Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
File:                     LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft (raw, json)
Hash identifier:          V7wU4uUXPF8kKr7jXxcqb1hPXKk37TIboCODdBT3TP4=
Subject key identifier:   E5:77:74:81:4C:A4:16:AD:C0:68:13:3F:1E:3A:AD:3C:52:39:EA:EC
Authority key identifier: 2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42
Certificate issuer:       /CN=2e1810d5c911b4a81073fae638971b577dd7a642
Certificate serial:       019CAD5981C3CA9088FACA57C09028720D2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
Manifest number:          1313
Signing time:             Mon 02 Mar 2026 07:00:50 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:50 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:50 +0000
Files and hashes:         1: LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl (hash: Oa1nHB850rdVmla2AkIlvOmCsroR7DIy0FOnlO2rOlc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:81:c3:ca:90:88:fa:ca:57:c0:90:28:72:0d:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e1810d5c911b4a81073fae638971b577dd7a642
        Validity
            Not Before: Mar  2 07:00:50 2026 GMT
            Not After : Mar  3 07:00:50 2026 GMT
        Subject: CN=e57774814ca416adc068133f1e3aad3c5239eaec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7b:d1:9e:b9:01:37:24:dd:02:e8:b3:cf:93:
                    08:05:e8:08:08:ca:77:9d:d0:e0:da:9e:3c:95:40:
                    d0:c6:ec:ab:53:4b:73:a9:2d:92:52:af:84:7f:1e:
                    53:ba:91:3a:67:f5:bc:f3:c0:be:84:43:af:cf:b1:
                    71:08:d7:b7:1b:e4:fe:9f:1e:49:71:f1:d5:fc:59:
                    f3:c5:e2:bb:95:ce:93:81:6b:71:1e:98:ba:bc:0e:
                    81:b5:00:98:18:44:18:6b:1e:82:8e:f3:7b:88:b7:
                    58:d1:29:07:45:82:87:bb:6f:27:b7:f6:85:fc:48:
                    72:64:ed:68:03:0a:d4:f8:69:e8:85:98:ae:9b:23:
                    6f:3e:6e:88:8e:81:f9:09:30:9b:1c:b7:04:6c:69:
                    8e:67:c2:48:25:ea:1d:b4:f0:43:31:f4:7f:72:60:
                    e2:37:f6:43:28:10:67:b5:21:68:a9:d7:8c:21:50:
                    de:71:c4:17:5f:f7:e5:1c:52:c4:94:37:31:78:7f:
                    bc:33:51:b7:32:d4:79:47:67:25:a4:0e:f9:54:f9:
                    b1:65:bb:6f:dc:f1:d6:7b:ba:22:47:e3:50:40:24:
                    a8:c7:3b:18:70:44:f6:78:28:cc:93:19:cb:da:48:
                    c4:1c:f3:3f:fe:85:26:1c:b9:42:d8:ab:9d:b5:f7:
                    74:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:77:74:81:4C:A4:16:AD:C0:68:13:3F:1E:3A:AD:3C:52:39:EA:EC
            X509v3 Authority Key Identifier:
                keyid:2E:18:10:D5:C9:11:B4:A8:10:73:FA:E6:38:97:1B:57:7D:D7:A6:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhgQ1ckRtKgQc_rmOJcbV33XpkI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/68ce51-bd3e-4cd1-bcc2-dd2a584a62bb/1/LhgQ1ckRtKgQc_rmOJcbV33XpkI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:d3:06:ee:6b:1c:e8:4d:1a:0a:08:96:d0:a8:93:f9:a3:7a:
         f0:86:ca:80:db:37:3b:a5:16:6b:fa:32:e3:fc:72:d0:21:91:
         ac:18:ba:f0:57:26:d8:bb:29:41:15:a3:e4:6e:84:24:77:54:
         60:95:c3:98:1c:30:65:c7:b2:cd:e7:a3:4f:56:0f:be:22:69:
         68:a3:d3:d8:e5:f8:71:8c:15:fa:06:f1:10:1c:0b:8b:de:d6:
         19:f2:4c:65:61:ad:c6:0a:34:66:fc:2d:93:c1:e3:e8:95:ae:
         46:a1:3c:bb:b1:48:49:02:b2:dc:c4:f5:a2:82:af:f2:a5:f8:
         5b:33:f3:d3:eb:0c:46:d1:22:2e:37:d7:ae:b2:5a:9a:a8:af:
         81:11:a2:e4:29:d4:52:37:a6:29:a0:49:cb:5d:1c:77:8a:f7:
         87:93:64:bd:ba:7a:df:9d:56:03:90:92:3c:02:db:90:eb:a4:
         d2:4f:6f:b1:37:07:41:55:9c:00:96:a1:e6:59:e9:8f:02:50:
         a3:4f:52:4b:63:25:af:f9:3d:96:07:ad:46:b4:39:2f:9e:35:
         4c:8a:bb:bc:92:c9:56:49:60:7b:e5:2a:67:da:ba:ea:59:9a:
         ed:4a:f3:7b:b1:23:15:8b:3d:8a:27:0e:87:34:35:40:c8:0c:
         b8:73:f8:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWYHDypCI+spXwJAocg0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTgxMGQ1YzkxMWI0YTgxMDczZmFlNjM4OTcxYjU3N2Rk
N2E2NDIwHhcNMjYwMzAyMDcwMDUwWhcNMjYwMzAzMDcwMDUwWjAzMTEwLwYDVQQD
EyhlNTc3NzQ4MTRjYTQxNmFkYzA2ODEzM2YxZTNhYWQzYzUyMzllYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnvRnrkBNyTdAuizz5MIBegICMp3
ndDg2p48lUDQxuyrU0tzqS2SUq+Efx5TupE6Z/W888C+hEOvz7FxCNe3G+T+nx5J
cfHV/FnzxeK7lc6TgWtxHpi6vA6BtQCYGEQYax6CjvN7iLdY0SkHRYKHu28nt/aF
/EhyZO1oAwrU+GnohZiumyNvPm6IjoH5CTCbHLcEbGmOZ8JIJeodtPBDMfR/cmDi
N/ZDKBBntSFoqdeMIVDeccQXX/flHFLElDcxeH+8M1G3MtR5R2clpA75VPmxZbtv
3PHWe7oiR+NQQCSoxzsYcET2eCjMkxnL2kjEHPM//oUmHLlC2Kudtfd0dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOV3dIFMpBatwGgTPx46rTxSOersMB8GA1UdIwQY
MBaAFC4YENXJEbSoEHP65jiXG1d916ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzIt
ZGQyYTU4NGE2MmJiLzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy82OGNlNTEtYmQzZS00Y2QxLWJjYzItZGQyYTU4NGE2MmJi
LzEvTGhnUTFja1J0S2dRY19ybU9KY2JWMzNYcGtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABNMG7msc
6E0aCgiW0KiT+aN68IbKgNs3O6UWa/oy4/xy0CGRrBi68Fcm2LspQRWj5G6EJHdU
YJXDmBwwZceyzeejT1YPviJpaKPT2OX4cYwV+gbxEBwLi97WGfJMZWGtxgo0Zvwt
k8Hj6JWuRqE8u7FISQKy3MT1ooKv8qX4WzPz0+sMRtEiLjfXrrJamqivgRGi5CnU
UjemKaBJy10cd4r3h5Nkvbp6351WA5CSPALbkOuk0k9vsTcHQVWcAJah5lnpjwJQ
o09SS2Mlr/k9lgetRrQ5L541TIq7vJLJVklge+UqZ9q66lma7Urze7EjFYs9iicO
hzQ1QMgMuHP4tQ==
-----END CERTIFICATE-----