Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
File:                     obtQVKF8yU__wrwpWhW_74qQQwo.mft (raw, json)
Hash identifier:          NXmPTFh05AyU7hXWUiXf7Hcf4wTXafVoCudANHnFL2A=
Subject key identifier:   80:7E:A3:3F:FC:A8:B6:A8:BA:AB:50:1C:DB:07:6E:D3:86:71:07:44
Authority key identifier: A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A
Certificate issuer:       /CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
Certificate serial:       019CAA59364FE090E2E9A6C7D53B985A3855
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
Manifest number:          085A
Signing time:             Sun 01 Mar 2026 17:01:39 +0000
Manifest this update:     Sun 01 Mar 2026 17:01:39 +0000
Manifest next update:     Mon 02 Mar 2026 17:01:39 +0000
Files and hashes:         1: obtQVKF8yU__wrwpWhW_74qQQwo.crl (hash: YVoRiJd0CQoxm4nETjdPheKa9k7kYTJ5XAxZ5FLp9es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 17:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:aa:59:36:4f:e0:90:e2:e9:a6:c7:d5:3b:98:5a:38:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
        Validity
            Not Before: Mar  1 17:01:39 2026 GMT
            Not After : Mar  2 17:01:39 2026 GMT
        Subject: CN=807ea33ffca8b6a8baab501cdb076ed386710744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:10:f3:22:ea:47:34:e0:f5:44:f6:e6:4e:26:
                    46:c3:a4:9b:79:c3:48:0c:bd:64:c3:93:54:9a:3c:
                    3a:fa:d8:cb:8e:9a:c5:55:03:1f:78:63:b9:dc:d4:
                    54:7c:01:07:bd:3c:34:bd:d1:3c:6e:1f:97:ce:2e:
                    6b:7d:66:1a:42:20:82:2c:0c:e3:3b:a5:64:9f:cb:
                    81:4c:6d:73:cb:40:ab:17:78:e6:56:c4:f2:06:9f:
                    8c:35:82:70:c1:82:e6:93:79:7a:b1:d8:a9:4e:61:
                    73:32:03:5c:35:c0:32:e9:64:32:23:f1:b0:30:2e:
                    d9:b7:5d:8e:ae:8c:e1:00:4c:9e:58:04:db:24:3b:
                    e6:cb:9d:c2:c6:d9:ea:05:94:33:15:a4:d7:61:52:
                    39:be:b7:97:4f:26:e1:c4:b4:9d:5b:a3:3e:9b:8d:
                    d0:66:68:e7:03:c8:d8:b1:9f:24:10:be:10:ef:1e:
                    4e:46:8d:dd:13:10:51:0e:8b:66:53:1d:1f:ee:79:
                    6b:6f:38:ae:5e:fd:14:90:f4:4d:ca:fa:6f:cc:d1:
                    77:fc:4b:3c:fe:8f:d8:a2:e2:6e:23:96:c3:56:3f:
                    5a:e4:80:ef:fe:e9:a4:22:5a:52:25:c0:1f:83:59:
                    c4:87:41:66:42:86:e8:77:ae:92:ed:1b:6c:54:f3:
                    86:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:7E:A3:3F:FC:A8:B6:A8:BA:AB:50:1C:DB:07:6E:D3:86:71:07:44
            X509v3 Authority Key Identifier:
                keyid:A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:55:3d:86:bb:d6:83:28:20:54:29:20:ca:a5:51:7c:68:93:
         20:b5:e6:8e:2d:48:cb:35:f0:de:62:d7:9b:6c:02:73:c1:8b:
         66:1a:ee:05:b2:bf:4a:f2:0c:29:9f:81:d0:27:e5:10:2b:f4:
         6a:0d:cc:03:93:64:f6:46:57:73:8f:5e:ed:a0:7a:5f:b2:32:
         7a:98:d2:74:86:5e:07:8d:f0:bd:f5:60:6f:5e:99:8d:37:7d:
         d7:d5:90:92:21:c8:59:99:3e:09:83:03:e2:a8:cb:d3:1d:f2:
         7e:f3:d3:99:03:4c:f9:01:1a:b7:56:5f:b1:ba:8c:05:e1:4c:
         5b:59:6c:44:f7:8e:76:5f:f0:27:fd:15:9b:9d:db:8d:df:2d:
         e7:dd:6d:08:df:61:a9:21:3d:c3:6f:49:ed:ed:7d:13:e9:d0:
         47:9d:4f:22:46:77:6e:2c:7b:b3:52:d2:10:14:dd:0a:9a:a6:
         33:89:d0:e1:70:5c:d3:cc:91:9f:ae:e0:81:b1:41:1f:13:44:
         4a:2a:91:09:eb:f0:93:55:fe:a4:9f:d4:24:55:d9:a8:a3:53:
         46:3f:c1:8e:37:6b:84:5b:b2:9e:c3:1c:78:95:ad:f2:f0:bf:
         6c:64:fe:4a:d5:69:0e:a9:84:da:d7:61:6b:3e:c4:3f:eb:04:
         b6:8e:d4:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWTZP4JDi6abH1TuYWjhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYmI1MDU0YTE3Y2M5NGZmZmMyYmMyOTVhMTViZmVmOGE5
MDQzMGEwHhcNMjYwMzAxMTcwMTM5WhcNMjYwMzAyMTcwMTM5WjAzMTEwLwYDVQQD
Eyg4MDdlYTMzZmZjYThiNmE4YmFhYjUwMWNkYjA3NmVkMzg2NzEwNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBDzIupHNOD1RPbmTiZGw6SbecNI
DL1kw5NUmjw6+tjLjprFVQMfeGO53NRUfAEHvTw0vdE8bh+Xzi5rfWYaQiCCLAzj
O6Vkn8uBTG1zy0CrF3jmVsTyBp+MNYJwwYLmk3l6sdipTmFzMgNcNcAy6WQyI/Gw
MC7Zt12OrozhAEyeWATbJDvmy53CxtnqBZQzFaTXYVI5vreXTybhxLSdW6M+m43Q
ZmjnA8jYsZ8kEL4Q7x5ORo3dExBRDotmUx0f7nlrbziuXv0UkPRNyvpvzNF3/Es8
/o/YouJuI5bDVj9a5IDv/umkIlpSJcAfg1nEh0FmQobod66S7RtsVPOG1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIB+oz/8qLaouqtQHNsHbtOGcQdEMB8GA1UdIwQY
MBaAFKG7UFShfMlP/8K8KVoVv++KkEMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgt
NzIyNTVkMjQ5YzVkLzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgtNzIyNTVkMjQ5YzVk
LzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAFU9hrvW
gyggVCkgyqVRfGiTILXmji1IyzXw3mLXm2wCc8GLZhruBbK/SvIMKZ+B0CflECv0
ag3MA5Nk9kZXc49e7aB6X7IyepjSdIZeB43wvfVgb16ZjTd919WQkiHIWZk+CYMD
4qjL0x3yfvPTmQNM+QEat1ZfsbqMBeFMW1lsRPeOdl/wJ/0Vm53bjd8t591tCN9h
qSE9w29J7e19E+nQR51PIkZ3bix7s1LSEBTdCpqmM4nQ4XBc08yRn67ggbFBHxNE
SiqRCevwk1X+pJ/UJFXZqKNTRj/BjjdrhFuynsMceJWt8vC/bGT+StVpDqmE2tdh
az7EP+sEto7UuA==
-----END CERTIFICATE-----