Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
File:                     h3YEKrfwcZWY6znlPvkuCsz6T6M.mft (raw, json)
Hash identifier:          o6i4OV+KekiSbXas5zxb3Siri+Cs190goWkxlT7GHd0=
Subject key identifier:   F2:FD:DF:29:2F:E7:C8:C9:FF:67:67:FD:B7:FC:C7:07:32:66:CB:D5
Authority key identifier: 87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3
Certificate issuer:       /CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3
Certificate serial:       019CAD22BB0B546184416D50172FDE449BB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
Manifest number:          0C48
Signing time:             Mon 02 Mar 2026 06:01:00 +0000
Manifest this update:     Mon 02 Mar 2026 06:01:00 +0000
Manifest next update:     Tue 03 Mar 2026 06:01:00 +0000
Files and hashes:         1: h3YEKrfwcZWY6znlPvkuCsz6T6M.crl (hash: KZjBL3AKWT7uHcNDe8JencBtuNASYEK9lHneTJL/fkw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 06:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:22:bb:0b:54:61:84:41:6d:50:17:2f:de:44:9b:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8776042ab7f0719598eb39e53ef92e0accfa4fa3
        Validity
            Not Before: Mar  2 06:01:00 2026 GMT
            Not After : Mar  3 06:01:00 2026 GMT
        Subject: CN=f2fddf292fe7c8c9ff6767fdb7fcc7073266cbd5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2e:0c:41:25:4e:30:6d:c4:9a:92:f8:a4:93:
                    f6:a7:b3:0c:4c:b8:a0:49:c3:35:2c:48:42:81:1e:
                    95:ab:2d:68:89:08:03:d3:a7:ae:60:ef:4c:db:01:
                    f7:6c:41:8f:0d:cd:b8:70:44:a2:39:1d:02:59:a0:
                    37:81:31:21:d8:03:52:9d:c9:65:52:93:a9:44:db:
                    05:8f:9b:61:69:48:b1:62:40:42:41:fc:74:a2:ee:
                    bb:f4:09:65:43:ca:d6:71:25:f7:06:0c:a5:a4:f6:
                    23:cb:d8:87:a8:9c:a8:9f:41:3e:09:54:ff:8d:56:
                    aa:f2:cf:8a:b3:d0:f1:10:d9:4c:58:ca:20:96:40:
                    e5:05:db:82:de:a9:39:df:99:70:7c:ea:e1:76:c3:
                    67:9e:e7:4b:37:57:c0:cc:62:1b:30:1d:96:6e:0d:
                    4b:c3:b8:21:97:06:2e:76:25:35:9e:34:fe:47:10:
                    93:1f:29:bf:7e:ac:60:de:8e:ef:35:b9:a6:36:b0:
                    2f:2a:5f:a1:d8:d3:2c:22:96:53:d6:2e:6a:52:81:
                    48:dc:67:a5:44:67:2e:5c:1e:e5:43:84:27:c6:e0:
                    1c:d1:6e:d3:70:a8:b6:b2:95:48:dd:2b:92:6d:ee:
                    27:2e:62:f7:d2:5b:86:10:e1:2c:0c:a0:28:d1:42:
                    85:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:FD:DF:29:2F:E7:C8:C9:FF:67:67:FD:B7:FC:C7:07:32:66:CB:D5
            X509v3 Authority Key Identifier:
                keyid:87:76:04:2A:B7:F0:71:95:98:EB:39:E5:3E:F9:2E:0A:CC:FA:4F:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3YEKrfwcZWY6znlPvkuCsz6T6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/9bdb8c-d307-41f6-ac81-e3ccf3ea3c4a/1/h3YEKrfwcZWY6znlPvkuCsz6T6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:1f:36:ae:5f:26:3c:54:6d:93:5d:67:94:7d:e2:86:e2:0f:
         83:0a:4c:92:b3:13:fb:57:41:12:7d:b2:bf:a2:2d:fe:40:b2:
         4f:dd:1d:a1:27:7b:08:2e:73:53:e5:52:a3:1f:23:00:b1:8c:
         81:4b:48:8b:af:e1:67:15:cd:d4:ae:d5:d7:a9:07:33:da:8f:
         dd:6a:94:60:e3:a1:e9:15:a4:52:62:01:d0:c7:46:4f:95:27:
         f1:c0:a8:ad:96:ba:6c:72:66:71:c5:69:91:4d:9b:12:24:24:
         65:88:8e:d9:58:1f:f2:54:1c:37:b1:8d:17:e6:79:56:f4:e1:
         26:10:5a:10:92:8d:87:99:4b:cd:04:51:6f:62:9d:cf:81:62:
         b5:de:88:08:d4:e5:6f:01:9b:27:60:87:cc:8d:09:f3:87:d8:
         3e:5c:1b:9b:4b:62:e9:54:80:23:18:49:91:6e:10:8a:f7:fc:
         fc:e0:f9:cb:1b:14:f3:e9:74:0d:51:48:5b:fb:f8:e0:a9:d4:
         9d:30:8f:8f:dd:90:d0:0d:f1:17:4b:6d:b0:0c:21:e3:c3:0e:
         a9:ba:95:d4:fe:4f:50:85:7d:28:20:a4:9e:01:db:50:a3:55:
         a7:94:6a:1a:25:b4:b9:d9:17:fe:0c:55:46:2e:2a:11:fc:b1:
         d5:12:31:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIrsLVGGEQW1QFy/eRJu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzYwNDJhYjdmMDcxOTU5OGViMzllNTNlZjkyZTBhY2Nm
YTRmYTMwHhcNMjYwMzAyMDYwMTAwWhcNMjYwMzAzMDYwMTAwWjAzMTEwLwYDVQQD
EyhmMmZkZGYyOTJmZTdjOGM5ZmY2NzY3ZmRiN2ZjYzcwNzMyNjZjYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti4MQSVOMG3EmpL4pJP2p7MMTLig
ScM1LEhCgR6Vqy1oiQgD06euYO9M2wH3bEGPDc24cESiOR0CWaA3gTEh2ANSncll
UpOpRNsFj5thaUixYkBCQfx0ou679AllQ8rWcSX3BgylpPYjy9iHqJyon0E+CVT/
jVaq8s+Ks9DxENlMWMoglkDlBduC3qk535lwfOrhdsNnnudLN1fAzGIbMB2Wbg1L
w7ghlwYudiU1njT+RxCTHym/fqxg3o7vNbmmNrAvKl+h2NMsIpZT1i5qUoFI3Gel
RGcuXB7lQ4QnxuAc0W7TcKi2spVI3SuSbe4nLmL30luGEOEsDKAo0UKF8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPL93ykv58jJ/2dn/bf8xwcyZsvVMB8GA1UdIwQY
MBaAFId2BCq38HGVmOs55T75LgrM+k+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEt
ZTNjY2YzZWEzYzRhLzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC85YmRiOGMtZDMwNy00MWY2LWFjODEtZTNjY2YzZWEzYzRh
LzEvaDNZRUtyZndjWldZNnpubFB2a3VDc3o2VDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGh82rl8m
PFRtk11nlH3ihuIPgwpMkrMT+1dBEn2yv6It/kCyT90doSd7CC5zU+VSox8jALGM
gUtIi6/hZxXN1K7V16kHM9qP3WqUYOOh6RWkUmIB0MdGT5Un8cCorZa6bHJmccVp
kU2bEiQkZYiO2Vgf8lQcN7GNF+Z5VvThJhBaEJKNh5lLzQRRb2Kdz4Fitd6ICNTl
bwGbJ2CHzI0J84fYPlwbm0ti6VSAIxhJkW4Qivf8/OD5yxsU8+l0DVFIW/v44KnU
nTCPj92Q0A3xF0ttsAwh48MOqbqV1P5PUIV9KCCkngHbUKNVp5RqGiW0udkX/gxV
Ri4qEfyx1RIxCA==
-----END CERTIFICATE-----