Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          NQRTohktMDPJEPxwKix+7UhNBJpM+d4ZCjGgVleR14s=
Subject key identifier:   13:E9:BD:D7:E8:BF:AA:04:5C:96:A1:82:E2:4A:8D:F5:5C:C3:95:3D
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       019CADC7EAEF80652EFE9D98874ACD2DEDBA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          0B1E
Signing time:             Mon 02 Mar 2026 09:01:25 +0000
Manifest this update:     Mon 02 Mar 2026 09:01:25 +0000
Manifest next update:     Tue 03 Mar 2026 09:01:25 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: xcXO7k04bG0FmZ8Xfc491fN+FZXDCSSFzdvvcu3Ohpo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 09:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:c7:ea:ef:80:65:2e:fe:9d:98:87:4a:cd:2d:ed:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Mar  2 09:01:25 2026 GMT
            Not After : Mar  3 09:01:25 2026 GMT
        Subject: CN=13e9bdd7e8bfaa045c96a182e24a8df55cc3953d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:82:f6:dd:9d:4d:cb:8e:96:d5:72:5f:1f:1c:
                    ec:77:ae:ed:5d:31:92:83:56:30:6d:8b:e4:2f:96:
                    5f:6a:e6:5b:14:bb:14:b4:fd:92:56:fe:93:15:85:
                    bc:b4:b7:ec:ac:2c:f6:7e:ba:9a:f9:e4:d4:d3:e6:
                    e9:91:07:9a:09:3c:41:68:b7:e2:2e:a4:8e:77:7d:
                    1f:b2:a2:4f:8f:b0:03:b0:4a:8e:5e:a5:1a:44:f7:
                    36:aa:40:3b:77:71:ae:88:cd:fa:71:ba:96:49:5c:
                    49:28:aa:6b:79:c2:db:2d:62:cf:fb:ff:e3:ea:be:
                    4a:0f:82:3a:63:26:4d:64:bc:ce:cf:12:22:88:86:
                    43:49:63:59:6c:f0:d7:21:3e:66:b8:a9:77:13:c5:
                    ae:5d:47:5c:e8:1a:91:fe:1e:70:03:f1:05:bd:d7:
                    0f:66:ca:61:05:38:1e:a6:ef:4d:4b:f9:77:69:fe:
                    4b:78:7f:ec:17:ad:c7:26:dd:58:08:16:75:71:9e:
                    c4:aa:50:d2:a6:67:b2:2d:4b:9b:e3:5f:32:59:3e:
                    f4:9a:cf:7c:33:a3:1b:0c:b6:7b:a4:39:83:32:47:
                    17:0e:31:86:5c:9a:d0:00:d3:30:f7:94:b2:cf:6f:
                    06:af:36:fe:0b:19:c3:28:da:8d:93:6e:ec:52:9e:
                    46:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:E9:BD:D7:E8:BF:AA:04:5C:96:A1:82:E2:4A:8D:F5:5C:C3:95:3D
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:af:6f:5a:dc:27:66:bc:c2:72:95:55:8a:c9:9b:94:fc:ee:
         47:02:b4:42:5f:e3:67:24:eb:60:e9:26:a3:0c:c3:d5:ad:91:
         2d:a9:94:44:1e:60:a0:6a:1a:74:36:91:14:f4:cb:69:85:43:
         fc:81:b0:53:16:40:4f:67:b6:9c:88:7b:d3:38:da:f9:78:36:
         4e:3b:e1:dc:79:d7:e0:64:5d:98:e6:ad:0f:b3:cc:b1:95:65:
         d5:9f:62:de:99:ff:f0:eb:29:64:41:c9:a3:ca:75:38:50:1d:
         8e:38:14:df:95:1e:30:92:bb:38:e8:bf:ea:1d:26:dc:0c:9f:
         a8:93:da:86:bf:37:13:17:f9:04:f0:c6:76:a0:99:cc:a7:e7:
         33:78:f7:ce:12:6b:30:26:5b:3c:46:a5:47:29:f0:d7:2d:f1:
         39:a8:cb:9f:a6:70:63:5d:71:2f:f2:af:3a:c3:78:a5:66:f3:
         bd:60:27:7c:b4:de:e0:bd:f4:0c:b0:ba:2c:46:b5:d8:4b:5a:
         b3:c7:20:5f:96:1c:2a:28:5b:bf:9e:53:e2:77:33:9d:9d:fb:
         8b:07:3a:f1:ff:23:8b:2a:3e:33:79:46:e7:2a:f6:df:9c:da:
         ef:57:f3:7d:9c:6a:13:0e:34:8e:65:4e:8a:b3:bb:e2:34:00:
         26:d4:31:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytx+rvgGUu/p2Yh0rNLe26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjYwMzAyMDkwMTI1WhcNMjYwMzAzMDkwMTI1WjAzMTEwLwYDVQQD
EygxM2U5YmRkN2U4YmZhYTA0NWM5NmExODJlMjRhOGRmNTVjYzM5NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YL23Z1Ny46W1XJfHxzsd67tXTGS
g1YwbYvkL5ZfauZbFLsUtP2SVv6TFYW8tLfsrCz2frqa+eTU0+bpkQeaCTxBaLfi
LqSOd30fsqJPj7ADsEqOXqUaRPc2qkA7d3GuiM36cbqWSVxJKKprecLbLWLP+//j
6r5KD4I6YyZNZLzOzxIiiIZDSWNZbPDXIT5muKl3E8WuXUdc6BqR/h5wA/EFvdcP
ZsphBTgepu9NS/l3af5LeH/sF63HJt1YCBZ1cZ7EqlDSpmeyLUub418yWT70ms98
M6MbDLZ7pDmDMkcXDjGGXJrQANMw95Syz28Grzb+CxnDKNqNk27sUp5GnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBPpvdfov6oEXJahguJKjfVcw5U9MB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfq9vWtwn
ZrzCcpVVismblPzuRwK0Ql/jZyTrYOkmowzD1a2RLamURB5goGoadDaRFPTLaYVD
/IGwUxZAT2e2nIh70zja+Xg2Tjvh3HnX4GRdmOatD7PMsZVl1Z9i3pn/8OspZEHJ
o8p1OFAdjjgU35UeMJK7OOi/6h0m3AyfqJPahr83Exf5BPDGdqCZzKfnM3j3zhJr
MCZbPEalRynw1y3xOajLn6ZwY11xL/KvOsN4pWbzvWAnfLTe4L30DLC6LEa12Eta
s8cgX5YcKihbv55T4ncznZ37iwc68f8jiyo+M3lG5yr235za71fzfZxqEw40jmVO
irO74jQAJtQx+w==
-----END CERTIFICATE-----