Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
File:                     oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft (raw, json)
Hash identifier:          XGlHnz4hc0d5pC3ugg0yxi6BW/xHpb13UfExlIgMr78=
Subject key identifier:   CF:AA:03:78:9F:64:B3:31:9F:A3:E0:5F:10:D4:60:C0:1D:8D:A4:23
Authority key identifier: A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A
Certificate issuer:       /CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
Certificate serial:       019CAAC6E5C784FDF9B887708763A6C55A28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
Manifest number:          1843
Signing time:             Sun 01 Mar 2026 19:01:27 +0000
Manifest this update:     Sun 01 Mar 2026 19:01:27 +0000
Manifest next update:     Mon 02 Mar 2026 19:01:27 +0000
Files and hashes:         1: oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl (hash: d6czET0OXyNFL0mq3LcMmDTQ1CRu6ZDXI5NHXwJ40rM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 18:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:c6:e5:c7:84:fd:f9:b8:87:70:87:63:a6:c5:5a:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1357a7d0f032e9cdd4a031d52d3b4047c03941a
        Validity
            Not Before: Mar  1 19:01:27 2026 GMT
            Not After : Mar  2 19:01:27 2026 GMT
        Subject: CN=cfaa03789f64b3319fa3e05f10d460c01d8da423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:09:c0:28:a7:4a:62:17:ef:80:0f:4d:16:bc:
                    fe:55:57:61:bd:35:45:c8:0d:a6:68:27:76:13:8a:
                    6c:ab:89:fa:51:d4:ef:2a:67:3a:be:4c:23:10:43:
                    25:45:36:57:62:c2:2e:79:f6:4f:72:06:86:7a:43:
                    cf:ed:14:2a:72:98:15:bb:83:d3:a7:e4:74:45:fa:
                    be:8c:24:82:78:ab:23:d2:c0:be:67:f2:3e:79:5d:
                    15:b4:75:ac:5e:30:15:9d:08:0d:e8:89:d2:56:a1:
                    9d:50:47:73:42:1f:af:28:8c:e9:a4:cd:89:2f:53:
                    e3:cd:97:a5:93:72:1e:50:54:96:5f:79:11:a9:b7:
                    1d:0a:c8:29:ae:32:38:94:c1:da:70:9e:d5:4e:b3:
                    1d:d5:d4:9e:4d:3d:47:69:a7:63:4d:87:24:53:99:
                    2b:a6:8f:f6:32:26:18:80:50:a4:c7:da:fa:8c:01:
                    94:8b:53:b3:e6:b9:80:5e:90:9a:4e:d5:15:16:b6:
                    18:e2:cf:c2:1d:4f:17:e5:b3:e3:80:18:d8:ea:f8:
                    33:86:38:84:08:81:ee:52:6b:74:7a:1c:93:16:89:
                    b2:28:16:91:58:8b:37:07:2c:13:53:22:e4:37:ac:
                    b2:1d:26:bd:0b:2f:06:df:8c:7a:a8:98:1c:bc:88:
                    f7:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:AA:03:78:9F:64:B3:31:9F:A3:E0:5F:10:D4:60:C0:1D:8D:A4:23
            X509v3 Authority Key Identifier:
                keyid:A1:35:7A:7D:0F:03:2E:9C:DD:4A:03:1D:52:D3:B4:04:7C:03:94:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/e84060-a2d4-48a3-a096-a0b6ad671ee3/1/oTV6fQ8DLpzdSgMdUtO0BHwDlBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:5a:78:34:0a:4c:f7:31:fb:d6:c6:b2:bf:16:f4:6f:24:01:
         d7:a3:0d:97:1f:b0:d1:98:13:da:81:77:1c:51:79:87:72:33:
         84:8f:37:c2:e5:5d:53:e1:8e:2a:e2:92:f8:50:47:35:39:60:
         bd:2b:54:93:56:d7:b4:e9:5b:8b:da:13:2f:2a:68:bf:9b:db:
         dd:7d:18:69:c3:2e:6f:50:33:0c:31:ff:7f:85:df:ba:2a:06:
         11:f8:af:91:32:4e:19:26:f8:7d:40:06:75:15:57:86:ff:88:
         6e:98:0a:17:40:19:94:04:3a:c4:49:d6:1f:2f:82:d6:1a:03:
         78:af:7d:d3:ed:3f:da:46:84:c1:c5:4a:3a:fc:3c:90:3e:54:
         66:19:26:ab:55:3b:e0:9c:ab:e1:a1:43:e4:0a:98:d2:8f:9a:
         15:f4:07:37:05:e5:f2:c2:60:f1:ae:4b:eb:7c:9d:d1:e9:94:
         9e:ad:01:e6:cc:18:44:71:cc:31:7b:d6:32:07:3d:01:34:2b:
         fb:75:8d:2d:47:89:14:85:b9:a8:e2:4b:b5:93:c4:b7:85:30:
         57:23:50:3c:d8:00:ae:32:dd:da:13:7c:a8:c5:f5:c5:d4:e5:
         65:8f:0f:e8:31:b5:16:a7:ab:ff:a3:60:a0:8d:04:b7:b6:12:
         79:76:d1:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxuXHhP35uIdwh2OmxVooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMzU3YTdkMGYwMzJlOWNkZDRhMDMxZDUyZDNiNDA0N2Mw
Mzk0MWEwHhcNMjYwMzAxMTkwMTI3WhcNMjYwMzAyMTkwMTI3WjAzMTEwLwYDVQQD
EyhjZmFhMDM3ODlmNjRiMzMxOWZhM2UwNWYxMGQ0NjBjMDFkOGRhNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAnAKKdKYhfvgA9NFrz+VVdhvTVF
yA2maCd2E4psq4n6UdTvKmc6vkwjEEMlRTZXYsIuefZPcgaGekPP7RQqcpgVu4PT
p+R0Rfq+jCSCeKsj0sC+Z/I+eV0VtHWsXjAVnQgN6InSVqGdUEdzQh+vKIzppM2J
L1PjzZelk3IeUFSWX3kRqbcdCsgprjI4lMHacJ7VTrMd1dSeTT1HaadjTYckU5kr
po/2MiYYgFCkx9r6jAGUi1Oz5rmAXpCaTtUVFrYY4s/CHU8X5bPjgBjY6vgzhjiE
CIHuUmt0ehyTFomyKBaRWIs3BywTUyLkN6yyHSa9Cy8G34x6qJgcvIj3YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+qA3ifZLMxn6PgXxDUYMAdjaQjMB8GA1UdIwQY
MBaAFKE1en0PAy6c3UoDHVLTtAR8A5QaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYt
YTBiNmFkNjcxZWUzLzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9lODQwNjAtYTJkNC00OGEzLWEwOTYtYTBiNmFkNjcxZWUz
LzEvb1RWNmZROERMcHpkU2dNZFV0TzBCSHdEbEJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATFp4NApM
9zH71sayvxb0byQB16MNlx+w0ZgT2oF3HFF5h3IzhI83wuVdU+GOKuKS+FBHNTlg
vStUk1bXtOlbi9oTLypov5vb3X0YacMub1AzDDH/f4XfuioGEfivkTJOGSb4fUAG
dRVXhv+IbpgKF0AZlAQ6xEnWHy+C1hoDeK990+0/2kaEwcVKOvw8kD5UZhkmq1U7
4Jyr4aFD5AqY0o+aFfQHNwXl8sJg8a5L63yd0emUnq0B5swYRHHMMXvWMgc9ATQr
+3WNLUeJFIW5qOJLtZPEt4UwVyNQPNgArjLd2hN8qMX1xdTlZY8P6DG1Fqer/6Ng
oI0Et7YSeXbRPw==
-----END CERTIFICATE-----