Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
File:                     ulwqMT590aRJ4sH7JsWrA-UmgY0.mft (raw, json)
Hash identifier:          CQ9zBeRydyYRzhIBB8lC2TR+uKVhmuR1TJi8ouwfQ1k=
Subject key identifier:   DC:74:78:CA:70:3D:EA:B6:95:A4:C4:98:17:E9:E2:A3:A1:7C:DC:13
Authority key identifier: BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D
Certificate issuer:       /CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
Certificate serial:       019CAC7E2EF0189A811ADBED990AAA86093F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
Manifest number:          0573
Signing time:             Mon 02 Mar 2026 03:01:16 +0000
Manifest this update:     Mon 02 Mar 2026 03:01:16 +0000
Manifest next update:     Tue 03 Mar 2026 03:01:16 +0000
Files and hashes:         1: ulwqMT590aRJ4sH7JsWrA-UmgY0.crl (hash: Rbf0vvZnQxiCkPizE99Di9sAPbfcro36DOOlWRSuPzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:7e:2e:f0:18:9a:81:1a:db:ed:99:0a:aa:86:09:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba5c2a313e7dd1a449e2c1fb26c5ab03e526818d
        Validity
            Not Before: Mar  2 03:01:16 2026 GMT
            Not After : Mar  3 03:01:16 2026 GMT
        Subject: CN=dc7478ca703deab695a4c49817e9e2a3a17cdc13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:4e:d1:63:d3:db:98:af:a7:29:09:93:b0:57:
                    9d:bb:72:59:0f:57:43:5e:3c:b0:0c:a0:66:87:53:
                    a6:c4:9f:d5:0c:fb:99:fb:f7:24:4f:7f:f9:b0:76:
                    23:38:f5:37:63:43:51:c2:9e:4f:3b:88:04:82:41:
                    78:5d:c4:9a:38:13:05:ab:14:3a:57:e2:12:36:1a:
                    e4:ad:d6:13:5a:5d:72:12:ed:c5:e6:cf:a0:73:d5:
                    78:6e:fd:bd:cf:4f:25:46:14:46:eb:6c:37:79:cc:
                    79:11:85:f1:a1:33:32:f9:55:c4:33:ad:fc:e9:3c:
                    82:f6:6f:9d:c1:31:bc:97:ed:00:c5:14:85:fc:e7:
                    11:4c:af:c4:bf:42:01:fe:8f:56:a4:46:f6:55:34:
                    ca:04:c4:0e:62:97:00:fb:0b:ab:e8:f4:2d:38:8f:
                    8c:28:e4:d6:8f:e2:41:72:61:46:f7:57:fb:72:19:
                    31:57:43:d6:6f:23:d2:2b:26:80:48:ee:41:eb:3c:
                    2a:c3:21:8b:50:65:1f:89:df:ac:34:ca:3e:9a:ac:
                    80:ba:f8:ee:b0:a6:03:34:ea:9e:40:3a:2e:1f:29:
                    7c:60:fb:23:a3:14:7b:b7:b8:fd:22:c9:4c:10:15:
                    f6:19:6a:8e:e7:ab:c9:5d:fc:31:d5:95:ee:8d:c0:
                    89:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:74:78:CA:70:3D:EA:B6:95:A4:C4:98:17:E9:E2:A3:A1:7C:DC:13
            X509v3 Authority Key Identifier:
                keyid:BA:5C:2A:31:3E:7D:D1:A4:49:E2:C1:FB:26:C5:AB:03:E5:26:81:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulwqMT590aRJ4sH7JsWrA-UmgY0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f8ea98-4fbc-4f3e-b658-e0a7ae216cb7/1/ulwqMT590aRJ4sH7JsWrA-UmgY0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:69:c5:8e:50:dd:19:33:a7:5e:4a:ce:da:89:f7:09:75:7f:
         a9:39:d0:5f:40:3f:7e:0c:6b:41:cb:8e:2a:bb:42:05:f3:59:
         71:53:12:d9:bc:a4:23:2e:f5:07:95:f2:b3:eb:3e:53:ca:36:
         2c:46:ae:20:1f:4d:81:27:0e:aa:b6:39:c8:0c:1a:39:59:ad:
         d5:c5:51:85:4c:26:2b:5e:59:a4:18:15:2a:e8:55:21:f3:fd:
         1b:7f:0b:f4:31:22:b1:36:4f:f8:2b:06:79:a5:7e:d5:ed:a8:
         0d:2f:3a:55:5b:85:ed:f9:4e:80:22:3c:1f:84:59:b3:d1:21:
         1f:9c:bf:8f:3f:04:8a:f8:5d:90:c8:f7:82:88:60:3d:b1:a5:
         79:b0:c9:a8:bf:e2:e9:65:62:f3:e8:7f:55:14:b5:80:33:89:
         88:8b:f8:a8:89:cb:7b:fe:32:45:0d:43:10:bc:0e:fc:28:c9:
         43:ca:59:74:1b:43:67:a7:2b:99:60:92:6b:6a:12:3f:47:fd:
         4d:d1:77:60:fb:64:9f:33:13:b5:9c:40:cf:a3:23:e0:84:4c:
         05:68:7d:c8:dd:72:91:39:d8:51:b4:89:bc:aa:0f:e4:95:17:
         9d:00:22:9e:e3:49:4a:dc:23:16:74:eb:d4:0f:0a:87:8c:2a:
         f7:72:20:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfi7wGJqBGtvtmQqqhgk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNWMyYTMxM2U3ZGQxYTQ0OWUyYzFmYjI2YzVhYjAzZTUy
NjgxOGQwHhcNMjYwMzAyMDMwMTE2WhcNMjYwMzAzMDMwMTE2WjAzMTEwLwYDVQQD
EyhkYzc0NzhjYTcwM2RlYWI2OTVhNGM0OTgxN2U5ZTJhM2ExN2NkYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6k7RY9PbmK+nKQmTsFedu3JZD1dD
XjywDKBmh1OmxJ/VDPuZ+/ckT3/5sHYjOPU3Y0NRwp5PO4gEgkF4XcSaOBMFqxQ6
V+ISNhrkrdYTWl1yEu3F5s+gc9V4bv29z08lRhRG62w3ecx5EYXxoTMy+VXEM638
6TyC9m+dwTG8l+0AxRSF/OcRTK/Ev0IB/o9WpEb2VTTKBMQOYpcA+wur6PQtOI+M
KOTWj+JBcmFG91f7chkxV0PWbyPSKyaASO5B6zwqwyGLUGUfid+sNMo+mqyAuvju
sKYDNOqeQDouHyl8YPsjoxR7t7j9IslMEBX2GWqO56vJXfwx1ZXujcCJPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNx0eMpwPeq2laTEmBfp4qOhfNwTMB8GA1UdIwQY
MBaAFLpcKjE+fdGkSeLB+ybFqwPlJoGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgt
ZTBhN2FlMjE2Y2I3LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOGVhOTgtNGZiYy00ZjNlLWI2NTgtZTBhN2FlMjE2Y2I3
LzEvdWx3cU1UNTkwYVJKNHNIN0pzV3JBLVVtZ1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmnFjlDd
GTOnXkrO2on3CXV/qTnQX0A/fgxrQcuOKrtCBfNZcVMS2bykIy71B5Xys+s+U8o2
LEauIB9NgScOqrY5yAwaOVmt1cVRhUwmK15ZpBgVKuhVIfP9G38L9DEisTZP+CsG
eaV+1e2oDS86VVuF7flOgCI8H4RZs9EhH5y/jz8EivhdkMj3gohgPbGlebDJqL/i
6WVi8+h/VRS1gDOJiIv4qInLe/4yRQ1DELwO/CjJQ8pZdBtDZ6crmWCSa2oSP0f9
TdF3YPtknzMTtZxAz6Mj4IRMBWh9yN1ykTnYUbSJvKoP5JUXnQAinuNJStwjFnTr
1A8Kh4wq93Igjg==
-----END CERTIFICATE-----