Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          DVTCexzZ+D5dXdMzqzvvb38A5J8MLRkzlBo4U61Rbq8=
Subject key identifier:   4D:4D:4E:B3:5F:A4:8C:4A:FB:E3:35:33:04:75:7A:5F:7E:B6:CD:B5
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       019CAB6AF6AFC72F80D53AED6D0B084C8453
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          08CA
Signing time:             Sun 01 Mar 2026 22:00:39 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:39 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:39 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: LP1mnNnsw2CcsePB8Gox1ZRc+Jg1Y/NPjIdgQ21Ee2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6a:f6:af:c7:2f:80:d5:3a:ed:6d:0b:08:4c:84:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Mar  1 22:00:39 2026 GMT
            Not After : Mar  2 22:00:39 2026 GMT
        Subject: CN=4d4d4eb35fa48c4afbe3353304757a5f7eb6cdb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:10:b0:af:dd:8b:1f:47:63:6e:e3:72:61:bb:
                    d2:99:80:1e:ea:51:b7:2e:51:96:69:7a:db:eb:8e:
                    b0:b2:2e:ed:48:92:0e:e7:2e:86:e1:30:b7:71:e6:
                    17:1f:c1:cd:84:0f:b2:36:1c:2d:1b:47:15:7e:82:
                    d3:c1:29:29:11:09:8b:63:e3:1d:a2:97:6b:d1:e9:
                    95:de:f6:2c:c7:96:a9:83:87:75:de:85:7c:ef:2c:
                    f4:6b:57:a1:11:9f:2b:c2:6a:4a:0c:fc:88:fb:a6:
                    64:98:e6:30:f9:b1:1e:f0:ff:cd:24:a0:ac:30:16:
                    cd:4d:f9:51:55:3d:8b:5e:36:ac:e8:8c:34:a2:eb:
                    ea:f1:32:9a:86:e3:ec:bd:57:55:35:b3:38:f4:36:
                    32:4d:a0:b2:c1:1b:7a:59:4b:66:79:64:f6:3b:fd:
                    3e:f9:13:c8:2a:a7:4c:49:23:b9:bf:9e:cd:3a:43:
                    39:c2:56:32:6b:84:9f:2b:e1:a6:ee:95:83:d3:ec:
                    d9:66:9b:77:69:1d:5e:ee:7c:8c:6b:00:82:fc:e5:
                    72:87:71:17:2e:49:64:46:a3:f0:63:82:7d:3e:9f:
                    ec:fa:81:da:dd:05:80:00:8c:73:6b:cd:d5:5d:51:
                    44:36:23:a5:87:b6:29:19:cd:21:cb:e5:51:28:1b:
                    8d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:4D:4E:B3:5F:A4:8C:4A:FB:E3:35:33:04:75:7A:5F:7E:B6:CD:B5
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:b0:49:9c:e2:52:f0:7c:9d:36:4b:87:76:96:59:2b:46:72:
         87:95:55:c9:13:43:34:b6:bd:9e:31:77:05:75:9b:9a:d4:63:
         14:35:ed:04:ec:83:a7:9c:5d:31:b8:95:dc:c4:34:fb:09:6b:
         32:67:09:e2:90:34:5f:8c:17:10:a6:02:43:b6:b3:f3:d0:2d:
         f3:df:2b:c8:7b:c1:5f:6a:72:34:2c:12:b1:8e:e7:b3:fa:a0:
         1f:be:05:ea:e0:36:5e:4c:ee:14:82:4d:a1:eb:9a:89:f3:f6:
         86:77:be:7f:b6:42:7b:d8:ae:06:0e:a9:6d:d5:6b:a8:9c:1f:
         b6:6f:0e:07:16:13:9c:cc:0a:b6:ae:02:3c:5d:41:78:39:53:
         21:80:72:7f:6e:80:3a:58:85:6e:cc:6d:21:8d:c1:5a:2a:8f:
         93:e6:05:5c:9f:f8:fe:59:7e:39:f0:8a:64:76:21:2a:92:b7:
         a3:27:64:c4:78:0b:1a:3a:4d:98:f9:06:cd:18:3f:20:8f:0f:
         f7:ce:62:80:78:62:73:7a:90:10:7d:14:14:fb:85:da:64:4f:
         c4:a7:b9:27:b2:93:35:98:87:56:c4:cc:0c:ba:a3:54:43:78:
         91:10:10:b2:c3:61:48:03:3c:f6:be:a1:f4:60:80:3b:d9:ec:
         a3:96:80:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyravavxy+A1TrtbQsITIRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjYwMzAxMjIwMDM5WhcNMjYwMzAyMjIwMDM5WjAzMTEwLwYDVQQD
Eyg0ZDRkNGViMzVmYTQ4YzRhZmJlMzM1MzMwNDc1N2E1ZjdlYjZjZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthCwr92LH0djbuNyYbvSmYAe6lG3
LlGWaXrb646wsi7tSJIO5y6G4TC3ceYXH8HNhA+yNhwtG0cVfoLTwSkpEQmLY+Md
opdr0emV3vYsx5apg4d13oV87yz0a1ehEZ8rwmpKDPyI+6ZkmOYw+bEe8P/NJKCs
MBbNTflRVT2LXjas6Iw0ouvq8TKahuPsvVdVNbM49DYyTaCywRt6WUtmeWT2O/0+
+RPIKqdMSSO5v57NOkM5wlYya4SfK+Gm7pWD0+zZZpt3aR1e7nyMawCC/OVyh3EX
LklkRqPwY4J9Pp/s+oHa3QWAAIxza83VXVFENiOlh7YpGc0hy+VRKBuNzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1NTrNfpIxK++M1MwR1el9+ts21MB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQrBJnOJS
8HydNkuHdpZZK0Zyh5VVyRNDNLa9njF3BXWbmtRjFDXtBOyDp5xdMbiV3MQ0+wlr
MmcJ4pA0X4wXEKYCQ7az89At898ryHvBX2pyNCwSsY7ns/qgH74F6uA2XkzuFIJN
oeuaifP2hne+f7ZCe9iuBg6pbdVrqJwftm8OBxYTnMwKtq4CPF1BeDlTIYByf26A
OliFbsxtIY3BWiqPk+YFXJ/4/ll+OfCKZHYhKpK3oydkxHgLGjpNmPkGzRg/II8P
985igHhic3qQEH0UFPuF2mRPxKe5J7KTNZiHVsTMDLqjVEN4kRAQssNhSAM89r6h
9GCAO9nso5aAKg==
-----END CERTIFICATE-----