Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
File:                     kpZChU_lYFL93BRr9y57xpSFC2M.mft (raw, json)
Hash identifier:          iZKPH8fPS5bAGmIKwGlE1VxCv1kz9pkLaApz234Ymdo=
Subject key identifier:   08:B0:C2:C1:37:22:58:BB:5E:8E:F7:2A:1D:E4:7D:BA:D6:05:4F:13
Authority key identifier: 92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63
Certificate issuer:       /CN=929642854fe56052fddc146bf72e7bc694850b63
Certificate serial:       019CAB349DFD86C19EC2C0AA952CE885E5A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
Manifest number:          092F
Signing time:             Sun 01 Mar 2026 21:01:17 +0000
Manifest this update:     Sun 01 Mar 2026 21:01:17 +0000
Manifest next update:     Mon 02 Mar 2026 21:01:17 +0000
Files and hashes:         1: kpZChU_lYFL93BRr9y57xpSFC2M.crl (hash: aVwjWusmqqPfbZAXeURP/r7vWNelGCJZmSBMI5emPXs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:34:9d:fd:86:c1:9e:c2:c0:aa:95:2c:e8:85:e5:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=929642854fe56052fddc146bf72e7bc694850b63
        Validity
            Not Before: Mar  1 21:01:17 2026 GMT
            Not After : Mar  2 21:01:17 2026 GMT
        Subject: CN=08b0c2c1372258bb5e8ef72a1de47dbad6054f13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:59:a9:c9:7e:39:36:c2:18:90:46:90:a7:19:
                    d3:7c:3f:16:16:4f:8c:20:e1:8f:57:7c:df:7c:3a:
                    97:25:17:64:2f:73:b4:bb:71:e2:c3:db:30:63:05:
                    3e:32:ed:ad:fc:57:a2:1d:60:43:82:09:e3:c0:f4:
                    43:10:a1:26:a7:71:cb:88:2f:2d:b4:2a:05:6d:9f:
                    13:76:f3:47:61:b2:3c:31:f1:dc:4b:a6:10:14:ca:
                    a6:55:8b:72:b5:51:cb:eb:89:94:79:c4:d4:a9:1b:
                    69:70:cb:82:bb:88:0e:50:7d:b5:47:9e:c9:2b:00:
                    89:4e:a5:eb:5f:86:85:76:6e:48:26:b1:c5:30:60:
                    32:86:9a:af:ad:f8:09:2f:83:2c:d3:07:e2:39:da:
                    5d:26:75:e7:a2:eb:83:7d:5a:04:d1:39:88:b4:ff:
                    ce:9c:2c:aa:2c:fd:57:0a:58:a2:db:0e:13:12:50:
                    3b:21:86:5f:8a:87:0c:d7:bc:53:d9:23:2f:6a:e4:
                    db:90:6e:5d:7d:55:61:30:d7:76:56:a9:a2:e4:b7:
                    95:ab:ed:df:f6:7c:6c:3d:a5:b8:97:c6:90:1c:f4:
                    20:a9:92:40:98:c6:c6:cf:2f:c2:ba:ac:a3:87:2e:
                    8d:6a:13:33:be:89:77:5a:8c:1d:36:1b:80:0f:14:
                    cc:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:B0:C2:C1:37:22:58:BB:5E:8E:F7:2A:1D:E4:7D:BA:D6:05:4F:13
            X509v3 Authority Key Identifier:
                keyid:92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:87:5d:1a:ab:9a:5a:42:98:47:5e:9b:11:8e:18:cc:be:88:
         1b:35:ef:73:b1:c5:4b:ca:0a:f2:f9:48:52:c5:fb:30:21:94:
         a5:a8:f5:0b:b2:60:13:f5:e3:f4:29:8b:f8:36:57:7a:44:0e:
         80:61:8c:4f:fd:92:21:62:5b:23:0d:2d:c9:32:d7:eb:35:c8:
         c3:a5:34:d1:7e:da:8c:1e:04:79:94:d6:a0:80:be:30:67:61:
         29:ab:01:0f:ce:73:6b:92:7e:dc:c9:d9:3c:d2:07:cf:33:e3:
         10:fc:53:de:4c:c4:1d:26:45:05:c0:50:37:a8:59:e3:c0:2d:
         a3:b0:77:9b:95:3b:d7:d1:86:d6:5b:50:7d:a9:ad:48:af:59:
         40:fc:44:9f:f1:cc:34:df:59:18:c2:ef:43:05:e2:4f:f7:98:
         a0:1d:08:fb:0a:48:38:31:69:b6:2b:5d:95:56:a0:8f:12:42:
         4a:56:ab:17:da:b7:c8:b8:5c:35:57:7a:5c:9e:ba:e3:f5:10:
         39:00:1c:00:a9:cd:5e:3a:cb:b8:45:c2:61:28:2f:05:99:b3:
         28:ac:bd:47:61:db:53:a6:8d:97:5c:51:8e:e5:ba:a6:83:99:
         fb:54:b6:41:6b:fe:c6:65:7b:0e:6d:8e:d9:90:c9:77:2e:a6:
         a5:13:95:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrNJ39hsGewsCqlSzoheWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTY0Mjg1NGZlNTYwNTJmZGRjMTQ2YmY3MmU3YmM2OTQ4
NTBiNjMwHhcNMjYwMzAxMjEwMTE3WhcNMjYwMzAyMjEwMTE3WjAzMTEwLwYDVQQD
EygwOGIwYzJjMTM3MjI1OGJiNWU4ZWY3MmExZGU0N2RiYWQ2MDU0ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlmpyX45NsIYkEaQpxnTfD8WFk+M
IOGPV3zffDqXJRdkL3O0u3Hiw9swYwU+Mu2t/FeiHWBDggnjwPRDEKEmp3HLiC8t
tCoFbZ8TdvNHYbI8MfHcS6YQFMqmVYtytVHL64mUecTUqRtpcMuCu4gOUH21R57J
KwCJTqXrX4aFdm5IJrHFMGAyhpqvrfgJL4Ms0wfiOdpdJnXnouuDfVoE0TmItP/O
nCyqLP1XClii2w4TElA7IYZfiocM17xT2SMvauTbkG5dfVVhMNd2Vqmi5LeVq+3f
9nxsPaW4l8aQHPQgqZJAmMbGzy/Cuqyjhy6NahMzvol3WowdNhuADxTMIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAiwwsE3Ili7Xo73Kh3kfbrWBU8TMB8GA1UdIwQY
MBaAFJKWQoVP5WBS/dwUa/cue8aUhQtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUt
ZTkxNjQ4ZWM3ZGU1LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUtZTkxNjQ4ZWM3ZGU1
LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD4ddGqua
WkKYR16bEY4YzL6IGzXvc7HFS8oK8vlIUsX7MCGUpaj1C7JgE/Xj9CmL+DZXekQO
gGGMT/2SIWJbIw0tyTLX6zXIw6U00X7ajB4EeZTWoIC+MGdhKasBD85za5J+3MnZ
PNIHzzPjEPxT3kzEHSZFBcBQN6hZ48Ato7B3m5U719GG1ltQfamtSK9ZQPxEn/HM
NN9ZGMLvQwXiT/eYoB0I+wpIODFptitdlVagjxJCSlarF9q3yLhcNVd6XJ664/UQ
OQAcAKnNXjrLuEXCYSgvBZmzKKy9R2HbU6aNl1xRjuW6poOZ+1S2QWv+xmV7Dm2O
2ZDJdy6mpROVZQ==
-----END CERTIFICATE-----