Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
File:                     mgGl7N4ueVkyWREG0II9DRVPcAI.mft (raw, json)
Hash identifier:          pl76cVApYmw1YD/oXStFu/0XvB31AhqbST3xe4EPYKw=
Subject key identifier:   5C:BF:21:6F:B2:B3:AA:23:39:0F:FA:42:20:F2:E0:63:C4:9C:A9:8B
Authority key identifier: 9A:01:A5:EC:DE:2E:79:59:32:59:11:06:D0:82:3D:0D:15:4F:70:02
Certificate issuer:       /CN=9a01a5ecde2e795932591106d0823d0d154f7002
Certificate serial:       019CAB6B0C19009F4ECF8D54ECE246564A1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
Manifest number:          0972
Signing time:             Sun 01 Mar 2026 22:00:45 +0000
Manifest this update:     Sun 01 Mar 2026 22:00:45 +0000
Manifest next update:     Mon 02 Mar 2026 22:00:45 +0000
Files and hashes:         1: mgGl7N4ueVkyWREG0II9DRVPcAI.crl (hash: j0myLQNmXqI4uMRlMsxEwjg5IiyuWqQk2U70iCkBx7s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ab:6b:0c:19:00:9f:4e:cf:8d:54:ec:e2:46:56:4a:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a01a5ecde2e795932591106d0823d0d154f7002
        Validity
            Not Before: Mar  1 22:00:45 2026 GMT
            Not After : Mar  2 22:00:45 2026 GMT
        Subject: CN=5cbf216fb2b3aa23390ffa4220f2e063c49ca98b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:31:fd:27:53:0c:4c:5b:06:e6:e4:76:60:d8:
                    b4:54:68:e7:64:29:07:32:33:44:50:d6:c9:ee:a7:
                    4d:17:61:e8:84:22:4f:37:a1:83:29:d0:e9:fc:21:
                    78:81:31:39:84:23:32:8b:1f:69:be:f9:36:ff:2b:
                    09:3e:ef:80:cf:ed:12:2f:f4:69:5e:1d:72:b1:84:
                    07:b5:55:c6:b5:b4:b0:5e:a0:a7:c5:ec:d9:90:f1:
                    49:ab:38:1b:fe:b0:5b:73:b9:c5:59:60:d1:21:6f:
                    1e:22:97:0e:7f:72:b2:f2:a4:79:10:64:f5:95:1f:
                    ca:09:3c:db:87:c7:3f:a4:6f:df:2e:77:f1:be:b5:
                    68:1f:78:44:cb:1d:88:ad:2d:04:d7:95:b2:4a:b6:
                    62:4f:53:a6:94:c8:af:ce:ee:60:35:63:01:99:85:
                    c3:d4:cb:7c:c1:fd:e5:df:a1:a6:dd:55:e4:09:1c:
                    16:1d:0b:cd:36:1d:66:03:d2:11:b3:a5:78:8a:1d:
                    50:d7:fe:4c:cb:2f:5e:9a:5e:25:5b:72:11:3e:4a:
                    ff:5d:06:d8:36:57:03:b7:06:d1:a0:30:18:2d:fc:
                    35:bd:c6:14:78:54:bc:96:7c:5a:1e:4c:64:0a:63:
                    d0:c4:b4:6b:87:bd:1c:86:e6:10:87:5b:d3:22:a7:
                    5d:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:BF:21:6F:B2:B3:AA:23:39:0F:FA:42:20:F2:E0:63:C4:9C:A9:8B
            X509v3 Authority Key Identifier:
                keyid:9A:01:A5:EC:DE:2E:79:59:32:59:11:06:D0:82:3D:0D:15:4F:70:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mgGl7N4ueVkyWREG0II9DRVPcAI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/863c04-b07e-4c3a-9f45-fe2474d2f07c/1/mgGl7N4ueVkyWREG0II9DRVPcAI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:c8:4a:12:8e:da:d5:c7:a1:02:d5:6b:71:d7:43:14:7d:e1:
         98:a7:f9:af:e5:8e:54:1f:b6:47:38:fd:08:66:b0:55:5a:96:
         f2:b5:23:e7:b5:96:bc:0c:9c:44:ad:8e:f1:1f:d3:5a:53:ab:
         4f:1c:ab:f7:b2:20:b4:f5:30:00:7e:84:b9:7e:f5:b2:06:34:
         6a:1b:3a:a1:42:a6:ce:10:a7:35:d5:f3:a8:e8:1a:73:1d:b5:
         80:9d:b1:80:d4:75:a3:44:4f:fd:e3:df:4e:92:61:1e:72:00:
         01:10:98:82:25:58:f4:03:a8:4c:b4:bb:92:2c:ba:d3:73:f8:
         78:0f:4b:b2:d9:ab:60:a7:a3:29:03:48:a7:8a:26:95:21:59:
         e4:6e:53:38:a0:b6:a3:85:e6:80:b5:d9:54:3a:0b:20:90:7a:
         0b:80:5e:63:87:35:0e:10:a6:48:cf:8e:27:15:09:d2:f8:21:
         34:4f:fd:89:43:12:98:72:0c:d4:07:69:83:0d:13:e0:6a:76:
         b0:7c:63:ce:04:10:a8:44:a1:98:f8:ec:5d:fd:41:99:8f:2c:
         1c:7d:cc:8d:64:d8:28:95:24:99:fa:63:9c:b9:e2:b0:0c:84:
         78:77:ee:be:cf:d6:ad:1a:9f:7f:24:4f:11:ed:6f:0c:06:5e:
         0a:87:f4:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrawwZAJ9Oz41U7OJGVkodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMDFhNWVjZGUyZTc5NTkzMjU5MTEwNmQwODIzZDBkMTU0
ZjcwMDIwHhcNMjYwMzAxMjIwMDQ1WhcNMjYwMzAyMjIwMDQ1WjAzMTEwLwYDVQQD
Eyg1Y2JmMjE2ZmIyYjNhYTIzMzkwZmZhNDIyMGYyZTA2M2M0OWNhOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5jH9J1MMTFsG5uR2YNi0VGjnZCkH
MjNEUNbJ7qdNF2HohCJPN6GDKdDp/CF4gTE5hCMyix9pvvk2/ysJPu+Az+0SL/Rp
Xh1ysYQHtVXGtbSwXqCnxezZkPFJqzgb/rBbc7nFWWDRIW8eIpcOf3Ky8qR5EGT1
lR/KCTzbh8c/pG/fLnfxvrVoH3hEyx2IrS0E15WySrZiT1OmlMivzu5gNWMBmYXD
1Mt8wf3l36Gm3VXkCRwWHQvNNh1mA9IRs6V4ih1Q1/5Myy9eml4lW3IRPkr/XQbY
NlcDtwbRoDAYLfw1vcYUeFS8lnxaHkxkCmPQxLRrh70chuYQh1vTIqddJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFy/IW+ys6ojOQ/6QiDy4GPEnKmLMB8GA1UdIwQY
MBaAFJoBpezeLnlZMlkRBtCCPQ0VT3ACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84NjNjMDQtYjA3ZS00YzNhLTlmNDUt
ZmUyNDc0ZDJmMDdjLzEvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84NjNjMDQtYjA3ZS00YzNhLTlmNDUtZmUyNDc0ZDJmMDdj
LzEvbWdHbDdONHVlVmt5V1JFRzBJSTlEUlZQY0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO8hKEo7a
1cehAtVrcddDFH3hmKf5r+WOVB+2Rzj9CGawVVqW8rUj57WWvAycRK2O8R/TWlOr
Txyr97IgtPUwAH6EuX71sgY0ahs6oUKmzhCnNdXzqOgacx21gJ2xgNR1o0RP/ePf
TpJhHnIAARCYgiVY9AOoTLS7kiy603P4eA9LstmrYKejKQNIp4omlSFZ5G5TOKC2
o4XmgLXZVDoLIJB6C4BeY4c1DhCmSM+OJxUJ0vghNE/9iUMSmHIM1Adpgw0T4Gp2
sHxjzgQQqEShmPjsXf1BmY8sHH3MjWTYKJUkmfpjnLnisAyEeHfuvs/WrRqffyRP
Ee1vDAZeCof0VQ==
-----END CERTIFICATE-----