Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
File:                     CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json)
Hash identifier:          ExhV+z2hgiVtCaKNvLUkMnZnuLJRWaVcRT2WnhZO6UY=
Subject key identifier:   88:E3:AF:38:C9:95:E2:4A:A2:1A:C9:14:C0:CD:1A:3F:58:4F:9C:03
Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
Certificate issuer:       /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Certificate serial:       019CACEBE8AE466ECF03563BC388C13111B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
Manifest number:          03F4
Signing time:             Mon 02 Mar 2026 05:01:07 +0000
Manifest this update:     Mon 02 Mar 2026 05:01:07 +0000
Manifest next update:     Tue 03 Mar 2026 05:01:07 +0000
Files and hashes:         1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: h2Sv4SU04sYxObjbCaF+Hy0yh5yUVnoKo/z+AgFwoJI=)
                          2: rk1bcafZ-NbbUdZCLT9lMRUYm-I.roa (hash: 5haE3uSWqoSmkVp2C59/CSPiEElkrF1oivdNjZDrJeE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 05:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:eb:e8:ae:46:6e:cf:03:56:3b:c3:88:c1:31:11:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
        Validity
            Not Before: Mar  2 05:01:07 2026 GMT
            Not After : Mar  3 05:01:07 2026 GMT
        Subject: CN=88e3af38c995e24aa21ac914c0cd1a3f584f9c03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:20:a9:62:8c:30:13:62:48:44:ee:52:b3:92:
                    8f:23:29:bb:86:7e:81:c0:88:74:8c:02:f2:bb:db:
                    e3:78:20:c5:31:21:82:a7:24:b6:16:ea:73:0e:3b:
                    14:67:72:f8:ac:59:86:cb:22:1f:d4:ce:09:f7:0f:
                    5f:6a:1e:bc:62:c0:da:4e:23:b0:57:00:ad:86:35:
                    03:98:67:33:54:c0:0e:c8:ff:a3:08:ee:29:ea:c2:
                    7e:2f:9d:5c:84:a5:3d:6a:09:4f:60:bb:f1:8d:a1:
                    cc:b7:fb:0a:11:1d:d7:74:ee:b5:e3:6f:b2:8c:12:
                    ce:0f:f6:45:d2:f1:1f:24:54:26:dd:20:7d:a0:ff:
                    0e:6c:61:a4:fc:67:e2:2c:b3:c2:61:81:53:9b:68:
                    d6:93:47:31:11:3d:c5:e0:b5:e5:b3:6d:95:ff:9c:
                    11:11:04:90:fe:15:e3:41:da:28:b8:79:7a:b5:f2:
                    ee:92:1e:aa:b1:19:a1:f7:71:5d:1b:ad:d6:18:c2:
                    89:8c:75:7f:c6:23:98:dc:8e:1b:7f:18:fc:2a:4c:
                    9c:17:ec:71:f7:df:2d:d3:17:9b:b3:77:4e:73:32:
                    30:36:6c:41:02:83:02:7d:9f:1f:d4:ab:f5:8c:55:
                    ac:82:11:1d:7a:d4:ee:ca:d0:4f:0b:3f:dc:31:af:
                    52:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:E3:AF:38:C9:95:E2:4A:A2:1A:C9:14:C0:CD:1A:3F:58:4F:9C:03
            X509v3 Authority Key Identifier:
                keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:01:dd:fa:6b:fb:ef:af:39:ea:ae:17:fc:8e:ef:80:2f:bf:
         3e:c5:8a:56:6d:7e:bb:ca:d7:76:fd:b2:69:af:36:03:35:72:
         db:17:ea:d0:8c:65:bf:07:95:57:64:2f:b6:94:d5:68:43:cf:
         8b:72:3c:27:a4:5c:b0:b9:d6:34:be:1c:b9:d5:2a:12:d6:48:
         76:80:f1:9f:c7:18:62:e9:0a:cd:4f:91:8c:a2:80:36:e0:62:
         be:c7:08:ea:10:3a:30:50:bd:ad:38:a8:98:f2:4b:d8:0f:2d:
         8f:31:d9:12:bf:77:ed:cf:b9:7b:25:37:c5:88:94:b0:84:fa:
         b1:ae:b8:60:0f:d8:f4:22:2d:f4:05:ce:81:40:34:63:ec:8e:
         34:7f:27:7a:ed:a7:f4:be:64:bb:3f:71:d2:ab:f6:f6:83:de:
         34:ee:4c:3a:25:da:31:08:8c:79:04:8f:5b:f1:83:cb:9e:86:
         7c:a0:d0:35:c3:36:f5:86:d4:59:21:c6:d8:16:57:a6:cd:3c:
         39:52:d3:c2:e9:55:8a:ae:3e:a0:04:1e:19:9c:8e:a3:77:95:
         ad:a4:2c:b1:3a:f2:f4:3c:96:a3:10:3d:cf:1f:aa:f9:85:97:
         1d:77:62:8d:78:a2:e4:15:94:a9:72:76:da:dd:9b:f0:53:7f:
         b4:12:ab:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys6+iuRm7PA1Y7w4jBMRG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk
ZGI4MWQwHhcNMjYwMzAyMDUwMTA3WhcNMjYwMzAzMDUwMTA3WjAzMTEwLwYDVQQD
Eyg4OGUzYWYzOGM5OTVlMjRhYTIxYWM5MTRjMGNkMWEzZjU4NGY5YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCCpYowwE2JIRO5Ss5KPIym7hn6B
wIh0jALyu9vjeCDFMSGCpyS2FupzDjsUZ3L4rFmGyyIf1M4J9w9fah68YsDaTiOw
VwCthjUDmGczVMAOyP+jCO4p6sJ+L51chKU9aglPYLvxjaHMt/sKER3XdO6142+y
jBLOD/ZF0vEfJFQm3SB9oP8ObGGk/GfiLLPCYYFTm2jWk0cxET3F4LXls22V/5wR
EQSQ/hXjQdoouHl6tfLukh6qsRmh93FdG63WGMKJjHV/xiOY3I4bfxj8KkycF+xx
998t0xebs3dOczIwNmxBAoMCfZ8f1Kv1jFWsghEdetTuytBPCz/cMa9SswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIjjrzjJleJKohrJFMDNGj9YT5wDMB8GA1UdIwQY
MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt
MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl
LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbQHd+mv7
76856q4X/I7vgC+/PsWKVm1+u8rXdv2yaa82AzVy2xfq0IxlvweVV2QvtpTVaEPP
i3I8J6RcsLnWNL4cudUqEtZIdoDxn8cYYukKzU+RjKKANuBivscI6hA6MFC9rTio
mPJL2A8tjzHZEr937c+5eyU3xYiUsIT6sa64YA/Y9CIt9AXOgUA0Y+yONH8neu2n
9L5kuz9x0qv29oPeNO5MOiXaMQiMeQSPW/GDy56GfKDQNcM29YbUWSHG2BZXps08
OVLTwulViq4+oAQeGZyOo3eVraQssTry9DyWoxA9zx+q+YWXHXdijXii5BWUqXJ2
2t2b8FN/tBKrKg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:01:02 2026 by rpki-client