
         d7:0d:85:95:fc:6a:6c:49:ad:c9:47:3f:fa:de:3b:8d:b1:e3:
         94:94:08:bc:2e:10:7f:e8:73:94:0a:02:dd:04:57:33:27:95:
         d6:56:43:99:40:e3:8f:2a:56:e5:1a:0d:79:28:bf:a1:b6:f9:
         82:e3:4d:fb:9e:ae:11:78:23:58:66:92:68:e5:8b:5e:2c:6e:
         68:75:82:87:d1:a9:7b:a2:ce:52:a4:53:47:8f:56:dd:8a:59:
         83:96:64:97:09:3f:e1:54:5d:0c:b5:a2:9a:a4:97:43:80:1f:
         df:42:21:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWZN/anmNQc8KU7Y2syO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YzI4ODUzMmFlZmM4Njk3MWI5OGQ1YjRkMWQ5ODE5NmQ5
ZWNiODUwHhcNMjYwMzAyMDcwMDU0WhcNMjYwMzAzMDcwMDU0WjAzMTEwLwYDVQQD
EyhhNGIwYzVjMmQ0ZDE5NTllNWZiNWQ1ZTI4OGRkMmE4ZjkzN2VlZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBsFRRa+1nD9PkglAiIwVQZq95Ul
X/tTfGqh2hcVdzG9DCNnNQYC8hf3lFuIy5RNPmp1xxfQA9Dgd5di8Fbpys+pwDrp
M2lbfGd2GCOw23EmTWBzIVeo9uewGgkbtJBTVnvb4Oc6TKEb3YmbGEu2LCdRWd5Q
3Eu/6ho7i/VJo3dWCwBNUGocXRLrIRjKplWw8xJB+As8eOjMLM2kB62AAFRpO9em
coXa/0XpXfJi/IL3TS0WlUVLT6xrO1nj08DQ1x890hO9iQq2lbkiUQqnjnVARM7c
YAYqmMYrFFnJWAXgYg0G38Lal5TS97/F4gvIG9c0r0IqLPDjSb0RFs3ffQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSwxcLU0ZWeX7XV4ojdKo+Tfu4mMB8GA1UdIwQY
MBaAFInCiFMq78hpcbmNW00dmBltnsuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTkt
MGY4NjdkOWZmNThlLzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xOGRkOGItYTAxMC00MmNhLWJjOTktMGY4NjdkOWZmNThl
LzEvaWNLSVV5cnZ5R2x4dVkxYlRSMllHVzJleTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV8e+6XWF
TXOowtO8PpD1pax6JCKIOzRBkl4wOA3zHfgQKz42/JCxuv4T5jDcnFEgYPobhN3L
q7zYRqrwtvbJV0VD9KlbLYQVBDy7VxISz92Ebs95x4uHa9CEY2gH3BlrkwNvjPnm
fgQqvKj1rtEihgzb6AqZNMdeQgU7MsOm7RrpecrlYwZlM5qPEAI97jex1w2Flfxq
bEmtyUc/+t47jbHjlJQIvC4Qf+hzlAoC3QRXMyeV1lZDmUDjjypW5RoNeSi/obb5
guNN+56uEXgjWGaSaOWLXixuaHWCh9Gpe6LOUqRTR49W3YpZg5Zklwk/4VRdDLWi
mqSXQ4Af30IhOQ==
-----END CERTIFICATE-----