Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
File:                     O1HtwFDk-YX73VeMzgKtyIDGyKc.mft (raw, json)
Hash identifier:          GilSj00VrbwnApH/lb/ls9PBb2dWlMjodcO3pxSzJsg=
Subject key identifier:   1E:1C:75:03:D7:CB:D2:2A:24:23:72:11:19:E8:DB:8D:D5:BF:E1:FD
Authority key identifier: 3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7
Certificate issuer:       /CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
Certificate serial:       019CAD5958EF9118F132142A83633F9FC7CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
Manifest number:          0FA1
Signing time:             Mon 02 Mar 2026 07:00:39 +0000
Manifest this update:     Mon 02 Mar 2026 07:00:39 +0000
Manifest next update:     Tue 03 Mar 2026 07:00:39 +0000
Files and hashes:         1: O1HtwFDk-YX73VeMzgKtyIDGyKc.crl (hash: dwypVFRgITfIVojZEujbhZpPpBtG5zBpBo2nOnrXetY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:58:ef:91:18:f1:32:14:2a:83:63:3f:9f:c7:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b51edc050e4f985fbdd578cce02adc880c6c8a7
        Validity
            Not Before: Mar  2 07:00:39 2026 GMT
            Not After : Mar  3 07:00:39 2026 GMT
        Subject: CN=1e1c7503d7cbd22a2423721119e8db8dd5bfe1fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9a:fe:7d:aa:a0:4c:85:d6:d8:cb:72:20:f0:
                    7f:64:01:45:5a:19:27:47:9c:68:84:58:d2:10:31:
                    44:2a:ca:6e:dd:1c:2f:55:eb:ab:d7:5d:60:21:1d:
                    69:76:f0:06:55:c4:22:dc:85:b8:c4:ae:ab:2a:33:
                    4e:34:38:30:8b:96:17:96:6f:a7:58:7e:5a:19:24:
                    7f:41:ea:2c:bc:48:cb:14:34:7e:82:25:e8:bd:9f:
                    9c:03:1f:bf:a8:ed:ed:74:ff:91:70:d2:b0:dd:88:
                    2f:8e:ed:32:3d:f3:f5:13:bb:18:42:f4:7e:26:7c:
                    ed:4e:8a:7c:b6:3f:2f:d9:45:ca:5e:82:4a:9e:7b:
                    16:2f:a7:f9:3e:01:7b:75:72:9d:ea:c4:60:f2:66:
                    ec:8f:f6:9a:02:d0:f6:61:86:60:1c:be:51:b1:d9:
                    85:e1:c1:1e:81:f4:14:df:74:b5:31:0f:4e:b3:d1:
                    79:3e:d7:92:8c:fb:27:a8:e4:70:2f:15:3d:58:9f:
                    8d:f8:e9:19:59:66:f1:8d:48:99:56:dc:c3:1d:96:
                    54:59:bb:65:30:3a:a5:ae:8f:af:81:04:d3:76:c4:
                    59:35:f9:b0:c6:03:6c:3b:a1:69:e4:64:54:86:c7:
                    49:83:f0:62:f7:df:5f:b5:eb:93:8f:3c:61:6f:e7:
                    6a:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:1C:75:03:D7:CB:D2:2A:24:23:72:11:19:E8:DB:8D:D5:BF:E1:FD
            X509v3 Authority Key Identifier:
                keyid:3B:51:ED:C0:50:E4:F9:85:FB:DD:57:8C:CE:02:AD:C8:80:C6:C8:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1HtwFDk-YX73VeMzgKtyIDGyKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ca71c8-13ba-471b-af98-bcca61e39cc3/1/O1HtwFDk-YX73VeMzgKtyIDGyKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:a1:3e:0e:96:f6:19:5d:15:46:6c:20:ff:93:5f:59:d2:ad:
         3f:bd:62:1f:27:fe:8c:62:68:e1:b8:fc:fd:ed:ba:f4:4a:07:
         39:97:6f:f1:65:22:06:c8:de:d2:17:0c:0a:06:f0:8f:3c:fe:
         18:99:c5:37:58:fb:38:b0:42:6b:4f:56:ae:ca:cc:30:73:34:
         d4:51:f6:c9:ee:26:44:62:b2:d7:1f:a6:24:8a:0f:41:7f:bf:
         95:83:99:cd:d8:f5:d7:da:6d:3c:82:35:fd:1d:3a:e0:4e:a7:
         bb:0c:2a:49:f5:91:41:11:d8:f9:80:b9:e1:c0:21:94:e3:35:
         4c:06:18:25:96:df:ca:e9:b4:cb:40:77:54:82:9a:2a:8e:44:
         04:1f:8e:7d:84:c3:4d:ed:fa:71:6b:43:ad:98:3f:d5:1c:9f:
         65:ef:a5:df:47:06:9c:a8:2a:51:c5:2d:3a:56:8c:32:41:4f:
         02:a1:c5:cc:f6:e5:60:66:9d:3a:ff:a3:c6:0d:ec:b2:bd:b4:
         13:ee:7a:8a:9b:7a:cf:04:c2:a8:9b:71:e3:b2:0d:2d:68:75:
         bd:9e:9e:fb:d2:c0:e7:a9:2b:c0:86:78:db:93:02:c9:d3:8d:
         be:95:80:57:a6:02:af:ff:fe:05:01:50:25:18:a7:b6:e6:cb:
         c2:35:42:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWVjvkRjxMhQqg2M/n8fOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTFlZGMwNTBlNGY5ODVmYmRkNTc4Y2NlMDJhZGM4ODBj
NmM4YTcwHhcNMjYwMzAyMDcwMDM5WhcNMjYwMzAzMDcwMDM5WjAzMTEwLwYDVQQD
EygxZTFjNzUwM2Q3Y2JkMjJhMjQyMzcyMTExOWU4ZGI4ZGQ1YmZlMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5r+faqgTIXW2MtyIPB/ZAFFWhkn
R5xohFjSEDFEKspu3RwvVeur111gIR1pdvAGVcQi3IW4xK6rKjNONDgwi5YXlm+n
WH5aGSR/QeosvEjLFDR+giXovZ+cAx+/qO3tdP+RcNKw3Ygvju0yPfP1E7sYQvR+
JnztTop8tj8v2UXKXoJKnnsWL6f5PgF7dXKd6sRg8mbsj/aaAtD2YYZgHL5RsdmF
4cEegfQU33S1MQ9Os9F5PteSjPsnqORwLxU9WJ+N+OkZWWbxjUiZVtzDHZZUWbtl
MDqlro+vgQTTdsRZNfmwxgNsO6Fp5GRUhsdJg/Bi999fteuTjzxhb+dqYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4cdQPXy9IqJCNyERno243Vv+H9MB8GA1UdIwQY
MBaAFDtR7cBQ5PmF+91XjM4CrciAxsinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgt
YmNjYTYxZTM5Y2MzLzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jYTcxYzgtMTNiYS00NzFiLWFmOTgtYmNjYTYxZTM5Y2Mz
LzEvTzFIdHdGRGstWVg3M1ZlTXpnS3R5SURHeUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlKE+Dpb2
GV0VRmwg/5NfWdKtP71iHyf+jGJo4bj8/e269EoHOZdv8WUiBsje0hcMCgbwjzz+
GJnFN1j7OLBCa09WrsrMMHM01FH2ye4mRGKy1x+mJIoPQX+/lYOZzdj119ptPII1
/R064E6nuwwqSfWRQRHY+YC54cAhlOM1TAYYJZbfyum0y0B3VIKaKo5EBB+OfYTD
Te36cWtDrZg/1RyfZe+l30cGnKgqUcUtOlaMMkFPAqHFzPblYGadOv+jxg3ssr20
E+56ipt6zwTCqJtx47INLWh1vZ6e+9LA56krwIZ425MCydONvpWAV6YCr//+BQFQ
JRintubLwjVCWg==
-----END CERTIFICATE-----