Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
File:                     epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json)
Hash identifier:          9xtIMkicWB+Ic5xiEvqxompp4PTsYrJW+LzMLGAvFno=
Subject key identifier:   35:AA:BD:23:2B:0C:43:E2:AB:55:AA:1C:2E:00:6E:04:05:A0:3F:1B
Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9
Certificate issuer:       /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
Certificate serial:       019CAB6AED14906F1D8EC2A0BB6EC665484F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
Manifest number:          07C2
Signing time:             Sun 01 Mar 2026 22:00:37 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:37 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:37 +0000
Files and hashes:         1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: XwiZfrOwxfZFW0ZmUtA5lV6dGmyNG8fXArMKnj6o7co=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:ed:14:90:6f:1d:8e:c2:a0:bb:6e:c6:65:48:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9
        Validity
            Not Before: Mar  1 22:00:37 2026 GMT
            Not After : Mar  2 22:00:37 2026 GMT
        Subject: CN=35aabd232b0c43e2ab55aa1c2e006e0405a03f1b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:98:a1:39:4d:35:c0:4a:a7:34:fb:91:2f:50:
                    a5:ce:e3:1d:bf:7c:2c:d7:c9:88:9d:8d:d6:84:98:
                    85:8f:33:ba:66:7c:13:0e:34:c6:ff:c5:a6:ce:cd:
                    f2:95:61:ac:2f:a8:6b:66:cc:ef:e8:5d:ac:b1:ca:
                    82:ee:20:8e:da:8b:96:bc:b4:57:e2:fa:76:82:45:
                    bf:3a:81:84:4b:0d:a4:cc:c1:1a:3b:9d:8c:0a:89:
                    22:2b:d7:1a:a2:c2:84:c9:29:1b:6d:2d:75:f2:4b:
                    1c:1b:ea:e1:bb:0e:a4:0f:45:82:3d:84:39:c7:d4:
                    24:15:26:1a:a6:dc:0e:79:ca:c4:46:22:1a:34:54:
                    c4:22:c5:91:90:5d:a1:87:91:ed:59:fc:24:ea:3a:
                    fc:bb:0f:8a:1b:82:0e:35:e8:18:4b:9e:77:09:9b:
                    dd:2f:79:85:bc:55:c0:26:b7:4d:6e:18:9b:0b:99:
                    66:d4:98:c3:1e:44:45:3f:d8:cf:b4:1c:21:72:41:
                    78:3c:ae:d1:52:04:71:3a:15:e7:cf:b4:7b:1d:b7:
                    3c:79:40:3d:b4:74:d0:25:a7:8b:99:f2:d7:30:df:
                    01:1b:cc:90:cc:28:82:24:45:bc:30:94:5b:25:a5:
                    6e:9f:6a:fc:e1:65:44:bd:72:f8:b2:d7:5d:9a:7b:
                    81:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:AA:BD:23:2B:0C:43:E2:AB:55:AA:1C:2E:00:6E:04:05:A0:3F:1B
            X509v3 Authority Key Identifier:
                keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:af:54:61:67:53:af:04:4b:66:ed:1b:aa:0f:7f:25:26:b2:
         fe:07:fd:49:52:4b:07:30:a7:90:13:5e:07:c2:d2:c9:4e:e1:
         ed:9d:98:c8:31:cf:d5:00:96:4e:41:eb:df:e4:ff:be:98:54:
         41:41:5e:6a:72:23:1a:df:36:1d:a3:96:71:02:a3:8a:a2:45:
         c1:d5:7f:7f:3b:6b:30:56:53:79:81:93:16:f2:c6:29:4a:9e:
         82:7e:b8:5c:14:7f:53:21:c0:06:21:9a:85:12:82:06:ad:4c:
         a7:cf:b5:28:3d:5e:88:ef:65:1c:22:25:89:1f:9c:14:8e:ad:
         79:ef:0a:81:db:e8:6e:33:ce:65:2b:91:b0:54:f3:7c:5b:32:
         a1:ce:83:ca:d4:9d:56:24:64:35:2f:e7:a3:3a:23:41:c1:76:
         b1:41:cc:e2:db:58:5c:0d:b9:e9:34:02:9e:e5:44:e3:d7:d0:
         21:49:50:c8:64:e1:14:9d:49:6c:4e:a0:97:c8:0e:4b:74:d5:
         15:13:e9:53:8c:b0:e2:d4:67:28:a2:0c:99:32:c9:48:f1:fe:
         70:bf:28:71:ad:c1:69:80:d0:cb:7f:aa:fe:b9:91:40:4c:5c:
         ad:73:54:9e:51:b7:21:ce:3d:22:76:f3:b0:e1:30:db:8a:8d:
         9f:cd:a0:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrau0UkG8djsKgu27GZUhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz
NzVlZDkwHhcNMjYwMzAxMjIwMDM3WhcNMjYwMzAyMjIwMDM3WjAzMTEwLwYDVQQD
EygzNWFhYmQyMzJiMGM0M2UyYWI1NWFhMWMyZTAwNmUwNDA1YTAzZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ihOU01wEqnNPuRL1ClzuMdv3ws
18mInY3WhJiFjzO6ZnwTDjTG/8Wmzs3ylWGsL6hrZszv6F2sscqC7iCO2ouWvLRX
4vp2gkW/OoGESw2kzMEaO52MCokiK9caosKEySkbbS118kscG+rhuw6kD0WCPYQ5
x9QkFSYaptwOecrERiIaNFTEIsWRkF2hh5HtWfwk6jr8uw+KG4IONegYS553CZvd
L3mFvFXAJrdNbhibC5lm1JjDHkRFP9jPtBwhckF4PK7RUgRxOhXnz7R7Hbc8eUA9
tHTQJaeLmfLXMN8BG8yQzCiCJEW8MJRbJaVun2r84WVEvXL4stddmnuBDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWqvSMrDEPiq1WqHC4AbgQFoD8bMB8GA1UdIwQY
MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt
M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx
LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyK9UYWdT
rwRLZu0bqg9/JSay/gf9SVJLBzCnkBNeB8LSyU7h7Z2YyDHP1QCWTkHr3+T/vphU
QUFeanIjGt82HaOWcQKjiqJFwdV/fztrMFZTeYGTFvLGKUqegn64XBR/UyHABiGa
hRKCBq1Mp8+1KD1eiO9lHCIliR+cFI6tee8KgdvobjPOZSuRsFTzfFsyoc6DytSd
ViRkNS/nozojQcF2sUHM4ttYXA256TQCnuVE49fQIUlQyGThFJ1JbE6gl8gOS3TV
FRPpU4yw4tRnKKIMmTLJSPH+cL8oca3BaYDQy3+q/rmRQExcrXNUnlG3Ic49Inbz
sOEw24qNn82giw==
-----END CERTIFICATE-----