Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
File:                     U1zc9HjqgOsXXEwwd-efy3DF0jA.mft (raw, json)
Hash identifier:          t+xvtOHGdPxSCRpfkSnAviNoAlCAjYDoi/Ws7Qrg1AA=
Subject key identifier:   A1:95:BA:02:5A:A7:FB:2A:65:D1:9E:65:9B:13:9D:A5:F9:1D:31:68
Authority key identifier: 53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30
Certificate issuer:       /CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
Certificate serial:       019CAD59F3F718CBC588F99723CAE7E24FF7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
Manifest number:          0C9E
Signing time:             Mon 02 Mar 2026 07:01:19 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:19 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:19 +0000
Files and hashes:         1: U1zc9HjqgOsXXEwwd-efy3DF0jA.crl (hash: 4BDPoGy5ESZoJQViVIxLfEWORRTHGSQAB8ksbA8IJ1Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:f3:f7:18:cb:c5:88:f9:97:23:ca:e7:e2:4f:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=535cdcf478ea80eb175c4c3077e79fcb70c5d230
        Validity
            Not Before: Mar  2 07:01:19 2026 GMT
            Not After : Mar  3 07:01:19 2026 GMT
        Subject: CN=a195ba025aa7fb2a65d19e659b139da5f91d3168
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:86:37:33:71:a8:ef:86:a2:ea:d5:0b:ff:6a:
                    1c:a0:8f:12:c8:df:6e:fc:65:71:e8:60:f3:d7:6c:
                    02:70:78:5e:46:ae:92:c3:f1:2e:50:22:bb:04:ec:
                    1a:f5:f3:98:f2:ee:0c:9d:8f:42:e7:e0:f9:69:ae:
                    39:fe:da:f7:10:3e:92:b6:96:2a:79:0e:a5:79:a6:
                    a0:35:c7:98:d6:05:59:5d:74:04:94:be:50:8a:e5:
                    d3:b2:b2:55:86:ff:bd:d8:3d:32:e7:3e:73:fe:77:
                    33:58:07:99:4d:c6:64:d6:52:c5:a2:63:2e:ce:8e:
                    23:03:20:2d:bc:d6:b1:a8:6d:3e:04:54:96:f1:94:
                    61:1f:ac:f2:ea:51:37:25:a8:8e:81:e9:be:9f:78:
                    35:50:25:b4:47:8c:5b:68:60:a9:7a:b1:fc:d1:81:
                    7e:f3:7a:c2:c9:92:31:c1:41:a2:b6:d4:cb:5c:2f:
                    d8:dc:4a:0a:dc:b7:4e:47:bc:6f:61:84:fa:ad:8a:
                    45:5a:8c:af:50:80:3c:26:50:80:2a:fe:30:ca:c9:
                    20:c8:d9:23:35:a0:b1:d0:dd:3c:f3:a3:9a:14:95:
                    44:c9:d5:46:51:10:a3:c8:8d:59:20:f7:f4:44:80:
                    d9:44:98:65:2e:98:d9:5d:fb:a1:8c:56:0d:17:c1:
                    29:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:95:BA:02:5A:A7:FB:2A:65:D1:9E:65:9B:13:9D:A5:F9:1D:31:68
            X509v3 Authority Key Identifier:
                keyid:53:5C:DC:F4:78:EA:80:EB:17:5C:4C:30:77:E7:9F:CB:70:C5:D2:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1zc9HjqgOsXXEwwd-efy3DF0jA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/a23c77-f4ad-40ba-b850-989f53b2cae0/1/U1zc9HjqgOsXXEwwd-efy3DF0jA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:c8:78:39:c8:a1:9b:d1:1e:c6:13:da:00:7d:f7:95:fa:8e:
         28:f2:cc:32:08:8a:b7:69:28:a4:2e:64:63:6d:4f:64:60:25:
         e3:c5:a6:be:76:29:29:9d:a4:fe:cb:e7:11:98:4c:cb:53:74:
         85:89:4b:ca:59:f1:2d:1b:6e:4b:63:b8:70:af:ea:97:af:2d:
         16:c1:30:bf:4a:3b:4e:68:d9:4a:61:f5:48:03:92:e9:01:7c:
         a8:ca:a9:3c:0e:1a:0b:b6:09:c8:9f:3c:4a:f7:81:6a:1c:43:
         b7:67:42:ac:7a:0a:e2:1f:93:41:88:17:14:f6:8c:5a:63:67:
         50:e5:3f:41:8c:c3:f2:f0:56:11:a2:c4:38:3f:96:b4:28:ea:
         54:0d:69:6e:a4:df:f7:38:2a:f5:b6:db:2f:ba:32:86:5f:19:
         19:1a:04:7f:5d:90:33:6b:60:dd:0f:e6:86:9a:2f:42:7a:29:
         1e:81:78:01:3a:ff:fa:a3:d0:90:10:64:9f:ea:a0:fc:c0:0a:
         51:aa:62:5f:8f:8c:61:64:83:c5:ba:c6:f0:de:51:c3:20:c5:
         00:44:d1:2b:2b:df:7b:d3:dc:d8:a9:f3:68:b3:7c:a5:a6:a8:
         e9:52:d6:5d:c0:da:99:2c:e3:75:0b:08:63:2a:34:59:09:ac:
         7f:4e:f6:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfP3GMvFiPmXI8rn4k/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWNkY2Y0NzhlYTgwZWIxNzVjNGMzMDc3ZTc5ZmNiNzBj
NWQyMzAwHhcNMjYwMzAyMDcwMTE5WhcNMjYwMzAzMDcwMTE5WjAzMTEwLwYDVQQD
EyhhMTk1YmEwMjVhYTdmYjJhNjVkMTllNjU5YjEzOWRhNWY5MWQzMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIY3M3Go74ai6tUL/2ocoI8SyN9u
/GVx6GDz12wCcHheRq6Sw/EuUCK7BOwa9fOY8u4MnY9C5+D5aa45/tr3ED6StpYq
eQ6leaagNceY1gVZXXQElL5QiuXTsrJVhv+92D0y5z5z/nczWAeZTcZk1lLFomMu
zo4jAyAtvNaxqG0+BFSW8ZRhH6zy6lE3JaiOgem+n3g1UCW0R4xbaGCperH80YF+
83rCyZIxwUGittTLXC/Y3EoK3LdOR7xvYYT6rYpFWoyvUIA8JlCAKv4wyskgyNkj
NaCx0N0886OaFJVEydVGURCjyI1ZIPf0RIDZRJhlLpjZXfuhjFYNF8EpcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGVugJap/sqZdGeZZsTnaX5HTFoMB8GA1UdIwQY
MBaAFFNc3PR46oDrF1xMMHfnn8twxdIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAt
OTg5ZjUzYjJjYWUwLzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9hMjNjNzctZjRhZC00MGJhLWI4NTAtOTg5ZjUzYjJjYWUw
LzEvVTF6YzlIanFnT3NYWEV3d2QtZWZ5M0RGMGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8h4Ocih
m9EexhPaAH33lfqOKPLMMgiKt2kopC5kY21PZGAl48WmvnYpKZ2k/svnEZhMy1N0
hYlLylnxLRtuS2O4cK/ql68tFsEwv0o7TmjZSmH1SAOS6QF8qMqpPA4aC7YJyJ88
SveBahxDt2dCrHoK4h+TQYgXFPaMWmNnUOU/QYzD8vBWEaLEOD+WtCjqVA1pbqTf
9zgq9bbbL7oyhl8ZGRoEf12QM2tg3Q/mhpovQnopHoF4ATr/+qPQkBBkn+qg/MAK
UapiX4+MYWSDxbrG8N5RwyDFAETRKyvfe9Pc2KnzaLN8paao6VLWXcDamSzjdQsI
Yyo0WQmsf072fQ==
-----END CERTIFICATE-----