Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
File:                     qyt5QmiS7R2nsuYYZ3DPsErmA80.mft (raw, json)
Hash identifier:          nsLon4LlGSOfdZFcRa6A9W3eKdJYmId811Vop40pShA=
Subject key identifier:   D1:D2:9F:31:E9:D8:F5:5B:19:9C:1B:51:BE:B9:78:7F:E8:61:B5:1D
Authority key identifier: AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD
Certificate issuer:       /CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
Certificate serial:       019CAC0FE9F40E92C2F57471856BA7C84C10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
Manifest number:          0AEC
Signing time:             Mon 02 Mar 2026 01:00:49 +0000
Manifest this update:     Mon 02 Mar 2026 01:00:49 +0000
Manifest next update:     Tue 03 Mar 2026 01:00:49 +0000
Files and hashes:         1: qyt5QmiS7R2nsuYYZ3DPsErmA80.crl (hash: kG/FF7/qhPPgQ4kJFC76M2X9+rQ92ITV+rxqIOubetI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 00:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ac:0f:e9:f4:0e:92:c2:f5:74:71:85:6b:a7:c8:4c:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab2b79426892ed1da7b2e6186770cfb04ae603cd
        Validity
            Not Before: Mar  2 01:00:49 2026 GMT
            Not After : Mar  3 01:00:49 2026 GMT
        Subject: CN=d1d29f31e9d8f55b199c1b51beb9787fe861b51d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:13:ec:87:4c:21:51:66:71:0d:1e:3a:d1:0a:
                    07:a2:53:1a:72:81:27:6b:53:19:b9:a6:72:58:13:
                    31:20:da:c2:e7:fb:93:8f:55:d6:37:ea:3e:8b:62:
                    02:bf:e5:b5:a1:67:e9:bd:ef:8f:46:e7:9e:5d:b7:
                    d8:25:2a:fe:ca:18:5a:25:0a:b1:7e:42:3b:ca:b8:
                    8f:c1:35:01:10:70:cb:f5:d0:42:4d:b3:1e:61:e9:
                    83:21:52:61:75:5e:32:57:d5:83:0d:7c:6c:60:cb:
                    33:b9:52:91:48:f2:71:f6:8f:8f:41:fe:24:78:2e:
                    22:a6:5f:f1:59:53:d1:27:88:2c:e5:ec:e0:88:f2:
                    ed:eb:d5:95:11:8a:a5:0a:9a:68:09:18:13:24:fe:
                    e9:e2:39:54:fc:6c:5a:73:3d:2e:ed:e2:7d:e7:24:
                    c5:1c:8a:94:b0:d3:2b:37:34:48:82:e2:5e:d0:c3:
                    f9:20:4c:12:9b:a0:c6:68:6f:c4:8e:a7:b0:2f:13:
                    0e:25:bd:6e:2d:95:84:bf:82:45:b0:55:47:e7:a5:
                    ef:5e:40:e0:4c:57:37:19:2e:56:21:34:bd:04:a6:
                    6b:f9:29:62:38:43:a0:b2:f4:82:87:be:fa:a4:29:
                    29:6a:a6:c5:8b:74:0c:8e:1d:12:f7:da:61:ae:d7:
                    e5:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:D2:9F:31:E9:D8:F5:5B:19:9C:1B:51:BE:B9:78:7F:E8:61:B5:1D
            X509v3 Authority Key Identifier:
                keyid:AB:2B:79:42:68:92:ED:1D:A7:B2:E6:18:67:70:CF:B0:4A:E6:03:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qyt5QmiS7R2nsuYYZ3DPsErmA80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a26050-49ec-4955-9810-e5453707a58e/1/qyt5QmiS7R2nsuYYZ3DPsErmA80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:d6:20:61:db:a7:d6:ef:91:73:98:ae:7e:93:3d:7d:65:01:
         55:5f:32:21:26:3a:ea:1f:c1:06:5c:a7:70:c6:46:99:1d:58:
         5e:e0:d6:0c:d0:ad:33:07:5a:1b:76:24:19:5a:4d:53:53:d2:
         6d:d5:58:fe:19:56:63:33:cb:e7:ed:ce:4f:62:11:8f:af:ed:
         dc:57:dc:ee:06:42:4a:c6:28:ca:2a:41:50:17:52:14:fe:d5:
         39:9e:b9:8a:ce:94:24:b9:4b:21:97:d6:6b:e2:34:7a:d3:35:
         a0:f8:27:d1:2b:3b:f9:37:a7:7f:ec:9c:c1:6a:c9:f7:31:a5:
         f9:a2:d9:55:30:c1:1e:45:f5:d2:11:d1:6e:9f:af:3b:4e:c4:
         1b:28:6d:27:9a:b7:97:0c:55:93:a7:7d:4b:65:a5:ea:fa:4d:
         5c:4f:8f:69:90:d9:20:99:46:83:4f:41:fc:bf:09:04:b7:65:
         85:56:20:76:fc:65:56:8f:07:5b:d5:de:51:a4:67:99:ec:75:
         f9:5b:42:da:d3:00:6c:3b:08:d1:77:0b:fd:eb:58:a4:7a:93:
         cc:5b:67:1d:3b:02:36:08:37:06:6b:08:54:53:8e:23:6d:5a:
         83:17:a6:d3:98:80:34:9a:6d:e9:5c:02:c1:0a:cd:36:1c:03:
         8d:c1:77:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysD+n0DpLC9XRxhWunyEwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMmI3OTQyNjg5MmVkMWRhN2IyZTYxODY3NzBjZmIwNGFl
NjAzY2QwHhcNMjYwMzAyMDEwMDQ5WhcNMjYwMzAzMDEwMDQ5WjAzMTEwLwYDVQQD
EyhkMWQyOWYzMWU5ZDhmNTViMTk5YzFiNTFiZWI5Nzg3ZmU4NjFiNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hPsh0whUWZxDR460QoHolMacoEn
a1MZuaZyWBMxINrC5/uTj1XWN+o+i2ICv+W1oWfpve+PRueeXbfYJSr+yhhaJQqx
fkI7yriPwTUBEHDL9dBCTbMeYemDIVJhdV4yV9WDDXxsYMszuVKRSPJx9o+PQf4k
eC4ipl/xWVPRJ4gs5ezgiPLt69WVEYqlCppoCRgTJP7p4jlU/Gxacz0u7eJ95yTF
HIqUsNMrNzRIguJe0MP5IEwSm6DGaG/EjqewLxMOJb1uLZWEv4JFsFVH56XvXkDg
TFc3GS5WITS9BKZr+SliOEOgsvSCh776pCkpaqbFi3QMjh0S99phrtflSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHSnzHp2PVbGZwbUb65eH/oYbUdMB8GA1UdIwQY
MBaAFKsreUJoku0dp7LmGGdwz7BK5gPNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAt
ZTU0NTM3MDdhNThlLzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hMjYwNTAtNDllYy00OTU1LTk4MTAtZTU0NTM3MDdhNThl
LzEvcXl0NVFtaVM3UjJuc3VZWVozRFBzRXJtQTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKtYgYdun
1u+Rc5iufpM9fWUBVV8yISY66h/BBlyncMZGmR1YXuDWDNCtMwdaG3YkGVpNU1PS
bdVY/hlWYzPL5+3OT2IRj6/t3Ffc7gZCSsYoyipBUBdSFP7VOZ65is6UJLlLIZfW
a+I0etM1oPgn0Ss7+Tenf+ycwWrJ9zGl+aLZVTDBHkX10hHRbp+vO07EGyhtJ5q3
lwxVk6d9S2Wl6vpNXE+PaZDZIJlGg09B/L8JBLdlhVYgdvxlVo8HW9XeUaRnmex1
+VtC2tMAbDsI0XcL/etYpHqTzFtnHTsCNgg3BmsIVFOOI21agxem05iANJpt6VwC
wQrNNhwDjcF37A==
-----END CERTIFICATE-----