Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          5E4PI9wghz9tf+PpW0otT0weB2WsyRHPvWDtBFRchJ8=
Subject key identifier:   9C:22:CC:89:8B:61:41:42:36:64:4A:7D:95:72:25:B7:A6:6E:5C:35
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       019CAC102A2D3BDE4EFABF8C05A54B1D8026
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          08EF
Signing time:             Mon 02 Mar 2026 01:01:06 +0000
Manifest this update:     Mon 02 Mar 2026 01:01:06 +0000
Manifest next update:     Tue 03 Mar 2026 01:01:06 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: Gnsk1TakMXr16r1ZJSPJdg85yMJjbAM3ehhEpbd1u68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:10:2a:2d:3b:de:4e:fa:bf:8c:05:a5:4b:1d:80:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Mar  2 01:01:06 2026 GMT
            Not After : Mar  3 01:01:06 2026 GMT
        Subject: CN=9c22cc898b61414236644a7d957225b7a66e5c35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:e0:63:c6:8e:91:eb:f3:54:2a:84:c5:f2:47:
                    93:c9:24:0a:06:16:d4:f2:ac:a2:e6:6a:a9:5a:bf:
                    66:ca:da:fe:82:14:21:d2:d6:21:89:71:4d:42:9f:
                    8a:36:d5:a0:41:53:36:53:36:cb:31:c9:4c:1e:2d:
                    42:02:36:4e:e9:bc:d3:48:38:70:fa:b6:0b:40:5e:
                    af:19:c2:c1:d1:9f:69:c7:7f:09:f7:18:5c:c6:6f:
                    94:5a:2e:91:db:97:c2:af:12:99:78:12:44:1c:ec:
                    75:80:32:ac:2c:16:90:bb:46:4d:b8:eb:91:62:76:
                    bf:65:ce:73:d2:96:fe:f1:aa:bb:dc:44:e2:7b:81:
                    c4:dc:8d:ec:13:0e:56:51:df:62:92:da:9f:a5:a9:
                    75:6d:02:56:61:26:7a:17:f0:b2:f1:5e:2b:47:97:
                    bb:9d:1a:09:f8:f4:d8:a4:b2:1c:22:9b:10:a6:92:
                    b7:e0:10:77:5a:cc:5f:ed:e2:5f:37:84:b9:3f:15:
                    33:8e:6a:d8:f2:f4:97:b6:89:46:42:01:8a:39:b2:
                    5a:c8:45:b7:5f:77:50:1b:32:b1:80:98:84:e8:6d:
                    e1:b4:7f:a6:17:12:ca:12:77:be:95:e3:8e:2f:9b:
                    cc:4d:e2:27:7e:c9:14:1e:e2:05:fe:88:e1:59:e0:
                    72:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:22:CC:89:8B:61:41:42:36:64:4A:7D:95:72:25:B7:A6:6E:5C:35
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:8a:e0:7b:df:7b:ca:58:8b:d8:87:6a:27:92:91:43:3c:1e:
         f3:70:4c:d8:af:ee:38:9f:ba:79:6f:83:88:8d:ec:b4:0f:49:
         88:1a:87:51:9a:cc:e4:6c:0e:7c:85:f8:0c:1d:19:f1:9f:df:
         79:33:81:b2:03:56:a5:c7:6c:a7:89:4c:5e:3e:24:fc:0d:6d:
         a4:90:5c:3d:bf:3d:e5:82:db:69:d3:77:50:4a:18:fd:11:15:
         d4:b6:12:be:7f:d1:53:7c:8a:01:1e:6f:3e:6a:02:3b:70:bf:
         04:5b:e8:5e:d9:29:f2:30:63:86:6c:7f:9d:f4:41:24:33:b1:
         46:2b:fe:01:10:8e:25:1d:2f:d5:4d:9e:70:33:ab:a6:5e:16:
         9d:4b:56:ce:84:d3:25:6e:10:ba:a8:68:7a:04:12:80:d1:60:
         dd:1a:bd:df:06:af:46:d0:ee:32:ef:94:b0:0b:94:13:5a:31:
         fc:19:27:ac:b9:e0:65:19:19:91:9d:a1:a1:10:cd:56:2a:3b:
         f8:e5:25:2b:f0:72:93:e2:34:9b:5c:1f:4c:01:db:e5:d8:68:
         0d:90:9b:de:74:57:ff:7c:5f:9a:4e:b8:bb:3a:aa:f1:38:6d:
         d6:c0:e7:cd:a1:d5:90:85:bd:b2:98:0d:5e:4e:29:08:2e:31:
         18:01:f1:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysECotO95O+r+MBaVLHYAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjYwMzAyMDEwMTA2WhcNMjYwMzAzMDEwMTA2WjAzMTEwLwYDVQQD
Eyg5YzIyY2M4OThiNjE0MTQyMzY2NDRhN2Q5NTcyMjViN2E2NmU1YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuBjxo6R6/NUKoTF8keTySQKBhbU
8qyi5mqpWr9mytr+ghQh0tYhiXFNQp+KNtWgQVM2UzbLMclMHi1CAjZO6bzTSDhw
+rYLQF6vGcLB0Z9px38J9xhcxm+UWi6R25fCrxKZeBJEHOx1gDKsLBaQu0ZNuOuR
Yna/Zc5z0pb+8aq73ETie4HE3I3sEw5WUd9iktqfpal1bQJWYSZ6F/Cy8V4rR5e7
nRoJ+PTYpLIcIpsQppK34BB3Wsxf7eJfN4S5PxUzjmrY8vSXtolGQgGKObJayEW3
X3dQGzKxgJiE6G3htH+mFxLKEne+leOOL5vMTeInfskUHuIF/ojhWeByqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwizImLYUFCNmRKfZVyJbemblw1MB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATorge997
yliL2IdqJ5KRQzwe83BM2K/uOJ+6eW+DiI3stA9JiBqHUZrM5GwOfIX4DB0Z8Z/f
eTOBsgNWpcdsp4lMXj4k/A1tpJBcPb895YLbadN3UEoY/REV1LYSvn/RU3yKAR5v
PmoCO3C/BFvoXtkp8jBjhmx/nfRBJDOxRiv+ARCOJR0v1U2ecDOrpl4WnUtWzoTT
JW4QuqhoegQSgNFg3Rq93wavRtDuMu+UsAuUE1ox/BknrLngZRkZkZ2hoRDNVio7
+OUlK/Byk+I0m1wfTAHb5dhoDZCb3nRX/3xfmk64uzqq8Tht1sDnzaHVkIW9spgN
Xk4pCC4xGAHxIA==
-----END CERTIFICATE-----